slappywhite62
Members-
Posts
14 -
Joined
-
Last visited
Reputation
0 Neutral-
MBAM Log Malwarebytes' Anti-Malware 1.33 Database version: 1666 Windows 5.1.2600 Service Pack 3 01/18/2009 2:22:08 PM mbam-log-2009-01-18 (14-22-08).txt Scan type: Quick Scan Objects scanned: 98143 Time elapsed: 23 minute(s), 29 second(s) Memory Processes Infected: 1 Memory Modules Infected: 1 Registry Keys Infected: 2 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 6 Memory Processes Infected: C:\WINDOWS\SYSTEM32\DRIVERS\svchost.exe (Heuristics.Reserved.Word.Exploit) -> Unloaded process successfully. Memory Modules Infected: C:\Documents and Settings\Tracey\Application Data\Google\kplalk.dll (Trojan.FakeAlert) -> Delete on reboot. Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\SYSTEM32\DRIVERS\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\SYSTEM32\TDSSlxwp.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Tracey\Application Data\Google\kplalk.dll (Trojan.FakeAlert) -> Delete on reboot. C:\Documents and Settings\Tracey\Application Data\Google\cijwg16225165.exe (Trojan.FakeAlert) -> Delete on reboot. C:\Documents and Settings\Tracey\Local Settings\Temp\TDSSdf99.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\SYSTEM32\TDSStkdu.log (Trojan.TDSS) -> Quarantined and deleted successfully. <......end log.....> HJT Log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:38:35 PM, on 01/18/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\IMSafer\bin\imslive.exe C:\Program Files\IMSafer\bin\imsc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\BCMSMMSG.exe C:\WINDOWS\System32\DSentry.exe C:\Program Files\Dell\Media Experience\PCMService.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\WINDOWS\System32\ezSP_Px.exe C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\Yahoo!\YOP\yop.exe C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\PROGRA~1\Yahoo!\browser\ycommon.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Tracey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe C:\Program Files\CASIO\Photo Loader\Plauto.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\CASIO\YouTube Uploader for CASIO\YStart.exe C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Documents and Settings\Tracey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\msiexec.exe C:\Documents and Settings\Tracey\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe c:\PROGRA~1\mcafee\msc\mcupdui.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cm.my.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll O2 - BHO: IE7pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7pro\IE7pro.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~2\VMNTOO~1.DLL O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~2\VMNTOO~1.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn6\yt.dll O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~2\VMNTOO~1.DLL O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~2\VMNTOO~1.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [bCMSMMSG] BCMSMMSG.exe O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe" O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [hplampc] C:\WINDOWS\system32\hplampc.exe O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [iPInSightMonitor 01] "C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart O4 - HKLM\..\Run: [iPInSightMonitor 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe" O4 - HKLM\..\Run: [iPInSightLAN 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" -l O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [MBBalloon] C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [realteke] "C:\Documents and Settings\Tracey\Application Data\Google\cijwg16225165.exe" 2 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Tracey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: MediaChecker.lnk = C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Photo Loader supervisory.lnk = C:\Program Files\CASIO\Photo Loader\Plauto.exe O4 - Global Startup: VMN Toolbox 4.lnk = C:\Program Files\VMN Toolbox 4\toolbox.exe O4 - Global Startup: YouTube Uploader for CASIO.lnk = C:\Program Files\CASIO\YouTube Uploader for CASIO\YStart.