Aces&Eights
-
Content Count
15 -
Joined
-
Last visited
Content Type
Profiles
Forums
Calendar
Posts posted by Aces&Eights
-
-
Ryan,
I got the restore to work by turning off the disk watching and restarting as instructed.
I am still using Mozilla 1.7.3. with my Cache directories going to a partiitioned I:drive (4Gb). this allows for easier cleanup and keeps the C drive from getting fragmented as bad. I do not disk monitor this drive btw. Is this messing up his cleaner program?
Here is the new KAV Log. and HJT log.
Thanks
Aces
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Monday, April 23, 2007 9:41:17 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 23/04/2007
Kaspersky Anti-Virus database records: 283071
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
L:\
M:\
N:\
O:\
Scan Statistics:
Total number of scanned objects: 233796
Number of viruses found: 0
Number of infected objects: 0 / 0
Number of suspicious objects: 0
Duration of the scan process: 03:30:32
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\denisekc\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\denisekc\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\denisekc\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\denisekc\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\denisekc\Local Settings\History\History.IE5\MSHist012007042220070423\index.dat Object is locked skipped
C:\Documents and Settings\denisekc\ntuser.dat Object is locked skipped
C:\Documents and Settings\denisekc\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\denisekc\UserData\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\iwctrllog.txt Object is locked skipped
C:\Program Files\Agnitum\Outpost Firewall\op_data.ldb Object is locked skipped
C:\Program Files\Agnitum\Outpost Firewall\op_data.mdb Object is locked skipped
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2007-04-20.01-31-31.log Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\master.mdf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\mastlog.ldf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\model.mdf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\modellog.ldf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext.mdf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext_log.LDF Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\tempdb.mdf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\templog.ldf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\LOG\ERRORLOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{03A71E09-0E8C-4C31-BFF6-F78F30BC6FD0}\RP5\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\config\default.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\config\software.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\config\system.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\DRIVERS\sptd.sys Object is locked skipped
C:\WINDOWS\SYSTEM32\DRIVERS\vaxscsi.sys Object is locked skipped
C:\WINDOWS\SYSTEM32\h323log.txt Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\TEMP\JET8056.tmp Object is locked skipped
C:\WINDOWS\TEMP\Perflib_Perfdata_374.dat Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
I:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
J:\ie_cache\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
J:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
Logfile of HijackThis v1.99.1
Scan saved at 9:42:14 PM, on 4/23/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
C:\Program Files\Yahoo!\YOP\yop.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\hjt\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://att.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AT&T WorldNet Service
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
N1 - Netscape 4: user_pref("browser.startup.homepage", "http://www.crh.noaa.gov/ict/mainpg/mainpg.php"); (C:\Program Files\Netscape\Users\denisekc\prefs.js)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [iW_Drop_Icon] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /DropDisc
O4 - HKCU\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AT&T Yahoo! Online Protection (2).lnk = C:\Program Files\Yahoo!\YOP\yop.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\instant messenger\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://www.bulletinboards.com/CFIDE/classes/CFJava.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PPPoE Service (PPPoEService) - Unknown owner - C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\SYSTEM32\YPCSER~1.EXE
-
Ryan,
Sorry for the delay in responding. I appreciate your help. I was just on a shift that isn't conducive to troubleshooting pc problems.
WinXP would let me set a new restore point. It kept saying Cound not set restore point, reboot and then try. Which of course didn't work either. But I did eliminate the other problems. Also ATF cleaner still has the Firefow tab greyed out, so was unable to scan this as well. I tried to email ATF tech support but it bounced.
IE continues to load VERY slow. BTW.
I am considering buying the full version of Kapersky Virus Scan. would you recommend this?
Here is the new Kapersky scan and HIjack Log.
Thanks,
Aces
Logfile of HijackThis v1.99.1
Scan saved at 7:31:45 PM, on 4/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
C:\Program Files\Yahoo!\YOP\yop.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\hjt\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://att.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AT&T WorldNet Service
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
N1 - Netscape 4: user_pref("browser.startup.homepage", "http://www.crh.noaa.gov/ict/mainpg/mainpg.php"); (C:\Program Files\Netscape\Users\denisekc\prefs.js)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [iW_Drop_Icon] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /DropDisc
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AT&T Yahoo! Online Protection (2).lnk = C:\Program Files\Yahoo!\YOP\yop.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\instant messenger\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://www.bulletinboards.com/CFIDE/classes/CFJava.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PPPoE Service (PPPoEService) - Unknown owner - C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\SYSTEM32\YPCSER~1.EXE
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, April 17, 2007 7:26:30 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 17/04/2007
Kaspersky Anti-Virus database records: 281224
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
L:\
M:\
N:\
O:\
Scan Statistics:
Total number of scanned objects: 233689
Number of viruses found: 1
Number of infected objects: 4 / 0
Number of suspicious objects: 0
Duration of the scan process: 03:07:32
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\denisekc\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\denisekc\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\denisekc\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\denisekc\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\denisekc\Local Settings\History\History.IE5\MSHist012007041720070418\index.dat Object is locked skipped
C:\Documents and Settings\denisekc\ntuser.dat Object is locked skipped
C:\Documents and Settings\denisekc\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\iwctrllog.txt Object is locked skipped
C:\Program Files\Agnitum\Outpost Firewall\op_data.ldb Object is locked skipped
C:\Program Files\Agnitum\Outpost Firewall\op_data.mdb Object is locked skipped
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2007-04-16.00-27-07.log Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\master.mdf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\mastlog.ldf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\model.mdf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\modellog.ldf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext.mdf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext_log.LDF Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\tempdb.mdf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\templog.ldf Object is locked skipped
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\LOG\ERRORLOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{03A71E09-0E8C-4C31-BFF6-F78F30BC6FD0}\RP641\A0072054.exe/irsetup.dat Infected: Trojan-Dropper.Win32.Peerad.a skipped
C:\System Volume Information\_restore{03A71E09-0E8C-4C31-BFF6-F78F30BC6FD0}\RP641\A0072054.exe SetupFactory: infected - 1 skipped
C:\System Volume Information\_restore{03A71E09-0E8C-4C31-BFF6-F78F30BC6FD0}\RP641\A0072056.exe/irsetup.dat Infected: Trojan-Dropper.Win32.Peerad.a skipped
C:\System Volume Information\_restore{03A71E09-0E8C-4C31-BFF6-F78F30BC6FD0}\RP641\A0072056.exe SetupFactory: infected - 1 skipped
C:\System Volume Information\_restore{03A71E09-0E8C-4C31-BFF6-F78F30BC6FD0}\RP656\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\config\default.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\config\software.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\config\system.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\DRIVERS\sptd.sys Object is locked skipped
C:\WINDOWS\SYSTEM32\DRIVERS\vaxscsi.sys Object is locked skipped
C:\WINDOWS\SYSTEM32\h323log.txt Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\TEMP\JETCB25.tmp Object is locked skipped
C:\WINDOWS\TEMP\Perflib_Perfdata_3a8.dat Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
I:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
J:\ie_cache\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
J:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
-
Ryan,
Here is the Scan log.
