Jump to content

Funbar 1.01 Removal


Joe
 Share

Recommended Posts

Thanks Jean for the info. My add and remove program files will not remove it but here are the results of the hijack this scan

Logfile of HijackThis v1.99.1

Scan saved at 3:10:34 PM, on 24/04/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

C:\WINDOWS\System32\brsvc01a.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\brss01a.exe

C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\WINDOWS\SYSTEM32\Brmfrmps.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\WINDOWS\System32\CTsvcCDA.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\wanmpsvc.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\DSentry.exe

C:\Program Files\Dell\Media Experience\PCMService.exe

C:\Program Files\Logitech\MouseWare\system\em_exec.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Scansoft\PaperPort\pptd40nt.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\PROGRA~1\TELUSE~1\SMARTB~1\MotiveSB.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll

O2 - BHO: (no name) - {293FEEA7-B478-5F23-F8C1-A2327C5CFF24} - C:\DOCUME~1\1312ET~1\APPLIC~1\FRAGJU~1\Time bias.exe (file missing)

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: (no name) - {72FC1B01-29A6-5B7B-AEF8-B9D4B88967E8} - C:\DOCUME~1\Pulak\APPLIC~1\FRAGJU~1\Time bias.exe (file missing)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: (no name) - {C595C8ED-0950-9D59-3911-B207453FDC12} - C:\DOCUME~1\Pulak\APPLIC~1\FRAGJU~1\Time bias.exe (file missing)

O3 - Toolbar: FunBar - {2CA511C5-C677-4e33-A018-EADF07E08299} - C:\PROGRA~1\FUNBAR~1.01\funbar.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"

O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe

O4 - HKLM\..\Run: [indexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe

O4 - HKLM\..\Run: [setDefPrt] C:\Program Files\Brother\Brmfl03a\BrStDvPt.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [five mail rdr link] C:\Documents and Settings\All Users\Application Data\Chic intra five mail\PART HOLD.exe

O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\TELUSE~1\SMARTB~1\MotiveSB.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKCU\..\Run: [MSKAGENTEXE] c:\PROGRA~1\mcafee\SPAMKI~1\mskagent.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CamTray.exe

O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: AOL 8.0 Tray Icon.lnk = C:\Program Files\AOL 8.0\aoltray.exe

O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Corel\Graphics8\Programs\MFIndexer.exe

O4 - Global Startup: Digital Line Detect.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: SmartUI.lnk = ?

O4 - Global Startup: TELUS eCare.lnk = C:\Program Files\TELUS eCare\bin\matcli.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633

O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://gsn.worldwinner.com/games/v46/share...GamesLoader.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab

O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - http://chat.yahoo.com/cab/yacsui.cab

O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab

O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/m...,21/mcgdmgr.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\SYSTEM32\Brmfrmps.exe" -service (file missing)

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h cltCommon (file missing)

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe

O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Thanks for your help

Joe

Link to post
Share on other sites

  • Root Admin

Hi there Joe,

Please download, install, and update AVG Anti-Spyware (http://www.ewido.net/en/download/)

Load AVG Anti-Spyware and then click the "Update" tab at the top. Under Manual Update click Start update.

After the update finishes (the status bar at the bottom will display "Update successful")

Click on the "Scanner" tab at the top and then click on "Complete System Scan".

  • AVG Anti-Spyware will list any infections found on the left hand side. When the scan has finished, it will automatically set the recommended action. Click the Apply all actions button. AVG Anti-Spyware will display "All actions have been applied" on the right hand side.
  • Click on Save Report, then Save Report As. This will create a text file. Make sure you save this file where you can find this it again (like on the Desktop).

Restart your computer and post the contents of the AVG Anti-Spyware text report that you saved and a fresh HijackThislog. However, for HijackThis, please follow the instructions below.

Download 'Hijack This!' 2.0.0.0. http://www.trendsecure.com/portal/en-US/th...JackThis_v2.exe

Save it in a convenient permanent folder such as C:\HJT\, double click HijackThis.exe, and hit "Do a system scan and save a logfile".

When the Notepad window opens, do Ctrl-A to Select All, and copy its contents here. Most of what it lists will be harmless or even essential, don't fix anything yet.

Link to post
Share on other sites

Hi its me again I did all the steps you suggested and here are the results

AVG Anti-Spyware - Scan Report

---------------------------------------------------------

+ Created at: 5:13:12 PM 24/04/2007

+ Scan result:

C:\WINDOWS\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.Downloader.Win32.PopCap.a : Ignored.

C:\Documents and Settings\Pulak\Cookies\pulak@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.

