Jump to content

slappywhite62

Members
  • Posts

    14
  • Joined

  • Last visited

Reputation

0 Neutral
  1. MBAM Log Malwarebytes' Anti-Malware 1.33 Database version: 1666 Windows 5.1.2600 Service Pack 3 01/18/2009 2:22:08 PM mbam-log-2009-01-18 (14-22-08).txt Scan type: Quick Scan Objects scanned: 98143 Time elapsed: 23 minute(s), 29 second(s) Memory Processes Infected: 1 Memory Modules Infected: 1 Registry Keys Infected: 2 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 6 Memory Processes Infected: C:\WINDOWS\SYSTEM32\DRIVERS\svchost.exe (Heuristics.Reserved.Word.Exploit) -> Unloaded process successfully. Memory Modules Infected: C:\Documents and Settings\Tracey\Application Data\Google\kplalk.dll (Trojan.FakeAlert) -> Delete on reboot. Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\SYSTEM32\DRIVERS\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\SYSTEM32\TDSSlxwp.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Tracey\Application Data\Google\kplalk.dll (Trojan.FakeAlert) -> Delete on reboot. C:\Documents and Settings\Tracey\Application Data\Google\cijwg16225165.exe (Trojan.FakeAlert) -> Delete on reboot. C:\Documents and Settings\Tracey\Local Settings\Temp\TDSSdf99.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\SYSTEM32\TDSStkdu.log (Trojan.TDSS) -> Quarantined and deleted successfully. <......end log.....> HJT Log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:38:35 PM, on 01/18/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\IMSafer\bin\imslive.exe C:\Program Files\IMSafer\bin\imsc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\BCMSMMSG.exe C:\WINDOWS\System32\DSentry.exe C:\Program Files\Dell\Media Experience\PCMService.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\WINDOWS\System32\ezSP_Px.exe C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\Yahoo!\YOP\yop.exe C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\PROGRA~1\Yahoo!\browser\ycommon.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Tracey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe C:\Program Files\CASIO\Photo Loader\Plauto.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\CASIO\YouTube Uploader for CASIO\YStart.exe C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Documents and Settings\Tracey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\msiexec.exe C:\Documents and Settings\Tracey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe c:\PROGRA~1\mcafee\msc\mcupdui.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cm.my.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll O2 - BHO: IE7pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7pro\IE7pro.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~2\VMNTOO~1.DLL O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~2\VMNTOO~1.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~2\VMNTOO~1.DLL O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~2\VMNTOO~1.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [bCMSMMSG] BCMSMMSG.exe O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe" O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [hplampc] C:\WINDOWS\system32\hplampc.exe O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [iPInSightMonitor 01] "C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart O4 - HKLM\..\Run: [iPInSightMonitor 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe" O4 - HKLM\..\Run: [iPInSightLAN 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" -l O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [MBBalloon] C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [realteke] "C:\Documents and Settings\Tracey\Application Data\Google\cijwg16225165.exe" 2 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Tracey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: MediaChecker.lnk = C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Photo Loader supervisory.lnk = C:\Program Files\CASIO\Photo Loader\Plauto.exe O4 - Global Startup: VMN Toolbox 4.lnk = C:\Program Files\VMN Toolbox 4\toolbox.exe O4 - Global Startup: YouTube Uploader for CASIO.lnk = C:\Program Files\CASIO\YouTube Uploader for CASIO\YStart.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: MyPoints - file://C:\Program Files\MyPoints_PointAlert\Sy800\Tp800\scri800a.htm O9 - Extra button: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll O9 - Extra 'Tools' menuitem: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Point Alert - {67B50696-04BA-48ea-A697-28AA0EAA9C26} - file://C:\Program Files\MyPoints_PointAlert\Sy800\Tp800\scri800a.htm (HKCU) O9 - Extra button: (no name) - {F2B441CC-E026-47fb-BDC3-A07750FA3D2C} - file://C:\Program Files\EbatesMoeMoneyMaker4\ebatessmmm\ebatestmmm\ebmmC0.htm (file missing) (HKCU) O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Advanced) - http://www.stonyfield.com/coupons/scriptX/smsx.cab O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/US/install.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-24-0.cab O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/instal...llMgr_v01_5.