Aces
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, April 11, 2007 8:12:20 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 11/04/2007
Kaspersky Anti-Virus database records: 294623
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
L:\
M:\
N:\
O:\
Scan Statistics:
Total number of scanned objects: 209206
Number of viruses found: 7
Number of infected objects: 28 / 0
Number of suspicious objects: 0
Duration of the scan process: 03:27:16
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\denisekc\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\denisekc\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\denisekc\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\denisekc\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\denisekc\Local Settings\History\History.IE5\MSHist012007041120070412\index.dat Object is locked skipped
C:\Documents and Settings\denisekc\ntuser.dat Object is locked skipped
C:\Documents and Settings\denisekc\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\denisekc\UserData\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\download\Forces_of_corruption\Crack_NoCd_ Star Wars Empire at War Forces of Corruption\install.exe/irsetup.dat Infected: Trojan-Dropper.Win32.Peerad.a skipped
C:\download\Forces_of_corruption\Crack_NoCd_ Star Wars Empire at War Forces of Corruption\install.exe SetupFactory: infected - 1 skipped
C:\download\Forces_of_corruption\Crack_NoCd_ Star Wars Empire at War Forces of Corruption.zip/install.exe/irsetup.dat Infected: Trojan-Dropper.Win32.Peerad.a skipped
C:\download\Forces_of_corruption\Crack_NoCd_ Star Wars Empire at War Forces of Corruption.zip/install.exe Infected: Trojan-Dropper.Win32.Peerad.a skipped
C:\download\Forces_of_corruption\Crack_NoCd_ Star Wars Empire at War Forces of Corruption.zip ZIP: infected - 2 skipped
C:\download\Forces_of_corruption\NOCD Star Wars Empire at War Forces of Corruption crack.exe/irsetup.dat Infected: Trojan-Dropper.Win32.Peerad.a skipped
C:\download\Forces_of_corruption\NOCD Star Wars Empire at War Forces of Corruption crack.exe SetupFactory: infected - 1 skipped
C:\download\outpost\Agnitum Outpost Firewall 3.x [crack].rar/Agnitum Outpost Firewall 3.x [crack] .exe Infected: Backdoor.Win32.Agent.zb skipped
C:\download\outpost\Agnitum Outpost Firewall 3.x [crack].rar RAR: infected - 1 skipped
C:\download\prog_installs\mirc616.exe/data0001.bin Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
C:\download\prog_installs\mirc616.exe mIRC: infected - 1 skipped
C:\Pkware\PK263WSP.exe/TSADBOT.EXE Infected: not-a-virus:AdWare.Win32.TimeSink skipped
C:\Pkware\PK263WSP.exe ZIP: infected - 1 skipped
C:\Program Files\Agnitum\Outpost Firewall\op_data.ldb Object is locked skipped
C:\Program Files\Agnitum\Outpost Firewall\op_data.mdb Object is locked skipped
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2007-04-11.02-32-07.log Object is locked skipped
C:\Program Files\mirc\backup\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
C:\Program Files\mirc\backup\mirc32.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.582 skipped
C:\Program Files\mirc\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{03A71E09-0E8C-4C31-BFF6-F78F30BC6FD0}\RP632\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\config\default.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\config\software.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\config\system.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\DRIVERS\sptd.sys Object is locked skipped
C:\WINDOWS\SYSTEM32\DRIVERS\vaxscsi.sys Object is locked skipped
C:\WINDOWS\SYSTEM32\h323log.txt Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\TEMP\JETBBB9.tmp Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\Pkware\PK263WSP.exe/TSADBOT.EXE Infected: not-a-virus:AdWare.Win32.TimeSink skipped
D:\Pkware\PK263WSP.exe ZIP: infected - 1 skipped
D:\Program Files\mirc\backup\mirc32.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.582 skipped
D:\Program Files\mirc\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.603 skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{03A71E09-0E8C-4C31-BFF6-F78F30BC6FD0}\RP630\A0071548.dll Infected: not-a-virus:AdWare.Win32.Altnet.c skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
I:\download\prog_installs\mirc616.exe/data0001.bin Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
I:\download\prog_installs\mirc616.exe mIRC: infected - 1 skipped
I:\Pkware\PK263WSP.exe/TSADBOT.EXE Infected: not-a-virus:AdWare.Win32.TimeSink skipped
I:\Pkware\PK263WSP.exe ZIP: infected - 1 skipped
I:\Program Files\mirc\backup\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
I:\Program Files\mirc\backup\mirc32.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.582 skipped
I:\Program Files\mirc\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
I:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
J:\ie_cache\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
J:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
-
Ryan,
I ran ATF cleaner as instructed. but the Firefox tab was greyed out. It could be becuase I have my mozilla cache on a cache drive (seperate partiion). Here are the results of the AVG scan and the new hijakcthis log. Also the uninstall log.
AVG log is rather long. IE seems to be loading alot faster but AT+T Yahoo still takes awhile to load.
Thanks for your assisitance.