:mozilla.277:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.278:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.279:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.70:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.71:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

C:\Documents and Settings\13 12 E t T\Cookies\13 12 e t t@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@bookspan.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@cbs.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@dillards.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@ge.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@geosign.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@multiply.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@sento.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@shopping.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@skyauction.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Cleaned.

:mozilla.31:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Adobe : Cleaned.

:mozilla.108:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.

:mozilla.109:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.

:mozilla.78:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.

:mozilla.79:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.

:mozilla.85:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@adrevolver[3].txt -> TrackingCookie.Adrevolver : Cleaned.

:mozilla.141:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.

:mozilla.145:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.

:mozilla.21:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.

:mozilla.22:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.

:mozilla.100:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.101:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.105:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.106:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.107:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.82:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.84:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.87:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.88:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.89:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.90:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.91:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.92:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.93:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.94:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.95:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.96:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.97:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.98:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.99:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.65:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.

:mozilla.65:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.

C:\Documents and Settings\13 12 E t T\Cookies\13 12 e t t@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.

:mozilla.111:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@ads.bridgetrack[1].txt -> TrackingCookie.Bridgetrack : Cleaned.

:mozilla.23:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.

C:\Documents and Settings\13 12 E t T\Cookies\13 12 e t t@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned.

C:\Documents and Settings\Guest\Cookies\guest@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned.

:mozilla.62:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.

C:\Documents and Settings\13 12 E t T\Cookies\13 12 e t t@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.

:mozilla.244:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.

:mozilla.291:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.

:mozilla.293:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.

:mozilla.49:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.

:mozilla.50:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.

:mozilla.51:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.

:mozilla.52:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.

:mozilla.53:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@centrport[1].txt -> TrackingCookie.Centrport : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned.

:mozilla.77:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@stat.dealtime[1].txt -> TrackingCookie.Dealtime : Cleaned.

:mozilla.16:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.

:mozilla.20:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@e-2dj6wjmiagcjolo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.

:mozilla.294:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.

:mozilla.295:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.

:mozilla.296:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.

:mozilla.297:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.

:mozilla.298:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.

:mozilla.238:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.

:mozilla.35:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.

:mozilla.36:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@media.fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@media.fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.

:mozilla.175:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Findwhat : Cleaned.

:mozilla.176:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Gator : Cleaned.

:mozilla.177:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Gator : Cleaned.

:mozilla.178:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Gator : Cleaned.

:mozilla.24:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Gator : Cleaned.

:mozilla.25:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Gator : Cleaned.

:mozilla.26:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Gator : Cleaned.

:mozilla.124:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.286:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.287:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.30:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.16:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.

:mozilla.17:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.

:mozilla.18:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.

:mozilla.19:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.

:mozilla.254:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.

:mozilla.274:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@ehg-bestbuy.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@ehg-bluegreencorp.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@ehg-cruiseshipcenters.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@ehg-ctv.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@ehg-dig.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@ehg-gameshownet.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@ehg-mybc.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@ehg-yellowpages.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@counter.hitslink[1].txt -> TrackingCookie.Hitslink : Cleaned.

:mozilla.63:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.

:mozilla.64:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.

:mozilla.22:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.

:mozilla.23:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@search.live[1].txt -> TrackingCookie.Live : Cleaned.

:mozilla.168:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.

:mozilla.266:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.

:mozilla.267:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.

:mozilla.268:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.

C:\Documents and Settings\13 12 E t T\Cookies\13 12 e t t@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@server.lon.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.

:mozilla.159:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Lop : Cleaned.

:mozilla.197:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Lop : Cleaned.

:mozilla.14:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.

:mozilla.40:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.

:mozilla.149:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned.

:mozilla.150:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned.

C:\Documents and Settings\Guest\Cookies\guest@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Cleaned.

:mozilla.179:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Overture : Cleaned.

:mozilla.180:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Overture : Cleaned.

:mozilla.230:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Overture : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@overture[1].txt -> TrackingCookie.Overture : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.

:mozilla.281:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.

:mozilla.282:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.

:mozilla.283:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.

:mozilla.290:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.

:mozilla.54:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.

:mozilla.55:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.

:mozilla.56:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.

:mozilla.57:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.

:mozilla.239:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned.

:mozilla.240:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@pro-market[2].txt -> TrackingCookie.Pro-market : Cleaned.

:mozilla.163:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.

:mozilla.164:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.

:mozilla.34:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.

:mozilla.103:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.

:mozilla.104:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@realmedia[2].txt -> TrackingCookie.Realmedia : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@realmedia[2].txt -> TrackingCookie.Realmedia : Cleaned.

:mozilla.19:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.

:mozilla.226:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@revenue[2].txt -> TrackingCookie.Revenue : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@revsci[2].txt -> TrackingCookie.Revsci : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned.

:mozilla.192:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.193:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.194:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.195:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.