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: MyPoints - file://C:\Program Files\MyPoints_PointAlert\Sy800\Tp800\scri800a.htm O9 - Extra button: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll O9 - Extra 'Tools' menuitem: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Point Alert - {67B50696-04BA-48ea-A697-28AA0EAA9C26} - file://C:\Program Files\MyPoints_PointAlert\Sy800\Tp800\scri800a.htm (HKCU) O9 - Extra button: (no name) - {F2B441CC-E026-47fb-BDC3-A07750FA3D2C} - file://C:\Program Files\EbatesMoeMoneyMaker4\ebatessmmm\ebatestmmm\ebmmC0.htm (file missing) (HKCU) O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Advanced) - http://www.stonyfield.com/coupons/scriptX/smsx.cab O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/US/install.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-24-0.cab O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/instal...llMgr_v01_5.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/..._2/axofupld.cab O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotion...ctor/WebAAS.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) - http://onlinedesigner.hgtv.com/images/app/view22rte.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - http://www.disney.go.com/games/downloads/g...GameManager.cab O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://www.shockwave.com/content/feedingfr...outLauncher.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} - http://www.trueswitch.com/sbc/TrueInstallSBC.exe O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: DUOKGHMXBYVMO - Sonic Solutions - (no file) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IMSafer Live (ImSaferLive) - Crisp Thinking - C:\Program Files\IMSafer\bin\imslive.exe O23 - Service: IMSafer (ImSaferService) - Crisp Thinking - C:\Program Files\IMSafer\bin\imsc.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\SYSTEM32\YPCSER~1.EXE -- End of file - 17192 bytes
-
IE Browser windows closing
slappywhite62 replied to slappywhite62's topic in General Windows PC Help
Thanks. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:21:32 PM, on 1/2/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\hphmon06.exe C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\HP\KBD\KBD.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\IMSafer\bin\imslive.exe C:\Program Files\IMSafer\bin\imsc.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe C:\WINDOWS\SOUNDMAN.EXE c:\program files\common files\mcafee\mna\mcnasvc.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\ALCMTR.EXE C:\WINDOWS\ALCWZRD.EXE C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\AGRSMMSG.exe c:\windows\system\hpsysdrv.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\HP_Administrator\Desktop\Crap Cleaners_DO NOT DELETE\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-18\..\Run: [msiexec.exe] msiconf.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [msiexec.exe] msiconf.exe (User 'Default user') O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.4.1.cab O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O20 - AppInit_DLLs: xotygq.dll vqiigs.dll O20 - Winlogon Notify: cbXpOGvU - cbXpOGvU.dll (file missing) O21 - SSODL: UpdateCheck - {F2D107A2-FCAE-4F97-B3F2-338DDECCB93F} - C:\WINDOWS\system32\mstmdm.dll (file missing) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: IMSafer Live (ImSaferLive) - Crisp Thinking - C:\Program Files\IMSafer\bin\imslive.exe O23 - Service: IMSafer (ImSaferService) - Crisp Thinking - C:\Program Files\IMSafer\bin\imsc.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe -- End of file - 13024 bytes -
IE Browser windows closing
slappywhite62 replied to slappywhite62's topic in General Windows PC Help
This has happened two nights in a row....eset scan is running for 3 hours or so, then poof, all IE browser windows close. Poof there goes the scan and another 3 hours of my life.... Is this normal, or is there something else happening on this computer? I'll post another HJT log. Thanks. Scott -
Does the eset scan cause the browser windows to close? Does this scan create a log? Thanks.