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/..._2/axofupld.cab O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotion...ctor/WebAAS.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) - http://onlinedesigner.hgtv.com/images/app/view22rte.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - http://www.disney.go.com/games/downloads/g...GameManager.cab O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://www.shockwave.com/content/feedingfr...outLauncher.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} - http://www.trueswitch.com/sbc/TrueInstallSBC.exe O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: DUOKGHMXBYVMO - Sonic Solutions - (no file) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IMSafer Live (ImSaferLive) - Crisp Thinking - C:\Program Files\IMSafer\bin\imslive.exe O23 - Service: IMSafer (ImSaferService) - Crisp Thinking - C:\Program Files\IMSafer\bin\imsc.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\SYSTEM32\YPCSER~1.EXE -- End of file - 17192 bytes
  2. Thanks. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:21:32 PM, on 1/2/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\hphmon06.exe C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\HP\KBD\KBD.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\IMSafer\bin\imslive.exe C:\Program Files\IMSafer\bin\imsc.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe C:\WINDOWS\SOUNDMAN.EXE c:\program files\common files\mcafee\mna\mcnasvc.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\ALCMTR.EXE C:\WINDOWS\ALCWZRD.EXE C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\AGRSMMSG.exe c:\windows\system\hpsysdrv.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\HP_Administrator\Desktop\Crap Cleaners_DO NOT DELETE\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-18\..\Run: [msiexec.exe] msiconf.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [msiexec.exe] msiconf.exe (User 'Default user') O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.4.1.cab O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O20 - AppInit_DLLs: xotygq.dll vqiigs.dll O20 - Winlogon Notify: cbXpOGvU - cbXpOGvU.dll (file missing) O21 - SSODL: UpdateCheck - {F2D107A2-FCAE-4F97-B3F2-338DDECCB93F} - C:\WINDOWS\system32\mstmdm.dll (file missing) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: IMSafer Live (ImSaferLive) - Crisp Thinking - C:\Program Files\IMSafer\bin\imslive.exe O23 - Service: IMSafer (ImSaferService) - Crisp Thinking - C:\Program Files\IMSafer\bin\imsc.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe -- End of file - 13024 bytes
  3. This has happened two nights in a row....eset scan is running for 3 hours or so, then poof, all IE browser windows close. Poof there goes the scan and another 3 hours of my life.... Is this normal, or is there something else happening on this computer? I'll post another HJT log. Thanks. Scott
  4. Does the eset scan cause the browser windows to close? Does this scan create a log? Thanks.
  5. Here is the HJT log. I also ran Spybot S&D, but it does not create a log. For some reason I am unable to run Panda Active Scan on this computer (some problem with updating)...so I am currently running ESET scan. Will post that log when it is completed. Thanks again. Scott _________________________________________________ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:07:50 AM, on 1/1/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\hphmon06.exe C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\AIM6\aim6.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\ALCMTR.EXE C:\Program Files\IMSafer\bin\imslive.exe C:\Program Files\IMSafer\bin\imsc.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\WINDOWS\ALCWZRD.EXE C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\common files\mcafee\mna\mcnasvc.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\AIM6\aolsoftware.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\windows\system\hpsysdrv.exe C:\Documents and Settings\HP_Administrator\Desktop\Crap Cleaners_DO NOT DELETE\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-18\..\Run: [msiexec.exe] msiconf.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [msiexec.exe] msiconf.exe (User 'Default user') O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.4.1.cab O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O20 - AppInit_DLLs: xotygq.dll vqiigs.dll O20 - Winlogon Notify: cbXpOGvU - cbXpOGvU.dll (file missing) O21 - SSODL: UpdateCheck - {F2D107A2-FCAE-4F97-B3F2-338DDECCB93F} - C:\WINDOWS\system32\mstmdm.dll (file missing) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: IMSafer Live (ImSaferLive) - Crisp Thinking - C:\Program Files\IMSafer\bin\imslive.exe O23 - Service: IMSafer (ImSaferService) - Crisp Thinking - C:\Program Files\IMSafer\bin\imsc.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe -- End of file - 13250 bytes
  6. Panda Active Scan runs fine on one of my XP computers, but when I attempt to run it on the other, I get a message saying "Sorry, updating is incomplete due to an error. Please try again." I try again...and again...and again...but it never updates; thus I can't get a Panda scan. Any ideas? Thanks.