Aces
Logfile of HijackThis v1.99.1
Scan saved at 2:18:21 PM, on 4/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Yahoo!\YOP\yop.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\hjt\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://att.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AT&T WorldNet Service
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
N1 - Netscape 4: user_pref("browser.startup.homepage", "http://www.crh.noaa.gov/ict/mainpg/mainpg.php"); (C:\Program Files\Netscape\Users\denisekc\prefs.js)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AT&T Yahoo! Online Protection (2).lnk = C:\Program Files\Yahoo!\YOP\yop.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\instant messenger\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://www.bulletinboards.com/CFIDE/classes/CFJava.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PPPoE Service (PPPoEService) - Unknown owner - C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\SYSTEM32\YPCSER~1.EXE
UNINSTALL LOG:
"Doras Carnival Adventure (remove only)"
AC-3 ACM Decompressor
AC3Filter (remove only)
Active Disk
Active+ Software MIME Indexer
Adaptec UDF Reader
Ad-Aware SE Personal
Adobe Acrobat 5.0
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 9 ActiveX
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 7.0
Adobe Stock Photos 1.0
Advanced GIF Animator 2.12
Adventures of Bleeposaurus
Agnitum Outpost Firewall Pro
America Online
Anakin's Speedway
AOL Instant Messenger
Army Men
AT&T Connection Services Manager
AT&T Yahoo! Applications
ATI Display Driver
Audio MP3 Maker 1.13
AVG Anti-Spyware 7.5
Axis & Allies
Barbie In The 12 Dancing Princesses
Battlestations: Midway
Black and White
Blockpost plug-in for Agnitum Outpost Firewall (remove only)
Blue's 123 Time Activities
Blues Clues School
Blue's Room
BroadJump Client Foundation
Burning Monkey Solitaire 2
Cole2k Media - Codec Pack (Advanced)
Cole2k Media - Nero Audio Plugin Pack
Command & Conquer 3
Command & Conquer The First Decade
Cubis Gold
Cubis Gold 2
Descent 3
Dora the Explorer: Animal Adventures
Dragon's Lair 3D
eMule
EnterNet 300
exPressit S.E. 2.2
ffdshow (remove only)
Finding Nemo: Nemo's Underwater World of Fun
Freddi Fish The Case of the Haunted Schoolhouse
FreeSpace
GoldWave v5.12
Harry Potter
Harry Potter - Quidditch World Cup
HijackThis 1.99.1
Hollywood FX 5.5 Additional Effects
Hotfix for Windows XP (KB896344)
hp instant support
HP Memories Disc
HP OfficeJet/PSC Scrubber
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
HP Photo and Imaging 2.0 - hp psc 2200 series
hp psc 2200 series
hp psc 2200 series
ImageDrive (Ahead Software)
Imaginext Pirate Raider
Indeo® software
Instant Messenger
Intel HaM Modem Drivers and Utilities
Java 2 Runtime Environment, SE v1.4.2
Java 2 Runtime Environment, SE v1.4.2_03
Java 2 Runtime Environment, SE v1.4.2_04
JumpStart Pre-K v1.2
JumpStart Preschool v2.0
Larry's WordPerfect Indexer
Learning in Toyland
LEGO Digital Brick Palette - LEGO Factory
LEGO Digital Brick Palette - Make and Create
LEGO Digital Brick Palette - PAB 2004 LEGOLAND SE
LEGO Digital Designer
LEGO Star Wars
Lemmings Revolution
Logitech Desktop Messenger
Logitech Gaming Software
Macromedia Shockwave Player
Magic School Bus - Dinosaurs
Marvell Miniport Driver
MaxBlast 4
MediaRing Talk Release 7.2.026
MetFileRegenerator v3.013.2
Microsoft Combat Flight Simulator 2
Microsoft Combat Flight Simulator 3.1
Microsoft Data Access Components KB870669
Microsoft Office FrontPage 2003
Microsoft Office PowerPoint 2003
Microsoft Office Professional Edition 2003
Microsoft Office XP Professional with FrontPage
Microsoft Text-to-Speech Engine 4.0 (English)
mIRC
Mozilla (1.7.3)
Mp3tag Audio Indexer 1.00
My Sam's Club Digital Photo Center
Nero 7 Demo
Net2Phone/Net2Fax
Netscape Communicator 4.79
Nimo Codecs Pack v5.0 (Remove Only)
NTI CD-Maker 2000
NTI DriveBackup!
Oozic Player
Overnet (remove only)
PartitionMagic 5.0
PartyPoker
PCI Audio Driver
Pinball Panic
Pinnacle device drivers
Pinnacle Hollywood FX for Studio
Pinnacle Hollywood FX Pack - Extra FX
Pixie registration fix
PowerDVD
proDAD Heroglyph 1.0
Putt-Putt: Pep's Birthday Surprise
Quick View Plus
Quicken 2005
QuickLink MessageCenter III
QuickTime
RealPlayer
ReMixer MP3 to WAV Converter v1.2
Roxio PhotoSuite 5
SBC Yahoo! DSL Activation
SBC Yahoo! DSL Activation
Screenscapes
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB925486)
setup (Remove only)
Shockwave
SierraHome Hallmark Scrapbook Studio
SiS Audio Driver
Slingo Deluxe
SmartSound Quicktracks Plugin
Spybot - Search & Destroy 1.4
Star Wars Battlefront
Star Wars Battlefront II
Star Wars Empire at War
Star Wars Galactic Battlegrounds: Clone Campaigns
Star Wars® Knights of the Old Republic® II: The Sith Lords
Starcraft
Studio 9
Studio 9 Content CD/DVD
Studio 9.4 Patch
Studio Content CD
Syberia 2
TaxACT 2000
TaxACT 2001
TaxACT 2002
TaxACT 2003
TaxACT 2004
TaxACT 2005
TaxACT 2006
TaxACT Illinois 2000
TaxACT Illinois 2001
TaxACT Illinois 2002
TaxACT Kansas 2002
TaxACT Kansas 2003
TaxACT Kansas 2004
TaxACT Kansas 2005
TaxACT Kansas 2006
The Mystery of Veggie Island
Thinkin' Things Collection 3 (Remove only)
TMD Movie Codec
TMPGEnc DVD Author 1.5
TMPGEnc Plus 2.58.44.152
Tonka Construction 2
Toy Story 2 Activity Center
Tumblebugs
Tweak UI
Uniblue Registry Booster
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
VIA Integrated Setup Wizard
VivoActive Player v2.1
VuePrint
Winamp (remove only)
Windows Backup Utility
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 10
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinRAR archiver
WordPerfect Office 2002
XviD MPEG-4 Video Codec
Zanzarah - The Hidden Portal
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 5:12:00 PM 4/9/2007
+ Scan result:
D:\Program Files\KaZaA\TopSearch.dll -> Adware.Altnet : Cleaned with backup (quarantined).