-
MBAM Log - please review and advise
slappywhite62 replied to slappywhite62's topic in Resolved Malware Removal Logs
Here is the HJT log. I also ran Spybot S&D, but it does not create a log. For some reason I am unable to run Panda Active Scan on this computer (some problem with updating)...so I am currently running ESET scan. Will post that log when it is completed. Thanks again. Scott _________________________________________________ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:07:50 AM, on 1/1/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\hphmon06.exe C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\AIM6\aim6.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\ALCMTR.EXE C:\Program Files\IMSafer\bin\imslive.exe C:\Program Files\IMSafer\bin\imsc.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\WINDOWS\ALCWZRD.EXE C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\common files\mcafee\mna\mcnasvc.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\AIM6\aolsoftware.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\windows\system\hpsysdrv.exe C:\Documents and Settings\HP_Administrator\Desktop\Crap Cleaners_DO NOT DELETE\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-18\..\Run: [msiexec.exe] msiconf.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [msiexec.exe] msiconf.exe (User 'Default user') O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.4.1.cab O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O20 - AppInit_DLLs: xotygq.dll vqiigs.dll O20 - Winlogon Notify: cbXpOGvU - cbXpOGvU.dll (file missing) O21 - SSODL: UpdateCheck - {F2D107A2-FCAE-4F97-B3F2-338DDECCB93F} - C:\WINDOWS\system32\mstmdm.dll (file missing) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: IMSafer Live (ImSaferLive) - Crisp Thinking - C:\Program Files\IMSafer\bin\imslive.exe O23 - Service: IMSafer (ImSaferService) - Crisp Thinking - C:\Program Files\IMSafer\bin\imsc.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe -- End of file - 13250 bytes -
Panda Active Scan won't update
slappywhite62 replied to slappywhite62's topic in General Windows PC Help
Will do. Thanks. Scott -
Panda Active Scan runs fine on one of my XP computers, but when I attempt to run it on the other, I get a message saying "Sorry, updating is incomplete due to an error. Please try again." I try again...and again...and again...but it never updates; thus I can't get a Panda scan. Any ideas? Thanks.
-
MBAM Logs - Resolution of SpywareGuard 2008
slappywhite62 replied to slappywhite62's topic in General Windows PC Help
Exile360 - Thanks for your reply. -
I have run MBAM multiple times (after successfully updating the db), Spybot S&D, installed XP SP3 and all available Windows updates. I thought that I had eradicated the trojans that had infected the PC - but now it appears that it was not completly cured. I can not find the logs for Spybot - any ideas? I am preparing to run the Panda Activscan, in the meanwhile, here is the latest MBAM log. Thanks again, you guys are the best!!! Scott <-----Begin MBAM Log-----> Malwarebytes' Anti-Malware 1.31 Database version: 1589 Windows 5.1.2600 Service Pack 3 1/1/2009 10:49:00 AM mbam-log-2009-01-01 (10-49-00).txt Scan type: Quick Scan Objects scanned: 75475 Time elapsed: 16 minute(s), 2 second(s) Memory Processes Infected: 0 Memory Modules Infected: 1 Registry Keys Infected: 8 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 17 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: C:\WINDOWS\system32\vqiigs.dll (Trojan.Vundo) -> Delete on reboot. Registry Keys Infected: HKEY_CLASSES_ROOT\CLSID\{6afa030c-d68e-435d-a247-30c6f002d356} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6afa030c-d68e-435d-a247-30c6f002d356} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6afa030c-d68e-435d-a247-30c6f002d356} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\prunnet (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\vqiigs.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\qxeojxyp.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\senekarquwkkda.dll (Trojan.Seneka) -> Delete on reboot. C:\WINDOWS\system32\wvUnKCTm.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Ambers IPOD\Local Settings\Temp\winsinstall.exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\Documents and Settings\Ambers IPOD\Local Settings\Temporary Internet Files\Content.IE5\2HIL3PA9\apstpldr.dll[1].htm (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Ambers IPOD\Local Settings\Temporary Internet Files\Content.IE5\2HIL3PA9\winsinstall[1].exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\Documents and Settings\Ambers IPOD\Local Settings\Temporary Internet Files\Content.IE5\I8FZS5QI\index[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Ambers IPOD\Local Settings\Temporary Internet Files\Content.IE5\3UWDZOZ6\divx[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\senekajixetlwb.dll (Trojan.Agent) -> Delete on reboot. C:\WINDOWS\system32\senekariomupth.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\senekadf.dat (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\seneka.dat (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\senekalog.dat (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\seneka.sys (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\senekauwswmqlx.sys (Trojan.Agent) -> Delete on reboot. C:\WINDOWS\system32\msiconf.exe (Trojan.Downloader) -> Quarantined and deleted successfully. <-----End MBAM Log----->
-
Exile360 - like I said, you guys are fantastic. Thanks so much for your work and commitment to thwarting malware. My next move is to purchase the PRO version!!! I have attached the log from MBAM. Once MBAM ran successfully, I then ran Spybot S&D. However, there is no log file (??????) Anyway, thanks again - you guys ROCK!!! mbam_log_2008_12_26__21_54_22_.txt mbam_log_2008_12_26__21_54_22_.txt