:mozilla.172:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.

:mozilla.173:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@targetnet[2].txt -> TrackingCookie.Targetnet : Cleaned.

:mozilla.213:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.

:mozilla.214:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.

:mozilla.215:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.

:mozilla.216:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.

:mozilla.29:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.

:mozilla.30:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.

:mozilla.31:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.

:mozilla.32:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@trafic[1].txt -> TrackingCookie.Trafic : Cleaned.

:mozilla.196:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@reduxads.valuead[2].txt -> TrackingCookie.Valuead : Cleaned.

:mozilla.80:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.

:mozilla.86:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@valueclick[2].txt -> TrackingCookie.Valueclick : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@m.webtrends[1].txt -> TrackingCookie.Webtrends : Cleaned.

:mozilla.34:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.

:mozilla.35:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned.

:mozilla.33:C:\Documents and Settings\13 12 E t T\Application Data\Mozilla\Firefox\Profiles\ts1pzue6.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.

C:\Documents and Settings\13 12 E t T\Cookies\13 12 e t t@yadro[1].txt -> TrackingCookie.Yadro : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.

:mozilla.74:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.

:mozilla.75:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.

:mozilla.76:C:\Documents and Settings\Pulak\Application Data\Mozilla\Firefox\Profiles\n1a8srpx.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.

C:\Documents and Settings\Deanna's Account\Cookies\deanna's account@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@c3.zedo[1].txt -> TrackingCookie.Zedo : Cleaned.

C:\Documents and Settings\Pulak\Cookies\pulak@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.

::Report end

Thanks

Joe

Link to post
Share on other sites

here is the hijack this log

Joe

Logfile of Trend Micro HijackThis v2.0.0 (BETA)

Scan saved at 5:28:00 PM, on 24/04/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

C:\WINDOWS\System32\brsvc01a.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\brss01a.exe

C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\WINDOWS\SYSTEM32\Brmfrmps.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\WINDOWS\System32\CTsvcCDA.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\wanmpsvc.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\DSentry.exe

C:\Program Files\Dell\Media Experience\PCMService.exe

C:\Program Files\Logitech\MouseWare\system\em_exec.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Scansoft\PaperPort\pptd40nt.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\PROGRA~1\TELUSE~1\SMARTB~1\MotiveSB.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\DOCUME~1\Pulak\LOCALS~1\Temp\Temporary Directory 1 for HiJackThis_v2.zip\HiJackThis_v2.exe

C:\DOCUME~1\Pulak\LOCALS~1\Temp\Temporary Directory 2 for HiJackThis_v2.zip\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll

O2 - BHO: (no name) - {293FEEA7-B478-5F23-F8C1-A2327C5CFF24} - C:\DOCUME~1\1312ET~1\APPLIC~1\FRAGJU~1\Time bias.exe (file missing)

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: (no name) - {72FC1B01-29A6-5B7B-AEF8-B9D4B88967E8} - C:\DOCUME~1\Pulak\APPLIC~1\FRAGJU~1\Time bias.exe (file missing)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: (no name) - {C595C8ED-0950-9D59-3911-B207453FDC12} - C:\DOCUME~1\Pulak\APPLIC~1\FRAGJU~1\Time bias.exe (file missing)

O3 - Toolbar: FunBar - {2CA511C5-C677-4e33-A018-EADF07E08299} - C:\PROGRA~1\FUNBAR~1.01\funbar.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"

O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe

O4 - HKLM\..\Run: [indexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe

O4 - HKLM\..\Run: [setDefPrt] C:\Program Files\Brother\Brmfl03a\BrStDvPt.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [five mail rdr link] C:\Documents and Settings\All Users\Application Data\Chic intra five mail\PART HOLD.exe

O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\TELUSE~1\SMARTB~1\MotiveSB.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [MSKAGENTEXE] c:\PROGRA~1\mcafee\SPAMKI~1\mskagent.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CamTray.exe

O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: AOL 8.0 Tray Icon.lnk = C:\Program Files\AOL 8.0\aoltray.exe

O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Corel\Graphics8\Programs\MFIndexer.exe

O4 - Global Startup: Digital Line Detect.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: SmartUI.lnk = ?

O4 - Global Startup: TELUS eCare.lnk = C:\Program Files\TELUS eCare\bin\matcli.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633

O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://gsn.worldwinner.com/games/v46/share...GamesLoader.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab

O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - http://chat.yahoo.com/cab/yacsui.cab

O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab

O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/m...,21/mcgdmgr.cab

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll

O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\SYSTEM32\Brmfrmps.exe

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe

O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--

End of file - 14224 bytes

Link to post
Share on other sites

  • Root Admin

Good job Joe. First, please move HijackThis into its own directory. Do not run it from a zipfile. Then open HijackThis from its new directory and place a checkmark next to the following items.