HKU\S-1-5-21-57989841-152049171-854245398-500\Software\Brilliant Digital Entertainment -> Adware.BrilliantDigital : Cleaned with backup (quarantined).
HKU\S-1-5-21-57989841-152049171-854245398-500\Software\Brilliant Digital Entertainment\PROJECTOR -> Adware.BrilliantDigital : Cleaned with backup (quarantined).
HKU\S-1-5-21-57989841-152049171-854245398-500\Software\Brilliant Digital Entertainment\PROJECTOR\GUI -> Adware.BrilliantDigital : Cleaned with backup (quarantined).
HKU\S-1-5-21-57989841-152049171-854245398-500\Software\Cydoor -> Adware.Cydoor : Cleaned with backup (quarantined).
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqB9.tmp\P2P Networking.exe -> Adware.P2PNet : Cleaned with backup (quarantined).
I:\Program Files\Yahoo!\YPSR\Quarantine\ppqB9.tmp\P2P Networking.exe -> Adware.P2PNet : Cleaned with backup (quarantined).
:mozilla.143:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.277:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.47:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.11:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.12:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.135:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.13:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.14:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.15:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.168:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.16:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.17:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.182:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.18:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.19:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.20:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.21:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.22:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.23:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.24:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.25:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.27:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.28:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.29:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.29:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.30:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.31:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.31:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.32:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.33:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.34:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.36:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.37:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.38:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.39:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.39:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.40:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.40:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.41:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.41:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.42:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.42:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.42:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.43:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.43:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.43:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.44:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.44:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.44:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.45:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.45:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.45:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.46:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.46:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.46:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.47:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.47:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.48:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.48:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.49:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.49:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.49:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.50:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.50:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.50:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.51:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.51:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.52:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.52:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.52:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.53:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.53:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.53:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.54:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.54:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.54:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.55:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.55:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.55:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.56:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.56:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.57:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.58:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.59:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.64:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.65:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.67:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.68:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.69:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.6:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.6:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.70:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.71:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.72:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.73:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.7:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.7:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.8:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.9:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq46A.tmp -> TrackingCookie.2o7 : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppq46A.tmp -> TrackingCookie.2o7 : Cleaned.
:mozilla.45:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.7search : Cleaned.
:mozilla.45:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.7search : Cleaned.
:mozilla.50:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.51:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.274:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.51:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.52:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.53:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.54:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.55:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
I:\Documents and Settings\denisekc\Cookies\[email protected][1].txt -> TrackingCookie.Admarketplace : Cleaned.
I:\Documents and Settings\denisekc\Cookies\denisekc@admarketplace[2].txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.123:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Adobe : Cleaned.
:mozilla.120:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.121:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.142:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.171:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.172:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.173:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.174:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.175:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.176:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.31:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.31:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.32:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.32:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.33:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.33:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.26:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.26:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.27:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.27:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.29:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.29:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.26:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.27:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.141:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.146:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.147:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.148:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.149:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.150:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.177:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.178:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.179:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.180:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.181:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.282:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.29:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.30:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.33:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.34:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.53:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.54:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.55:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.56:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.57:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq46D.tmp -> TrackingCookie.Advertising : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqDAA.tmp -> TrackingCookie.Advertising : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqDB1.tmp -> TrackingCookie.Advertising : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppq46D.tmp -> TrackingCookie.Advertising : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppqDAA.tmp -> TrackingCookie.Advertising : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppqDB1.tmp -> TrackingCookie.Advertising : Cleaned.
:mozilla.112:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.11:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.14:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.20:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.20:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.45:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.65:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.79:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq46E.tmp -> TrackingCookie.Atdmt : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqDAB.tmp -> TrackingCookie.Atdmt : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppq46E.tmp -> TrackingCookie.Atdmt : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppqDAB.tmp -> TrackingCookie.Atdmt : Cleaned.
:mozilla.44:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.44:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Bfast : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq470.tmp -> TrackingCookie.Bluestreak : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppq470.tmp -> TrackingCookie.Bluestreak : Cleaned.
I:\Documents and Settings\denisekc\Cookies\[email protected][1].txt -> TrackingCookie.Burstbeacon : Cleaned.
I:\Documents and Settings\denisekc\Cookies\[email protected][2].txt -> TrackingCookie.Burstbeacon : Cleaned.
I:\Documents and Settings\denisekc\Cookies\[email protected][3].txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.275:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.28:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.46:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq471.tmp -> TrackingCookie.Burstnet : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq9C.tmp -> TrackingCookie.Burstnet : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqDAC.tmp -> TrackingCookie.Burstnet : Cleaned.
I:\Documents and Settings\denisekc\Cookies\[email protected][1].txt -> TrackingCookie.Burstnet : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppq471.tmp -> TrackingCookie.Burstnet : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppqDAC.tmp -> TrackingCookie.Burstnet : Cleaned.
:mozilla.155:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.225:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.226:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.227:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.228:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.232:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.48:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.49:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.52:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.85:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.86:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.87:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.88:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.8:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqDAD.tmp -> TrackingCookie.Casalemedia : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppqDAD.tmp -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.156:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Centrport : Cleaned.
:mozilla.157:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Centrport : Cleaned.
:mozilla.65:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Centrport : Cleaned.
:mozilla.66:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Centrport : Cleaned.