-
With your help, I was able to successfully disinfect one of my computers but the other one is being very stubborn. I was able to download and install Spybot S&D - but it won't run. I can see it in Processes but it never gets any CPU time. I was able to download MBAM but the installation won't run - again, I can see it in Processes but it never gets any CPU time. Any ideas. Thanks - you guys are fantastic! Scott
-
Here are the logs. I look forward to your reply. Thank you so much. MBAM Malwarebytes' Anti-Malware 1.31 Database version: 1543 Windows 5.1.2600 Service Pack 3 12/25/2008 12:35:15 PM mbam-log-2008-12-25 (12-35-15).txt Scan type: Quick Scan Objects scanned: 122703 Time elapsed: 46 minute(s), 32 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 2 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 6 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\MSFox (Trojan.Agent) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSFox (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cognac (Trojan.FakeAlert) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Documents and Settings\Tracey\Local Settings\Temp\a.exe (Trojan.FakeAlert) -> Delete on reboot. C:\Documents and Settings\Tracey\Local Settings\Temp\~tmpb.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\Tracey\Local Settings\Temp\~tmpa.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\Tracey\Local Settings\Temp\~tmpc.exe (Trojan.FakeAlert) -> Delete on reboot. C:\Documents and Settings\Tracey\Local Settings\Temp\~tmpd.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\Tracey\Local Settings\Temp\~tmpe.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. <---------- end of log ---------> Panda ActiveScan ;******************************************************************************* ******************************************************************************** * ******************* ANALYSIS: 2008-12-25 21:43:49 PROTECTIONS: 2 MALWARE: 119 SUSPECTS: 11 ;******************************************************************************* ******************************************************************************** * ******************* PROTECTIONS Description Version Active Updated ;=============================================================================== ================================================================================ = =================== McAfee Internet Security Suite 2007 9.0 No Yes McAfee VirusScan Plus 13.0 No No ;=============================================================================== ================================================================================ = =================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=============================================================================== ================================================================================ = =================== 00003992 spyware/adclicker Spyware No 1 Yes No c:\windows\usta33.ini 00024383 spyware/clearsearch Spyware No 1 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\spidersidebar 00024383 spyware/clearsearch Spyware No 1 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\mirrorunder 00024383 spyware/clearsearch Spyware No 1 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\contextsidebar 00024383 spyware/clearsearch Spyware No 1 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\urlsidebar 00024383 spyware/clearsearch Spyware No 1 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\ronsidebar 00027660 adware/savenow Adware No 0 Yes No c:\documents and settings\all users\application data\nsv 00029007 adware/tvmedia Adware No 0 Yes No c:\windows\bundles 00029767 adware/delfinmedia Adware No 1 Yes No hkey_local_machine\software\picsvr 00029767 adware/delfinmedia Adware No 1 Yes No c:\documents and settings\all users\application data\picsvr 00029767 adware/delfinmedia Adware No 1 Yes No hkey_local_machine\software\skin 00029767 adware/delfinmedia Adware No 1 Yes No c:\windows\system32\vmss 00029767 adware/delfinmedia Adware No 1 Yes No c:\windows\system32\picsvr 00029767 adware/delfinmedia Adware No 1 Yes No hkey_current_user\software\picsvr 00032724 adware/portalscan Adware No 0 Yes No hkey_current_user\software\aun 00039204 adware/cws Adware No 0 Yes No c:\documents and settings\tracey\favorites\health 00039209 adware/virtualbouncer Adware No 0 Yes No c:\documents and settings\all users\application data\vbouncer 00040067 spyware/shopnav Spyware No 1 Yes No hkey_classes_root\clsid\{0007522a-2297-43c1-8eb1-c90b0ff20da5} 00040067 spyware/shopnav Spyware No 1 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{0007522A-2297-43C1-8EB1-C90B0FF20DA5} 00041446 application/myway HackTools No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{014DA6C7-189F-421A-88CD-07CFE51CFF10} 00041446 application/myway HackTools No 0 Yes No hkey_classes_root\mysearchtoolbar.netscapeshutdown.1 00041446 application/myway HackTools No 0 Yes No hkey_classes_root\mysearchtoolbar.netscapeshutdown 00041446 application/myway HackTools No 0 Yes No hkey_classes_root\clsid\{014da6c7-189f-421a-88cd-07cfe51cff10} 00041446 application/myway HackTools No 0 Yes No hkey_classes_root\mysearchtoolbar.netscapestartup.1 00041446 application/myway HackTools No 0 Yes No hkey_classes_root\mysearchtoolbar.netscapestartup 00043761 adware/addestroyer Adware No 0 Yes No c:\documents and settings\all users\application data\addestroyer 00045952 spyware/media-motor Spyware No 1 Yes No hkey_local_machine\software\microsoft\windows\currentversion\app