  7. I have run MBAM multiple times (after successfully updating the db), Spybot S&D, installed XP SP3 and all available Windows updates. I thought that I had eradicated the trojans that had infected the PC - but now it appears that it was not completly cured. I can not find the logs for Spybot - any ideas? I am preparing to run the Panda Activscan, in the meanwhile, here is the latest MBAM log. Thanks again, you guys are the best!!! Scott <-----Begin MBAM Log-----> Malwarebytes' Anti-Malware 1.31 Database version: 1589 Windows 5.1.2600 Service Pack 3 1/1/2009 10:49:00 AM mbam-log-2009-01-01 (10-49-00).txt Scan type: Quick Scan Objects scanned: 75475 Time elapsed: 16 minute(s), 2 second(s) Memory Processes Infected: 0 Memory Modules Infected: 1 Registry Keys Infected: 8 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 17 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: C:\WINDOWS\system32\vqiigs.dll (Trojan.Vundo) -> Delete on reboot. Registry Keys Infected: HKEY_CLASSES_ROOT\CLSID\{6afa030c-d68e-435d-a247-30c6f002d356} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6afa030c-d68e-435d-a247-30c6f002d356} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6afa030c-d68e-435d-a247-30c6f002d356} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\prunnet (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\vqiigs.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\qxeojxyp.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\senekarquwkkda.dll (Trojan.Seneka) -> Delete on reboot. C:\WINDOWS\system32\wvUnKCTm.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Ambers IPOD\Local Settings\Temp\winsinstall.exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\Documents and Settings\Ambers IPOD\Local Settings\Temporary Internet Files\Content.IE5\2HIL3PA9\apstpldr.dll[1].htm (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Ambers IPOD\Local Settings\Temporary Internet Files\Content.IE5\2HIL3PA9\winsinstall[1].exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\Documents and Settings\Ambers IPOD\Local Settings\Temporary Internet Files\Content.IE5\I8FZS5QI\index[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Ambers IPOD\Local Settings\Temporary Internet Files\Content.IE5\3UWDZOZ6\divx[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\senekajixetlwb.dll (Trojan.Agent) -> Delete on reboot. C:\WINDOWS\system32\senekariomupth.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\senekadf.dat (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\seneka.dat (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\senekalog.dat (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\seneka.sys (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\senekauwswmqlx.sys (Trojan.Agent) -> Delete on reboot. C:\WINDOWS\system32\msiconf.exe (Trojan.Downloader) -> Quarantined and deleted successfully. <-----End MBAM Log----->
  8. Exile360 - like I said, you guys are fantastic. Thanks so much for your work and commitment to thwarting malware. My next move is to purchase the PRO version!!! I have attached the log from MBAM. Once MBAM ran successfully, I then ran Spybot S&D. However, there is no log file (??????) Anyway, thanks again - you guys ROCK!!! mbam_log_2008_12_26__21_54_22_.txt mbam_log_2008_12_26__21_54_22_.txt
  9. With your help, I was able to successfully disinfect one of my computers but the other one is being very stubborn. I was able to download and install Spybot S&D - but it won't run. I can see it in Processes but it never gets any CPU time. I was able to download MBAM but the installation won't run - again, I can see it in Processes but it never gets any CPU time. Any ideas. Thanks - you guys are fantastic! Scott
  10. Here are the logs. I look forward to your reply. Thank you so much. MBAM Malwarebytes' Anti-Malware 1.31 Database version: 1543 Windows 5.1.2600 Service Pack 3 12/25/2008 12:35:15 PM mbam-log-2008-12-25 (12-35-15).txt Scan type: Quick Scan Objects scanned: 122703 Time elapsed: 46 minute(s), 32 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 2 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 6 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\MSFox (Trojan.Agent) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSFox (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cognac (Trojan.FakeAlert) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Documents and Settings\Tracey\Local Settings\Temp\a.exe (Trojan.FakeAlert) -> Delete on reboot. C:\Documents and Settings\Tracey\Local Settings\Temp\~tmpb.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\Tracey\Local Settings\Temp\~tmpa.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\Tracey\Local Settings\Temp\~tmpc.exe (Trojan.FakeAlert) -> Delete on reboot. C:\Documents and Settings\Tracey\Local Settings\Temp\~tmpd.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\Tracey\Local Settings\Temp\~tmpe.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. <---------- end of log ---------> Panda ActiveScan ;******************************************************************************* ******************************************************************************** * ******************* ANALYSIS: 2008-12-25 21:43:49 PROTECTIONS: 2 MALWARE: 119 SUSPECTS: 11 ;******************************************************************************* ******************************************************************************** * ******************* PROTECTIONS Description Version Active Updated ;=============================================================================== ================================================================================ = =================== McAfee Internet Security Suite 2007 9.0 No Yes McAfee VirusScan Plus 13.0 No No ;=============================================================================== ================================================================================ = =================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=============================================================================== ================================================================================ = =================== 00003992 spyware/adclicker Spyware No 1 Yes No c:\windows\usta33.ini 00024383 spyware/clearsearch Spyware No 1 