:mozilla.193:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.21:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.21:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.22:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.22:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.65:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Com : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2.tmp -> TrackingCookie.Com : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq473.tmp -> TrackingCookie.Com : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppq2.tmp -> TrackingCookie.Com : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppq473.tmp -> TrackingCookie.Com : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq474.tmp -> TrackingCookie.Dealtime : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqDAE.tmp -> TrackingCookie.Dealtime : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppq474.tmp -> TrackingCookie.Dealtime : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppqDAE.tmp -> TrackingCookie.Dealtime : Cleaned.
:mozilla.16:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.25:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.32:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.69:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.7:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq475.tmp -> TrackingCookie.Doubleclick : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppq475.tmp -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.29:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.Enliven : Cleaned.
:mozilla.29:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.Enliven : Cleaned.
:mozilla.35:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Enliven : Cleaned.
:mozilla.35:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Enliven : Cleaned.
:mozilla.278:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.15:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.16:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.184:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.23:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.24:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.122:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.160:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.234:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.235:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.38:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.39:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.40:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq477.tmp -> TrackingCookie.Fastclick : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppq477.tmp -> TrackingCookie.Fastclick : Cleaned.
:mozilla.10:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.116:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.118:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.119:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.120:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.121:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.123:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.125:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.128:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.12:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.138:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.139:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.141:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.143:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.144:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.187:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.190:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.191:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.191:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.19:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.20:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.32:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.33:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.34:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.35:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.36:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.37:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.38:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.56:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.57:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.58:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.59:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.59:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.60:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.60:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.60:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.61:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.61:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.61:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.62:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.62:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.63:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.63:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.64:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.64:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.65:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.66:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.66:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.67:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.67:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.68:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.68:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.69:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.70:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.71:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.72:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.73:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.74:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.74:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.75:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.75:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.76:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.76:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.77:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.78:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.79:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.80:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.81:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.82:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.96:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.98:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq478.tmp -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq479.tmp -> TrackingCookie.Hitbox : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppq478.tmp -> TrackingCookie.Hitbox : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppq479.tmp -> TrackingCookie.Hitbox : Cleaned.
:mozilla.106:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.108:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.160:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.161:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.16:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.17:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.56:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.57:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.58:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.77:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.78:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.80:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.82:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.158:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.159:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.160:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.180:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.181:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.182:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.74:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.75:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.76:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.14:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.14:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.194:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.195:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.48:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.75:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.92:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq47A.tmp -> TrackingCookie.Mediaplex : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppq47A.tmp -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.91:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Msn : Cleaned.
:mozilla.92:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Msn : Cleaned.
:mozilla.93:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Msn : Cleaned.
:mozilla.39:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.100:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.124:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.124:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.132:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.172:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.19:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.19:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.20:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.20:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.43:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Overture : Cleaned.
I:\Documents and Settings\denisekc\Cookies\[email protected][1].txt -> TrackingCookie.Overture : Cleaned.
:mozilla.14:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Paycounter : Cleaned.
:mozilla.184:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Paycounter : Cleaned.
:mozilla.157:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.188:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.28:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.99:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Paypal : Cleaned.
I:\Documents and Settings\denisekc\Cookies\[email protected][1].txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.104:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.105:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.106:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.107:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.111:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.112:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.113:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.114:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.138:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.139:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.140:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.141:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.15:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.15:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.161:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.162:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.163:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.164:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.17:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.17:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.18:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.18:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.19:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.19:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.279:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.280:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.281:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.282:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.50:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.51:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.52:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.53:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.69:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.70:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.71:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.72:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq9E.tmp -> TrackingCookie.Pointroll : Cleaned.
:mozilla.101:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.136:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.137:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.168:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.169:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.16:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.16:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.29:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.30:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.31:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.35:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.36:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.37:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq47B.tmp -> TrackingCookie.Questionmarket : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppq47B.tmp -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.151:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.152:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.161:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.162:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.163:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.16:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.17:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5E8.tmp -> TrackingCookie.Realmedia : Cleaned.
:mozilla.10:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.10:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.9:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.9:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.16:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.17:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.18:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.19:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.200:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.201:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.202:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.108:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.109:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.158:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.205:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.72:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.73:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq476.tmp -> TrackingCookie.Ru4 : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppq476.tmp -> TrackingCookie.Ru4 : Cleaned.
:mozilla.105:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.106:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.107:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.108:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.160:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.161:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.162:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.163:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.176:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.177:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.178:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.179:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Cassie\s1dog85l.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.72:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.73:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.74:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.76:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.77:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.78:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5E7.tmp -> TrackingCookie.Serving-sys : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5E9.tmp -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.170:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.238:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.239:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
I:\Documents and Settings\denisekc\Cookies\[email protected][1].txt -> TrackingCookie.Specificclick : Cleaned.
I:\Documents and Settings\denisekc\Cookies\[email protected][2].txt -> TrackingCookie.Specificclick : Cleaned.
I:\Documents and Settings\denisekc\Cookies\[email protected][3].txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.26:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Specificpop : Cleaned.
:mozilla.26:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Specificpop : Cleaned.
:mozilla.27:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Specificpop : Cleaned.
:mozilla.27:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Specificpop : Cleaned.
:mozilla.28:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Specificpop : Cleaned.
:mozilla.28:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Specificpop : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5EA.tmp -> TrackingCookie.Spylog : Cleaned.
:mozilla.211:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Starware : Cleaned.
:mozilla.212:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Starware : Cleaned.
:mozilla.236:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Starware : Cleaned.
I:\Documents and Settings\denisekc\Cookies\denisekc@starware[2].txt -> TrackingCookie.Starware : Cleaned.
:mozilla.222:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.223:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.152:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.153:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.154:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.221:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.222:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.77:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.78:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.79:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5EB.tmp -> TrackingCookie.Tacoda : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5EC.tmp -> TrackingCookie.Tacoda : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5ED.tmp -> TrackingCookie.Tacoda : Cleaned.
I:\Documents and Settings\denisekc\Cookies\denisekc@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
I:\Documents and Settings\denisekc\Cookies\denisekc@tacoda[3].txt -> TrackingCookie.Tacoda : Cleaned.