management\arpcache\media-motor 00047863 adware/ieplugin Adware No 0 Yes No HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\{2cde1a7d-a478-4291-bf31-e1b4c16f92eb} 00047863 adware/ieplugin Adware No 0 Yes No c:\windows\kwv2.dat 00048239 adware/adlogix Adware No 0 Yes No hkey_local_machine\software\securewin 00093000 Spyware/Apropos Spyware No 1 Yes No C:\Documents and Settings\Taylor\Local Settings\Temp\AutoUpdate0\setup.inf 00120326 Adware/AdLogix Adware No 0 No No C:\Documents and Settings\Amber\Local Settings\Temp\adlinstallwin32.exe[modgxyz.exe] 00120328 Adware/AdLogix Adware No 0 No No C:\Documents and Settings\Amber\Local Settings\Temp\adlinstallwin32.exe[adstartup.exe] 00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@trafficmp[1].txt 00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@trafficmp[3].txt] 00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@trafficmp[1].txt] 00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@trafficmp[1].txt 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@casalemedia[2].txt 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@casalemedia[1].txt] 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@casalemedia[1].txt 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@casalemedia[3].txt] 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Scott\Cookies\scott@doubleclick[1].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq14B.tmp 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@doubleclick[2].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7C.tmp 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@doubleclick[1].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick1.zip[tracey@doubleclick[3].txt] 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick.zip[tracey@doubleclick[1].txt] 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq76.tmp 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@atdmt[2].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc3.zip[tracey@atdmt[2].txt] 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc.zip[tracey@atdmt[3].txt] 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@atdmt[2].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Scott\Cookies\scott@atdmt[2].txt 00142038 adware/comedy-planet Adware No 0 Yes No hkey_classes_root\joke 00142038 adware/comedy-planet Adware No 0 Yes No hkey_local_machine\software\classes\joke 00142038 adware/comedy-planet Adware No 0 Yes No c:\program files\comedy-planet 00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@tradedoubler[2].txt] 00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@tradedoubler[1].txt 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@247realmedia[2].txt 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@247realmedia[2].txt] 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq73.tmp 00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq77.tmp 00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@bfast[2].txt] 00145454 Cookie/Centralmedia TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@centralmedia[2].txt 00145454 Cookie/Centralmedia TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@centralmedia[2].txt 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq14C.tmp 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick.zip[tracey@fastclick[2].txt] 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@fastclick[2].txt 00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq82.tmp 00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq14F.tmp 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@tribalfusion[1].txt 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@tribalfusion[3].txt] 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@tribalfusion[2].txt 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@tribalfusion[2].txt] 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq154.tmp 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer7.zip[tracey@tribalfusion[2].txt] 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@mediaplex[1].txt 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq80.tmp 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@mediaplex[2].txt] 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@mediaplex[1].txt 00145758 Cookie/Mysearch TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Local Settings\Temp\Cookies\amber@mysearch[2].txt 00145758 Cookie/Mysearch TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@mysearch[2].txt 00145758 Cookie/Mysearch TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@mysearch[1].txt 00145770 Cookie/CentrPort TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@centrport[1].txt] 00145770 Cookie/CentrPort TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq79.tmp 00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@linksynergy[1].txt 00145881 Cookie/NewMedia TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@anm.co[2].txt] 00147824 Cookie/Clickbank TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@clickbank[2].txt] 00147824 Cookie/Clickbank TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq149.tmp 00149064 Cookie/Maxserving TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@maxserving[1].txt] 00149116 Cookie/Ccbill TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@ccbill[1].txt 00152401 Cookie/Belnk TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@belnk[1].txt] 00152401 Cookie/Belnk TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@belnk[2].txt] 00157143 Cookie/MyWay TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@www.xzoomy[2].txt 00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppqAD.tmp 