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\spidersidebar 00024383 spyware/clearsearch Spyware No 1 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\mirrorunder 00024383 spyware/clearsearch Spyware No 1 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\contextsidebar 00024383 spyware/clearsearch Spyware No 1 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\urlsidebar 00024383 spyware/clearsearch Spyware No 1 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\ronsidebar 00027660 adware/savenow Adware No 0 Yes No c:\documents and settings\all users\application data\nsv 00029007 adware/tvmedia Adware No 0 Yes No c:\windows\bundles 00029767 adware/delfinmedia Adware No 1 Yes No hkey_local_machine\software\picsvr 00029767 adware/delfinmedia Adware No 1 Yes No c:\documents and settings\all users\application data\picsvr 00029767 adware/delfinmedia Adware No 1 Yes No hkey_local_machine\software\skin 00029767 adware/delfinmedia Adware No 1 Yes No c:\windows\system32\vmss 00029767 adware/delfinmedia Adware No 1 Yes No c:\windows\system32\picsvr 00029767 adware/delfinmedia Adware No 1 Yes No hkey_current_user\software\picsvr 00032724 adware/portalscan Adware No 0 Yes No hkey_current_user\software\aun 00039204 adware/cws Adware No 0 Yes No c:\documents and settings\tracey\favorites\health 00039209 adware/virtualbouncer Adware No 0 Yes No c:\documents and settings\all users\application data\vbouncer 00040067 spyware/shopnav Spyware No 1 Yes No hkey_classes_root\clsid\{0007522a-2297-43c1-8eb1-c90b0ff20da5} 00040067 spyware/shopnav Spyware No 1 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{0007522A-2297-43C1-8EB1-C90B0FF20DA5} 00041446 application/myway HackTools No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{014DA6C7-189F-421A-88CD-07CFE51CFF10} 00041446 application/myway HackTools No 0 Yes No hkey_classes_root\mysearchtoolbar.netscapeshutdown.1 00041446 application/myway HackTools No 0 Yes No hkey_classes_root\mysearchtoolbar.netscapeshutdown 00041446 application/myway HackTools No 0 Yes No hkey_classes_root\clsid\{014da6c7-189f-421a-88cd-07cfe51cff10} 00041446 application/myway HackTools No 0 Yes No hkey_classes_root\mysearchtoolbar.netscapestartup.1 00041446 application/myway HackTools No 0 Yes No hkey_classes_root\mysearchtoolbar.netscapestartup 00043761 adware/addestroyer Adware No 0 Yes No c:\documents and settings\all users\application data\addestroyer 00045952 spyware/media-motor Spyware No 1 Yes No hkey_local_machine\software\microsoft\windows\currentversion\app management\arpcache\media-motor 00047863 adware/ieplugin Adware No 0 Yes No HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\{2cde1a7d-a478-4291-bf31-e1b4c16f92eb} 00047863 adware/ieplugin Adware No 0 Yes No c:\windows\kwv2.dat 00048239 adware/adlogix Adware No 0 Yes No hkey_local_machine\software\securewin 00093000 Spyware/Apropos Spyware No 1 Yes No C:\Documents and Settings\Taylor\Local Settings\Temp\AutoUpdate0\setup.inf 00120326 Adware/AdLogix Adware No 0 No No C:\Documents and Settings\Amber\Local Settings\Temp\adlinstallwin32.exe[modgxyz.exe] 00120328 Adware/AdLogix Adware No 0 No No C:\Documents and Settings\Amber\Local Settings\Temp\adlinstallwin32.exe[adstartup.exe] 00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@trafficmp[1].txt 00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@trafficmp[3].txt] 00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@trafficmp[1].txt] 00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@trafficmp[1].txt 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@casalemedia[2].txt 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@casalemedia[1].txt] 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@casalemedia[1].txt 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@casalemedia[3].txt] 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Scott\Cookies\scott@doubleclick[1].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq14B.tmp 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@doubleclick[2].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7C.tmp 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@doubleclick[1].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick1.zip[tracey@doubleclick[3].txt] 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick.zip[tracey@doubleclick[1].txt] 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq76.tmp 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@atdmt[2].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc3.zip[tracey@atdmt[2].txt] 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc.zip[tracey@atdmt[3].txt] 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@atdmt[2].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Scott\Cookies\scott@atdmt[2].txt 00142038 adware/comedy-planet Adware No 0 Yes No hkey_classes_root\joke 00142038 adware/comedy-planet Adware No 0 Yes No hkey_local_machine\software\classes\joke 00142038 adware/comedy-planet Adware No 0 Yes No c:\program files\comedy-planet 00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@tradedoubler[2].txt] 00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@tradedoubler[1].txt 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@247realmedia[2].txt 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@247realmedia[2].txt] 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq73.tmp 00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq77.tmp 00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@bfast[2].txt] 00145454 Cookie/Centralmedia TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@centralmedia[2].txt 00145454 Cookie/Centralmedia TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@centralmedia[2].txt 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq14C.tmp 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick.zip[tracey@fastclick[2].txt] 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@fastclick[2].txt 00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq82.tmp 00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq14F.tmp 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@tribalfusion[1].txt 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@tribalfusion[3].txt] 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@tribalfusion[2].txt 