I:\Documents and Settings\denisekc\Cookies\denisekc@tacoda[4].txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.227:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.102:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.103:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.104:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.105:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.106:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.107:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.108:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.19:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.20:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.21:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.22:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.23:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq47C.tmp -> TrackingCookie.Trafficmp : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppq47C.tmp -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.30:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Trafficvenue : Cleaned.
:mozilla.30:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Trafficvenue : Cleaned.
:mozilla.31:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Trafficvenue : Cleaned.
:mozilla.31:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc\sacbi2tr.slt\cookies.txt -> TrackingCookie.Trafficvenue : Cleaned.
:mozilla.104:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.105:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.106:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.107:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.150:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.24:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.25:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.26:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.44:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq47E.tmp -> TrackingCookie.Tribalfusion : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppq47E.tmp -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.11:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.163:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.26:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.127:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.212:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.35:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq47F.tmp -> TrackingCookie.Webtrendslive : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppq47F.tmp -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.153:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.154:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.238:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.239:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.240:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.241:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.242:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.44:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.45:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\deniserlqtlf0.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5E5.tmp -> TrackingCookie.Yieldmanager : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5E6.tmp -> TrackingCookie.Yieldmanager : Cleaned.
I:\Documents and Settings\denisekc\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned.
I:\Documents and Settings\denisekc\Cookies\[email protected][3].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.182:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.183:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Barry\zgefsn1c.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.261:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.262:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.263:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\Brad\s6ajjkl2.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.28:C:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.28:I:\Documents and Settings\denisekc\Application Data\Mozilla\Profiles\denisekc-1\5iwp17cb.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq480.tmp -> TrackingCookie.Zedo : Cleaned.
I:\Program Files\Yahoo!\YPSR\Quarantine\ppq480.tmp -> TrackingCookie.Zedo : Cleaned.
C:\Program Files\eMule\LinkCreator.exe -> Worm.Luder.a : Cleaned with backup (quarantined).
::Report end
-
Hello everyone,
My Internet Explorer 6 and my At&T Yahoo brwoser ver 7 (uses IE for its base i think) are loading very slow. It takes almost 3 to 4 minutes for it to load. Once it loads, it works fine. I have tried Search and Destroy and Ad-AWare SE personal with no luck. Also my AT&T online protection doesnt appear to loading on startup anymore. I think something has hijacked my browsers. Mozilla/firefox is fine btw.
Thanks,
Aces&Eights
Here is my Hijackthis log:
Logfile of HijackThis v1.99.1
Scan saved at 11:33:00 AM, on 4/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Logitech\Profiler\LWEmon.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\Program Files\mozilla.org\Mozilla\mozilla.exe
C:\Program Files\Yahoo!\browser\ybrowser.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Yahoo!\YOP\yop.exe
C:\hjt\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://att.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AT&T WorldNet Service
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
N1 - Netscape 4: user_pref("browser.startup.homepage", "http://www.crh.noaa.gov/ict/mainpg/mainpg.php"); (C:\Program Files\Netscape\Users\denisekc\prefs.js)
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O1 - Hosts: 127.255.255.255 www.alcohol-soft.com
O1 - Hosts: 127.255.255.255 images.alcohol-soft.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AT&T Yahoo! Online Protection (2).lnk = C:\Program Files\Yahoo!\YOP\yop.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\instant messenger\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://www.bulletinboards.com/CFIDE/classes/CFJava.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PPPoE Service (PPPoEService) - Unknown owner - C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\SYSTEM32\YPCSER~1.EXE
-
Bt Team,
here the Panda log you requested and new HJT log.
thanks for helping.
Aces&Eights
Panda Activescan Log:
Incident Status Location
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Owner\Cookies\owner@2o7[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Owner\Cookies\owner@atdmt[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Owner\Cookies\owner@2o7[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Owner\Cookies\owner@atdmt[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt
Adware:Adware/Gator Not disinfected C:\WINDOWS\Downloaded Program Files\HDPlugin1101.dll
Logfile of HijackThis v1.99.1
Scan saved at 10:51:09 PM, on 1/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\NMSSvc.exe
C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\GWMDMMSG.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\SK9910DM.EXE
C:\Program Files\Norton Password Manager\AcctMgr.exe
C:\Program Files\Common Files\AOL\1103214812\ee\AOLHostManager.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\AOL\1103214812\ee\AOLServiceHost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\AOL Computer Check-Up\ACCAgnt.exe
C:\Program Files\America Online 9.0a\waol.exe
C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
c:\program files\common files\aol\1103214812\ee\services\antiSpywareApp\ver2_0_7\AOLSP Scheduler.exe
C:\Program Files\Common Files\AOL\1103214812\ee\AOLServiceHost.exe
C:\Program Files\America Online 9.0a\shellmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gatewaybiz.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.webroot.com/php/disp0201.php?pc...&mo=2&oc=5&ps=R
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [GWMDMpi] C:\WINDOWS\GWMDMpi.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [Hot Key Kbd 9910 Daemon] SK9910DM.EXE
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1103214812\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [AOLCC] "C:\Program Files\AOL Computer Check-Up\ACCAgnt.exe" /startup
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0a\AOL.EXE" -b
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll (file missing)
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/profiler/PCPitStop.CAB
O16 - DPF: {0F04992B-E661-4DB9-B223-903AB628225D} (DoMoreRunExe.DoMoreRun) - file://C:\Program Files\Gateway\Do More\DoMoreRunExe.CAB
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {511073AD-BE56-4D43-AE68-93390514385E} (TechToolsActivex.TechTools) - hcp://system/TechTools.CAB
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/..._1/axofupld.cab
O16 - DPF: {739E8D90-2F4C-43AD-A1B8-66C356FCEA35} (RunExeActiveX.RunExe) - hcp://system/RunExeActiveX.CAB
O16 - DPF: {75565ED2-1560-4F15-B841-20358DE6A0D1} (ImageControl Class) - http://c.ancestry.com/cab/ImageViewer/MFImgVwr.cab
O16 - DPF: {861DB4B6-3838-11D2-8E50-002018200E57} (MrSIDI Control) - http://images.myfamily.net/isfiles/downloads/MrSIDI.cab
O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://aolsvc.aol.com/onlinegames/ghtumblebugs/axhost.cab
O16 - DPF: {99CDFD87-F97A-42E1-9C13-D18220D90AD1} (StartFirstControl.CheckFirst) - hcp://system/StartFirstControl.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolsvc.aol.com/onlinegames/bejewele...aploader_v7.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: FreezeScreenSaver - Unknown owner - C:\WINDOWS\system32\FreezeScreenSaver.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: PictureTaker - LANovation - C:\WINDOWS\System32\PCTKRNT.SYS
O23 - Service: PrismXL - Lanovation - C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
-
Here is my log file. I am using my AOL browser and some webpages bog way down or do not load. I am helping my mother inlaw with this, please help.