O2 - BHO: (no name) - {293FEEA7-B478-5F23-F8C1-A2327C5CFF24} - C:\DOCUME~1\1312ET~1\APPLIC~1\FRAGJU~1\Time bias.exe (file missing)

O2 - BHO: (no name) - {72FC1B01-29A6-5B7B-AEF8-B9D4B88967E8} - C:\DOCUME~1\Pulak\APPLIC~1\FRAGJU~1\Time bias.exe (file missing)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {C595C8ED-0950-9D59-3911-B207453FDC12} - C:\DOCUME~1\Pulak\APPLIC~1\FRAGJU~1\Time bias.exe (file missing)

O3 - Toolbar: FunBar - {2CA511C5-C677-4e33-A018-EADF07E08299} - C:\PROGRA~1\FUNBAR~1.01\funbar.dll

Also place a checkmark next to the following items (after you read the descriptions).

O4 - HKLM\..\Run: [five mail rdr link] C:\Documents and Settings\All Users\Application Data\Chic intra five mail\PART HOLD.exe <----- Do you have any idea what this is?

If you did not set these restrictions, place a checkmark next to these

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

Finally, select Fix Checked. Restart your computer and post a new log. How is the computer running now?

Link to post
Share on other sites

Thanks alot the funbar message no longer comes up. Here is the new log.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)

Scan saved at 7:15:00 PM, on 24/04/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

C:\WINDOWS\System32\brsvc01a.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\brss01a.exe

C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\WINDOWS\SYSTEM32\Brmfrmps.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\WINDOWS\System32\CTsvcCDA.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\wanmpsvc.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\DSentry.exe

C:\Program Files\Dell\Media Experience\PCMService.exe

C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe

C:\Program Files\Logitech\MouseWare\system\em_exec.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Scansoft\PaperPort\pptd40nt.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\PROGRA~1\TELUSE~1\SMARTB~1\MotiveSB.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Creative\Shared Files\CamTray.exe

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Corel\Graphics8\Programs\MFIndexer.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe

C:\Program Files\TELUS eCare\bin\mpbtn.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE

C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe

C:\Documents and Settings\Pulak\Desktop\HiJackThis_v2.exe

C:\WINDOWS\system32\HPZinw12.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"

O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe

O4 - HKLM\..\Run: [indexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe

O4 - HKLM\..\Run: [setDefPrt] C:\Program Files\Brother\Brmfl03a\BrStDvPt.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\TELUSE~1\SMARTB~1\MotiveSB.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [MSKAGENTEXE] c:\PROGRA~1\mcafee\SPAMKI~1\mskagent.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CamTray.exe

O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: AOL 8.0 Tray Icon.lnk = C:\Program Files\AOL 8.0\aoltray.exe

O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Corel\Graphics8\Programs\MFIndexer.exe

O4 - Global Startup: Digital Line Detect.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: SmartUI.lnk = ?

O4 - Global Startup: TELUS eCare.lnk = C:\Program Files\TELUS eCare\bin\matcli.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633

O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://gsn.worldwinner.com/games/v46/share...GamesLoader.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab

O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - http://chat.yahoo.com/cab/yacsui.cab

O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab

O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/m...,21/mcgdmgr.cab

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll

O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\SYSTEM32\Brmfrmps.exe

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe

O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--

End of file - 13694 bytes

Now I know there is a lot of stuff on here that I don't need. Is there any where I can go to understand what all these lines mean without bothering you?

Thanks again

Joe

Link to post
Share on other sites

Hi,

O4 - HKLM\..\Run: [five mail rdr link] C:\Documents and Settings\All Users\Application Data\Chic intra five mail\PART HOLD.exe <----- Do you have any idea what this is?

lop infection

http://research.sunbelt-software.com/threa...p;threatid=8144

http://sarc.com/avcenter/venc/data/adware.lop.html

http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=59266

http://vil.nai.com/vil/content/v_120626.htm

Bye,

Link to post
Share on other sites

  • Root Admin

Thanks Nick, Joe, please delete the following folders.

C:\Program Files\FunBar 1.01

C:\Documents and Settings\All Users\Application Data\Chic intra five mail

Next, please download StartUpLite from http://www.malwarebytes.org/startuplite.php. Download and run the application. It will tell you which items are unnecessary to startup. You can choose which items to disable and which items not to.

After that, restart your computer. Please tell me how your computer is running now.

Link to post
Share on other sites

OK I downladed the program and there are no messages popping up. The computer is working fine but don't notice any marked improvement on start up. But that's OK Thanks alot for your help and I will be in touch to help me with my work computer(Kids old computer extremely slow)

Joe

Link to post
Share on other sites

 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.