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@tribalfusion[2].txt] 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq154.tmp 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer7.zip[tracey@tribalfusion[2].txt] 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@mediaplex[1].txt 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq80.tmp 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@mediaplex[2].txt] 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@mediaplex[1].txt 00145758 Cookie/Mysearch TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Local Settings\Temp\Cookies\amber@mysearch[2].txt 00145758 Cookie/Mysearch TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@mysearch[2].txt 00145758 Cookie/Mysearch TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@mysearch[1].txt 00145770 Cookie/CentrPort TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@centrport[1].txt] 00145770 Cookie/CentrPort TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq79.tmp 00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@linksynergy[1].txt 00145881 Cookie/NewMedia TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@anm.co[2].txt] 00147824 Cookie/Clickbank TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@clickbank[2].txt] 00147824 Cookie/Clickbank TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq149.tmp 00149064 Cookie/Maxserving TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@maxserving[1].txt] 00149116 Cookie/Ccbill TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@ccbill[1].txt 00152401 Cookie/Belnk TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@belnk[1].txt] 00152401 Cookie/Belnk TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@belnk[2].txt] 00157143 Cookie/MyWay TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@www.xzoomy[2].txt 00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppqAD.tmp 00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@revenue[2].txt] 00162730 Cookie/Belnk TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@dist.belnk[1].txt] 00162730 Cookie/Belnk TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@dist.belnk[2].txt] 00165384 Cookie/DelfinMedia TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@delfinproject[1].txt] 00167430 Cookie/myaffiliateprogram TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@www.myaffiliateprogram[2].txt] 00167430 Cookie/myaffiliateprogram TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@www.myaffiliateprogram[2].txt] 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7A.tmp 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@com[2].txt] 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@com[2].txt] 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppqA5.tmp 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@com[1].txt] 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@com[1].txt] 00167647 Cookie/Yadro TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@yadro[2].txt] 00167659 Cookie/TeensForCash TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@teensforcash[2].txt 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@xiti[1].txt] 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@xiti[1].txt 00167708 Cookie/GoStats TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@c2.gostats[2].txt] 00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@fe.lea.lycos[1].txt 00167714 Cookie/64.62.232 TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@64.62.232[1].txt 00167733 Cookie/Adserver TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppqAF.tmp 00167744 Cookie/GoStats TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@gostats[1].txt] 00167744 Cookie/GoStats TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@gostats[1].txt] 00167744 Cookie/GoStats TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@gostats[2].txt 00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@azjmp[2].txt] 00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@azjmp[2].txt] 00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@azjmp[1].txt 00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@azjmp[2].txt 00167749 Cookie/Toplist TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@toplist[1].txt 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@statcounter[1].txt 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@statcounter[2].txt 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@statcounter[1].txt] 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@statcounter[3].txt] 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq150.tmp 00167760 Cookie/Hitslink TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitsLink1.zip[tracey@counter.hitslink[1].txt] 00167760 Cookie/Hitslink TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7F.tmp 00167774 Cookie/web-stat TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@www.web-stat[2].txt] 00167774 Cookie/web-stat TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@www.web-stat[2].txt] 00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer3.zip[tracey@perf.overture[1].txt] 00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@perf.overture[1].txt] 00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@perf.overture[1].txt] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@ad.yieldmanager[2].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@ad.yieldmanager[1].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Scott\Cookies\scott@ad.yieldmanager[1].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@ad.yieldmanager[2].txt] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@ad.yieldmanager[2].txt] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer7.zip[tracey@ad.yieldmanager[2].txt] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@ad.yieldmanager[5].txt] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@ad.yieldmanager[2].txt] 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@apmebf[1].txt 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@apmebf[3].txt] 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer2.zip[tracey@apmebf[2].txt] 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@apmebf[1].txt] 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@apmebf[1].txt 00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@burstnet[1].txt] 00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@burstnet[2].txt] 00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppqA4.tmp 00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq78.tmp 00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@burstnet[1].txt] 00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer7.zip[tracey@burstnet[2].txt] 00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@burstnet[2].txt 00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@burstnet[2].txt] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@serving-sys[3].txt] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer3.zip[tracey@serving-sys[2].txt] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@serving-sys[2].