thanks for the help,
Aces&Eights
Logfile of HijackThis v1.99.1
Scan saved at 6:37:23 PM, on 1/18/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\NMSSvc.exe
C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\GWMDMMSG.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\SK9910DM.EXE
C:\Program Files\Norton Password Manager\AcctMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\AOL\1103214812\ee\AOLHostManager.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\AOL Computer Check-Up\ACCAgnt.exe
C:\Program Files\Common Files\AOL\1103214812\ee\AOLServiceHost.exe
C:\Program Files\America Online 9.0a\waol.exe
C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
c:\program files\common files\aol\1103214812\ee\services\antiSpywareApp\ver2_0_7\AOLSP Scheduler.exe
C:\Program Files\Common Files\AOL\1103214812\ee\AOLServiceHost.exe
C:\Program Files\America Online 9.0a\shellmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gatewaybiz.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.webroot.com/php/disp0201.php?pc...&mo=2&oc=5&ps=R
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [GWMDMpi] C:\WINDOWS\GWMDMpi.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [Hot Key Kbd 9910 Daemon] SK9910DM.EXE
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1103214812\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [AOLCC] "C:\Program Files\AOL Computer Check-Up\ACCAgnt.exe" /startup
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0a\AOL.EXE" -b
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll (file missing)
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/profiler/PCPitStop.CAB
O16 - DPF: {0F04992B-E661-4DB9-B223-903AB628225D} (DoMoreRunExe.DoMoreRun) - file://C:\Program Files\Gateway\Do More\DoMoreRunExe.CAB
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {511073AD-BE56-4D43-AE68-93390514385E} (TechToolsActivex.TechTools) - hcp://system/TechTools.CAB
O16 - DPF: {739E8D90-2F4C-43AD-A1B8-66C356FCEA35} (RunExeActiveX.RunExe) - hcp://system/RunExeActiveX.CAB
O16 - DPF: {75565ED2-1560-4F15-B841-20358DE6A0D1} (ImageControl Class) - http://c.ancestry.com/cab/ImageViewer/MFImgVwr.cab
O16 - DPF: {861DB4B6-3838-11D2-8E50-002018200E57} (MrSIDI Control) - http://images.myfamily.net/isfiles/downloads/MrSIDI.cab
O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://aolsvc.aol.com/onlinegames/ghtumblebugs/axhost.cab
O16 - DPF: {99CDFD87-F97A-42E1-9C13-D18220D90AD1} (StartFirstControl.CheckFirst) - hcp://system/StartFirstControl.CAB
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolsvc.aol.com/onlinegames/bejewele...aploader_v7.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: FreezeScreenSaver - Unknown owner - C:\WINDOWS\system32\FreezeScreenSaver.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: PictureTaker - LANovation - C:\WINDOWS\System32\PCTKRNT.SYS
O23 - Service: PrismXL - Lanovation - C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
-
Hi dk,
Thanks for the help. You guys are great.
Aces&Eights
Here is the hopefully clean HJT log:
Logfile of HijackThis v1.99.1
Scan saved at 3:50:04 PM, on 9/20/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crh.noaa.gov/ict
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [sonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\IEExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1126292003468
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1126291980703
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
-
Hi dk,
I tried to email you the files that you requested to the email specified with the proper @ and "dots" but it "bounced"
I can try to resend, just let me know. I still have the CAB file on my desktop.
I let HJT fix the entries you noted with "success"!!! IE and WMP both work again!!!
BTW, i didn't delete the setcom.dll file. Should I, in safe mode?
Thanks,
Aces&Eights
Here is my hopefully clean HJT log:
Logfile of HijackThis v1.99.1
Scan saved at 5:36:37 PM, on 9/15/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crh.noaa.gov/ict
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [sonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\IEExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1126292003468
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1126291980703
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
-
Hey Guys,
Well I fixed my PC (thanks to you guys) and now my friend has a laptop with the same symptoms. IE freezes and the CPU is off to the races going to 100%.
You guys are great. Just to let you know, I already ran Mirco Trends online virusscan and it came up clean.
I am suspicious of the second 02 BHO entry and the 021 entry. Are my instincts correct?
Aces&Eights
Here is my HJT log:
Logfile of HijackThis v1.99.1
Scan saved at 6:01:35 PM, on 9/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\Program Files\Apoint\Apntex.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
C:\Program Files\mozilla.org\Mozilla\mozilla.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crh.noaa.gov/ict
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: (no name) - {6CD62BD9-B251-4BF7-B1EE-6667BA958EDE} - C:\WINDOWS\system32\perfset.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [sonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\IEExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1126292003468
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1126291980703
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O21 - SSODL: V2bio - {2DC0EFEC-9EA0-4A1D-B5F4-AAEF53FAD61A} - C:\WINDOWS\system32\setcom.dll
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
-
HI Besttechie,
Well i eliminated the two entries and then ran the trend mirco virusscan. Guess what, it found a trojan horse virus on my D: drive no less. Virus= TROJ_IEFEATS.A
Trend micro was unable to clean it, but I was able to go into safe mode (with system restore turned off of course) and remove the nasty little bugger.
Once I rebooted five times with system restore turned off, then rebooted and tried IE and WMP and YES!!! they worked.