00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@revenue[2].txt] 00162730 Cookie/Belnk TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@dist.belnk[1].txt] 00162730 Cookie/Belnk TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@dist.belnk[2].txt] 00165384 Cookie/DelfinMedia TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@delfinproject[1].txt] 00167430 Cookie/myaffiliateprogram TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@www.myaffiliateprogram[2].txt] 00167430 Cookie/myaffiliateprogram TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@www.myaffiliateprogram[2].txt] 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7A.tmp 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@com[2].txt] 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@com[2].txt] 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppqA5.tmp 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@com[1].txt] 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@com[1].txt] 00167647 Cookie/Yadro TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@yadro[2].txt] 00167659 Cookie/TeensForCash TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@teensforcash[2].txt 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@xiti[1].txt] 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@xiti[1].txt 00167708 Cookie/GoStats TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@c2.gostats[2].txt] 00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@fe.lea.lycos[1].txt 00167714 Cookie/64.62.232 TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@64.62.232[1].txt 00167733 Cookie/Adserver TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppqAF.tmp 00167744 Cookie/GoStats TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@gostats[1].txt] 00167744 Cookie/GoStats TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@gostats[1].txt] 00167744 Cookie/GoStats TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@gostats[2].txt 00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@azjmp[2].txt] 00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@azjmp[2].txt] 00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@azjmp[1].txt 00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@azjmp[2].txt 00167749 Cookie/Toplist TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@toplist[1].txt 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@statcounter[1].txt 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@statcounter[2].txt 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@statcounter[1].txt] 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@statcounter[3].txt] 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq150.tmp 00167760 Cookie/Hitslink TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitsLink1.zip[tracey@counter.hitslink[1].txt] 00167760 Cookie/Hitslink TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7F.tmp 00167774 Cookie/web-stat TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@www.web-stat[2].txt] 00167774 Cookie/web-stat TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@www.web-stat[2].txt] 00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer3.zip[tracey@perf.overture[1].txt] 00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@perf.overture[1].txt] 00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@perf.overture[1].txt] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@ad.yieldmanager[2].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@ad.yieldmanager[1].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Scott\Cookies\scott@ad.yieldmanager[1].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@ad.yieldmanager[2].txt] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@ad.yieldmanager[2].txt] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer7.zip[tracey@ad.yieldmanager[2].txt] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@ad.yieldmanager[5].txt] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@ad.yieldmanager[2].txt] 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@apmebf[1].txt 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@apmebf[3].txt] 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer2.zip[tracey@apmebf[2].txt] 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@apmebf[1].txt] 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@apmebf[1].txt 00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@burstnet[1].txt] 00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@burstnet[2].txt] 00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppqA4.tmp 00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq78.tmp 00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@burstnet[1].txt] 00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer7.zip[tracey@burstnet[2].txt] 00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@burstnet[2].txt 00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@burstnet[2].txt] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@serving-sys[3].txt] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer3.zip[tracey@serving-sys[2].txt] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@serving-sys[2].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Scott\Cookies\scott@serving-sys[2].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@serving-sys[2].txt] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@serving-sys[2].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@bs.serving-sys[2].txt] 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@bs.serving-sys[1].txt] 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Scott\Cookies\scott@bs.serving-sys[2].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@bs.serving-sys[1].