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Scott\Cookies\scott@serving-sys[2].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@serving-sys[2].txt] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@serving-sys[2].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@bs.serving-sys[2].txt] 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@bs.serving-sys[1].txt] 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Scott\Cookies\scott@bs.serving-sys[2].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@bs.serving-sys[1].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@bs.serving-sys[2].txt 00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@www.burstbeacon[1].txt] 00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@www.burstbeacon[1].txt] 00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@www.burstbeacon[1].txt] 00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@www.burstbeacon[1].txt 00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@adtech[1].txt] 00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@server.iad.liveperson[3].txt] 00168114 Cookie/onestat.com TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@stat.onestat[2].txt] 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@advertising[2].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom.zip[tracey@advertising[2].txt] 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Scott\Cookies\scott@advertising[2].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq75.tmp 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@advertising[2].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom2.zip[tracey@advertising[1].txt] 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq148.tmp 00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@media.adrevolver[3].txt] 00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@media.adrevolver[4].txt] 00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@media.adrevolver[3].txt 00170087 Cookie/Hbmediapro TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@adopt.hbmediapro[1].txt 00170087 Cookie/Hbmediapro TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@adopt.hbmediapro[2].txt] 00170087 Cookie/Hbmediapro TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@adopt.hbmediapro[1].txt 00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@statse.webtrendslive[1].txt 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@ads.pointroll[3].txt] 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@ads.pointroll[2].txt 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@ads.pointroll[1].txt] 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Scott\Cookies\scott@ads.pointroll[1].txt 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@ads.pointroll[1].txt 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer7.zip[tracey@ads.pointroll[1].txt] 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer3.zip[tracey@ads.pointroll[1].txt] 00170550 Cookie/Humanclick TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq8B.tmp 00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@overture[2].txt] 00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@overture[2].txt 00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@realmedia[1].txt] 00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@realmedia[2].txt 00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq14E.tmp 00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer7.zip[tracey@realmedia[2].txt] 00170557 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@terra.com[1].txt 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer3.zip[tracey@questionmarket[2].txt] 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@questionmarket[3].txt] 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer2.zip[tracey@questionmarket[1].txt] 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@questionmarket[2].txt 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq81.tmp 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@questionmarket[1].txt 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppqAB.tmp 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@questionmarket[1].txt] 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@zedo[2].txt 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq151.tmp 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@zedo[2].txt] 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@zedo[1].txt 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@zedo[1].txt] 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer7.zip[tracey@zedo[2].txt] 00172483 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@888[2].txt 00172483 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@888[2].txt 00172484 Cookie/Cassava TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@cassava[1].txt 00172484 Cookie/Cassava TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@cassava[1].txt 00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq87.tmp 00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@bluestreak[1].txt 00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@bluestreak[2].txt] 00173905 Cookie/Xmts TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@xmts[1].txt 00182104 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@phg.hitbox[1].txt 00182104 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox6.zip[tracey@phg.hitbox[2].txt] 00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@adrevolver[2].txt] 00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@adrevolver[1].txt 