Here is the "hoefully clean" HJT file:
Thanks for your help,
Aces&Eights
Logfile of HijackThis v1.99.1
Scan saved at 8:05:50 AM, on 9/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\SYSTEM32\ZONELABS\VSMON.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\hjt\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AT&T WorldNet Service
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
N1 - Netscape 4: user_pref("browser.startup.homepage", "http://www.crh.noaa.gov/ict/mainpg/mainpg.php"); (C:\Program Files\Netscape\Users\denisekc\prefs.js)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\cpn\ycomp5_3_12_0.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\PROGRAM FILES\YAHOO!\COMMON\YLOGIN.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\PROGRAM FILES\YAHOO!\COMMON\YLOGIN.DLL
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\instant messenger\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 - Plugin for .wav: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\npaudio.dll
O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://www.bulletinboards.com/CFIDE/classes/CFJava.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {24D1BDCE-D835-11D6-BF84-0050047EA0E7} (BlueStream_Flash Class) - http://www.rovion.com/Controls/Rovion.cab?affiliate=MEDIAGEN
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1100294111279
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://us.games2.yimg.com/download.games.y...ctl_0_0_0_1.ocx
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://floridakeysmedia.tv/axiscam/Codebas...sCamControl.ocx
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/gs/instal...edsolutions.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PPPoE Service (PPPoEService) - Unknown owner - C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\VSMON.EXE
-
Besttechie,
Just to let you know. I tried IE again after taking the items you mentioned and it still frooze up. I was able to stop the process this time without a reboot.
Also, everytime I start IE. the CPU and Page File usage is "off to the races" with the PF usage shooting up to 3 GB used.
Hope this helps,
thanks for helping.
Aces&Eights
PS...I would really like to get this fixed, hard to do Microsoft Security updates without IE.
-
Besttechie.
here is the results of the Jotti scan. I don't know if my firewall prevented this. I disabled zone Alarm and got the same results.
copy and pasted from Jotti:
The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file
thanks for the help.
Aces&Eights
New HJT log:
Logfile of HijackThis v1.99.1
Scan saved at 12:57:58 AM, on 9/11/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\SYSTEM32\ZONELABS\VSMON.EXE
C:\download\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AT&T WorldNet Service
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
N1 - Netscape 4: user_pref("browser.startup.homepage", "http://www.crh.noaa.gov/ict/mainpg/mainpg.php"); (C:\Program Files\Netscape\Users\denisekc\prefs.js)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {C2C57DA1-0F44-40D6-8255-62FA27BBFA8B} - C:\WINDOWS\system32\htmvba.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\cpn\ycomp5_3_12_0.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\PROGRAM FILES\YAHOO!\COMMON\YLOGIN.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\PROGRAM FILES\YAHOO!\COMMON\YLOGIN.DLL
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\instant messenger\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 - Plugin for .wav: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\npaudio.dll
O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://www.bulletinboards.com/CFIDE/classes/CFJava.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {24D1BDCE-D835-11D6-BF84-0050047EA0E7} (BlueStream_Flash Class) - http://www.rovion.com/Controls/Rovion.cab?affiliate=MEDIAGEN
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1100294111279
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://us.games2.yimg.com/download.games.y...ctl_0_0_0_1.ocx
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://floridakeysmedia.tv/axiscam/Codebas...sCamControl.ocx
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/gs/instal...edsolutions.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O21 - SSODL: Binnt - {D390FB51-87CE-4749-B233-D81D6D8DB2F0} - C:\WINDOWS\system32\wsockodbc.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PPPoE Service (PPPoEService) - Unknown owner - C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\VSMON.EXE
-
Hey everyone,
My IE 6.0 sp2 and WMP 10 freezes and won't run. I have tried VirusScan and AntiSpyware apps. (Ad-Aware) with no luck. Can somone look at my Hijackthis log and help me.
Thanks
Aces&Eights
Logfile of HijackThis v1.99.1
Scan saved at 3:35:45 PM, on 9/9/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\SYSTEM32\ZONELABS\VSMON.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\PROGRA~1\YAHOO!\BROWSER\YCOMMON.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\Program Files\mozilla.org\Mozilla\mozilla.exe
C:\download\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AT&T WorldNet Service
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
N1 - Netscape 4: user_pref("browser.startup.homepage", "http://www.crh.noaa.gov/ict/mainpg/mainpg.php"); (C:\Program Files\Netscape\Users\denisekc\prefs.js)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {A4F5525B-15F6-4DB7-993C-34C2DF47E377} - C:\WINDOWS\system32\xmltab.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\PROGRAM FILES\YAHOO!\COMMON\YLOGIN.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\PROGRAM FILES\YAHOO!\COMMON\YLOGIN.DLL
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\instant messenger\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 - Plugin for .wav: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\npaudio.dll
O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://www.bulletinboards.com/CFIDE/classes/CFJava.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {24D1BDCE-D835-11D6-BF84-0050047EA0E7} (BlueStream_Flash Class) - http://www.rovion.com/Controls/Rovion.cab?affiliate=MEDIAGEN
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1100294111279
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://us.games2.yimg.com/download.games.y...ctl_0_0_0_1.ocx
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://floridakeysmedia.tv/axiscam/Codebas...sCamControl.ocx
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/gs/instal...edsolutions.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O21 - SSODL: Cabdde - {939713DD-0A61-4E34-87CD-02B38D676BA4} - C:\WINDOWS\system32\bindesk.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PPPoE Service (PPPoEService) - Unknown owner - C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\VSMON.EXE
Ie6 And At&t Yahoo Browser V7 Loading Very Slow[RESOLVED]
in Malware Removal
Posted
Ryan,
I am still having the same problem with IE and AT&T Yahoo on startup. I still takes almost 2 minutes to load after I click on it. Would getting rid of all the toolbars speed this up. I could care less about these, if it would help performance.
Everyhting else seems to working great. Btw, would you recommend the pc version of Kapersky for my everyday virusscan, i am considering dumping the one that comes with AT&T and switching.
Thanks for you patience,
Aces