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@bs.serving-sys[2].txt 00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@www.burstbeacon[1].txt] 00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@www.burstbeacon[1].txt] 00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@www.burstbeacon[1].txt] 00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@www.burstbeacon[1].txt 00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@adtech[1].txt] 00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@server.iad.liveperson[3].txt] 00168114 Cookie/onestat.com TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@stat.onestat[2].txt] 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@advertising[2].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom.zip[tracey@advertising[2].txt] 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Scott\Cookies\scott@advertising[2].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq75.tmp 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@advertising[2].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom2.zip[tracey@advertising[1].txt] 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq148.tmp 00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@media.adrevolver[3].txt] 00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@media.adrevolver[4].txt] 00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@media.adrevolver[3].txt 00170087 Cookie/Hbmediapro TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@adopt.hbmediapro[1].txt 00170087 Cookie/Hbmediapro TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@adopt.hbmediapro[2].txt] 00170087 Cookie/Hbmediapro TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@adopt.hbmediapro[1].txt 00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@statse.webtrendslive[1].txt 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@ads.pointroll[3].txt] 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@ads.pointroll[2].txt 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@ads.pointroll[1].txt] 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Scott\Cookies\scott@ads.pointroll[1].txt 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@ads.pointroll[1].txt 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer7.zip[tracey@ads.pointroll[1].txt] 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer3.zip[tracey@ads.pointroll[1].txt] 00170550 Cookie/Humanclick TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq8B.tmp 00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@overture[2].txt] 00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@overture[2].txt 00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@realmedia[1].txt] 00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@realmedia[2].txt 00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq14E.tmp 00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer7.zip[tracey@realmedia[2].txt] 00170557 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@terra.com[1].txt 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer3.zip[tracey@questionmarket[2].txt] 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@questionmarket[3].txt] 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer2.zip[tracey@questionmarket[1].txt] 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@questionmarket[2].txt 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq81.tmp 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@questionmarket[1].txt 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppqAB.tmp 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@questionmarket[1].txt] 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@zedo[2].txt 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq151.tmp 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@zedo[2].txt] 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@zedo[1].txt 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@zedo[1].txt] 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer7.zip[tracey@zedo[2].txt] 00172483 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@888[2].txt 00172483 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@888[2].txt 00172484 Cookie/Cassava TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@cassava[1].txt 00172484 Cookie/Cassava TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@cassava[1].txt 00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq87.tmp 00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@bluestreak[1].txt 00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@bluestreak[2].txt] 00173905 Cookie/Xmts TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@xmts[1].txt 00182104 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@phg.hitbox[1].txt 00182104 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox6.zip[tracey@phg.hitbox[2].txt] 00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@adrevolver[2].txt] 00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@adrevolver[1].txt 00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@adrevolver[1].txt] 00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer7.zip[tracey@adrevolver[2].txt] 00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@adrevolver[1].txt 00187950 Cookie/bravenetA TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@bravenet[2].txt] 00187951 Cookie/seeqA TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@www.seeq[2].txt] 00188480 Cookie/Paypopup TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@paypopup[1].txt] 00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@adultfriendfinder[2].txt] 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Scott\Local Settings\Temp\Cookies\scott@go[1].txt 