00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@adrevolver[1].txt] 00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer7.zip[tracey@adrevolver[2].txt] 00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@adrevolver[1].txt 00187950 Cookie/bravenetA TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@bravenet[2].txt] 00187951 Cookie/seeqA TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@www.seeq[2].txt] 00188480 Cookie/Paypopup TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@paypopup[1].txt] 00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@adultfriendfinder[2].txt] 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Scott\Local Settings\Temp\Cookies\scott@go[1].txt 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@go[2].txt 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@go[2].txt 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@go[1].txt] 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@go[1].txt] 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@go[2].txt] 00196960 Cookie/Belnk TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@ath.belnk[2].txt] 00199981 Cookie/Seeq TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@www48.seeq[1].txt] 00199981 Cookie/Seeq TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@www48.seeq[1].txt] 00199982 Cookie/Buydomains TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@www47.buydomains[1].txt] 00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@searchportal.information[2].txt] 00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer3.zip[tracey@searchportal.information[1].txt] 00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@searchportal.information[1].txt] 00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@searchportal.information[1].txt] 00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@target[2].txt 00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@target[1].txt 00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@target[1].txt] 00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@target[3].txt] 00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@target[2].txt] 00207712 Cookie/360i TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@ct.360i[1].txt] 00207712 Cookie/360i TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer3.zip[tracey@ct.360i[2].txt] 00207712 Cookie/360i TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@ct.360i[2].txt] 00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@did-it[1].txt 00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@did-it[1].txt] 00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@did-it[1].txt] 00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@did-it[2].txt] 00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@did-it[1].txt 00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@adviva[1].txt] 00213141 Cookie/GoStats TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@c3.gostats[2].txt] 00213141 Cookie/GoStats TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@c3.gostats[2].txt 00215545 Cookie/Bettersearch TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@index[2].txt] 00216065 Cookie/Screensavers TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Local Settings\Temp\Cookies\amber@i.screensavers[2].txt 00216065 Cookie/Screensavers TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@i.screensavers[1].txt 00216065 Cookie/Screensavers TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@i.screensavers[2].txt] 00216065 Cookie/Screensavers TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@i.screensavers[1].txt 00248163 Adware/TopRebates Adware No 0 Yes No C:\WINDOWS\Downloaded Program Files\MyPointsPointAlert_InstallSilent.inf 00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer2.zip[tracey@atwola[1].txt] 00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@atwola[1].txt 00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@atwola[2].txt] 00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Scott\Cookies\scott@atwola[1].txt 00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@atwola[1].txt] 00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@atwola[1].txt] 00262024 Cookie/ErrorSafe TrackingCookie No 0 Yes No C:\Documents and Settings\Visitors\Cookies\visitors@www.errorsafe[1].txt 00262025 Cookie/ErrorSafe TrackingCookie No 0 Yes No C:\Documents and Settings\Visitors\Cookies\visitors@errorsafe[2].txt 00286732 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@www3.addfreestats[2].txt] 00286738 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@www1.addfreestats[1].txt] 00286738 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@www1.addfreestats[1].txt 00286739 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7D.tmp 00286739 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox14.zip[tracey@ehg-dig.hitbox[1].txt] 00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@ads.addynamix[2].txt] 00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@ads.addynamix[1].txt 00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer3.zip[tracey@ads.addynamix[1].txt] 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@citi.bridgetrack[1].txt] 00505449 Cookie/Winantivirus TrackingCookie No 0 Yes No C:\Documents and Settings\Visitors\Cookies\visitors@winantispyware[2].txt 00505449 Cookie/Winantivirus TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@winantispyware[2].txt] 00647779 Adware/AdLogix Adware No 0 No No C:\Documents and Settings\Amber\Local Settings\Temp\adlinstallwin32.exe[sWin32.dll] 00788331 Adware/AdLogix Adware No 0 No No C:\Documents and Settings\Amber\Local Settings\Temp\adlinstallwin32.exe[adupdater.exe] 01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer7.zip[tracey@enhance[2].txt] 01260840 Trj/Downloader.PME Virus/Trojan No 1 Yes No C:\Documents and Settings\Amber\Local Settings\Application Data\Wildtangent\Cdacache\00\00\0B.dat 01260840 Trj/Downloader.PME Virus/Trojan No 1 Yes No C:\Documents and Settings\Amber\Local Settings\Temp\CDASilentInstall0500.exe 02908816 Cookie/Starware TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@h.starware[1].txt] 03571250 Adware/WebSearch Adware No 0 No No C:\Program Files\VMN Toolbox 4\vmntoolbar\vmntoolbarsetup.exe[
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.