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@go[2].txt 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@go[2].txt 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@go[1].txt] 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@go[1].txt] 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@go[2].txt] 00196960 Cookie/Belnk TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@ath.belnk[2].txt] 00199981 Cookie/Seeq TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@www48.seeq[1].txt] 00199981 Cookie/Seeq TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@www48.seeq[1].txt] 00199982 Cookie/Buydomains TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@www47.buydomains[1].txt] 00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@searchportal.information[2].txt] 00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer3.zip[tracey@searchportal.information[1].txt] 00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@searchportal.information[1].txt] 00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@searchportal.information[1].txt] 00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@target[2].txt 00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@target[1].txt 00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@target[1].txt] 00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@target[3].txt] 00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@target[2].txt] 00207712 Cookie/360i TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@ct.360i[1].txt] 00207712 Cookie/360i TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer3.zip[tracey@ct.360i[2].txt] 00207712 Cookie/360i TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@ct.360i[2].txt] 00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@did-it[1].txt 00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@did-it[1].txt] 00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@did-it[1].txt] 00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@did-it[2].txt] 00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@did-it[1].txt 00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@adviva[1].txt] 00213141 Cookie/GoStats TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@c3.gostats[2].txt] 00213141 Cookie/GoStats TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@c3.gostats[2].txt 00215545 Cookie/Bettersearch TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@index[2].txt] 00216065 Cookie/Screensavers TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Local Settings\Temp\Cookies\amber@i.screensavers[2].txt 00216065 Cookie/Screensavers TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@i.screensavers[1].txt 00216065 Cookie/Screensavers TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@i.screensavers[2].txt] 00216065 Cookie/Screensavers TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@i.screensavers[1].txt 00248163 Adware/TopRebates Adware No 0 Yes No C:\WINDOWS\Downloaded Program Files\MyPointsPointAlert_InstallSilent.inf 00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer2.zip[tracey@atwola[1].txt] 00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@atwola[1].txt 00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@atwola[2].txt] 00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Scott\Cookies\scott@atwola[1].txt 00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@atwola[1].txt] 00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer.zip[tracey@atwola[1].txt] 00262024 Cookie/ErrorSafe TrackingCookie No 0 Yes No C:\Documents and Settings\Visitors\Cookies\visitors@www.errorsafe[1].txt 00262025 Cookie/ErrorSafe TrackingCookie No 0 Yes No C:\Documents and Settings\Visitors\Cookies\visitors@errorsafe[2].txt 00286732 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@www3.addfreestats[2].txt] 00286738 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@www1.addfreestats[1].txt] 00286738 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Documents and Settings\Taylor\Cookies\taylor@www1.addfreestats[1].txt 00286739 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7D.tmp 00286739 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox14.zip[tracey@ehg-dig.hitbox[1].txt] 00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@ads.addynamix[2].txt] 00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Documents and Settings\Amber\Cookies\amber@ads.addynamix[1].txt 00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer3.zip[tracey@ads.addynamix[1].txt] 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer5.zip[tracey@citi.bridgetrack[1].txt] 00505449 Cookie/Winantivirus TrackingCookie No 0 Yes No C:\Documents and Settings\Visitors\Cookies\visitors@winantispyware[2].txt 00505449 Cookie/Winantivirus TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@winantispyware[2].txt] 00647779 Adware/AdLogix Adware No 0 No No C:\Documents and Settings\Amber\Local Settings\Temp\adlinstallwin32.exe[sWin32.dll] 00788331 Adware/AdLogix Adware No 0 No No C:\Documents and Settings\Amber\Local Settings\Temp\adlinstallwin32.exe[adupdater.exe] 01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer7.zip[tracey@enhance[2].txt] 01260840 Trj/Downloader.PME Virus/Trojan No 1 Yes No C:\Documents and Settings\Amber\Local Settings\Application Data\Wildtangent\Cdacache\00\00\0B.dat 01260840 Trj/Downloader.PME Virus/Trojan No 1 Yes No C:\Documents and Settings\Amber\Local Settings\Temp\CDASilentInstall0500.exe 02908816 Cookie/Starware TrackingCookie No 0 Yes No C:\Program Files\Spybot - Search & Destroy 1.1\Recovery\InternetExplorer4.zip[tracey@h.starware[1].txt] 03571250 Adware/WebSearch Adware No 0 No No C:\Program Files\VMN Toolbox 4\vmntoolbar\vmntoolbarsetup.exe[