MBAM Logs Now, Rest To Follow Soon

[Xypheri]

Hello!

I have here probably one of the most infected computers I've worked on in recent memory. Its been a challenge, but I think I'm almost there. I had a piece of malware that would prevent anti-malware programs from operating. I stopped the service responsible for that, and was able to use Spybot and MBAM without issue, but I know this computer is still pretty infected and I'm having a difficult time cleaning it

Here are my MBAM results, and Panda is running now. Then I'll post the HJT log.

I thank you for your help in advance.

Malwarebytes' Anti-Malware 1.31Database version: 1488Windows 5.1.2600 Service Pack 2
12/11/2008 1:13:23 AMmbam-log-2008-12-11 (01-13-22).txt
Scan type: Quick ScanObjects scanned: 65379Time elapsed: 7 minute(s), 9 second(s)
Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 1Registry Data Items Infected: 0Folders Infected: 0Files Infected: 1
Memory Processes Infected:(No malicious items detected)
Memory Modules Infected:(No malicious items detected)
Registry Keys Infected:(No malicious items detected)
Registry Values Infected:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Gamma Display (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registry Data Items Infected:(No malicious items detected)
Folders Infected:(No malicious items detected)
Files Infected:C:\Documents and Settings\Clint and Karen\Start Menu\Programs\Startup\Rapid Antivirus.lnk (Rogue.RapidAntivirus) -> Quarantined and deleted successfully.

[Xypheri]

Here is the HiJack This log:

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:28:59 AM, on 12/11/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16735)Boot mode: Normal
Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\spoolsv.exec:\program files\common files\logitech\lvmvfm\LVPrcSrv.exeC:\Acer\Empowering Technology\ePerformance\MemCheck.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exeC:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exeC:\Program Files\Intel\Wireless\Bin\RegSrvc.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\wbem\wmiapsrv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\ehome\ehtray.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\AGRSMMSG.exeC:\WINDOWS\system32\igfxtray.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\Program Files\Launch Manager\LaunchAp.exeC:\Program Files\Launch Manager\HotkeyApp.exeC:\Program Files\Launch Manager\OSDCtrl.exeC:\Program Files\Launch Manager\Wbutton.exeC:\Acer\Empowering Technology\eDataSecurity\eDSloader.exeC:\Acer\Empowering Technology\ePower\ePower_DMC.exeC:\Acer\Empowering Technology\ePresentation\ePresentation.exeC:\Acer\Empowering Technology\eRecovery\eRAgent.exeC:\WINDOWS\system32\LVCOMSX.EXEC:\Program Files\Acer\OrbiCam\CameraAssistant.exeC:\WINDOWS\system32\ElkCtrl.exeC:\Program Files\Java\jre1.6.0_07\bin\jusched.exeC:\Program Files\Lexmark 2400 Series\lxcrmon.exeC:\Program Files\Lexmark 2400 Series\ezprint.exeC:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\ESET\ESET NOD32 Antivirus\egui.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\WINDOWS\system32\ctfmon.exeC:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exeC:\WINDOWS\system32\lxcrcoms.exeC:\WINDOWS\system32\wbem\unsecapp.exeC:\Program Files\OpenOffice.org 2.1\program\soffice.exeC:\Program Files\OpenOffice.org 2.1\program\soffice.BINC:\WINDOWS\eHome\ehSched.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\system32\dllhost.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\WINDOWS\eHome\ehmsas.exeC:\WINDOWS\system32\NOTEPAD.EXEC:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/O1 - Hosts: 217.20.175.74 www.review.2009softwarereviews.comO1 - Hosts: 217.20.175.74 review.2009softwarereviews.comO1 - Hosts: 217.20.175.74 www.a1.review.zdnet.comO1 - Hosts: 217.20.175.74 a1.review.zdnet.comO1 - Hosts: 217.20.175.74 www.d1.reviews.cnet.comO1 - Hosts: 217.20.175.74 d1.reviews.cnet.comO1 - Hosts: 217.20.175.74 www.reviews.toptenreviews.comO1 - Hosts: 217.20.175.74 reviews.toptenreviews.comO1 - Hosts: 217.20.175.74 www.reviews.download.comO1 - Hosts: 217.20.175.74 reviews.download.comO1 - Hosts: 217.20.175.74 www.reviews.pcadvisor.co.ukO1 - Hosts: 217.20.175.74 reviews.pcadvisor.co.ukO1 - Hosts: 217.20.175.74 www.reviews.pcmag.comO1 - Hosts: 217.20.175.74 reviews.pcmag.comO1 - Hosts: 217.20.175.74 www.reviews.pcpro.co.ukO1 - Hosts: 217.20.175.74 reviews.pcpro.co.ukO1 - Hosts: 217.20.175.74 www.reviews.reevoo.comO1 - Hosts: 217.20.175.74 reviews.reevoo.comO1 - Hosts: 217.20.175.74 www.reviews.riverstreams.co.ukO1 - Hosts: 217.20.175.74 reviews.riverstreams.co.ukO1 - Hosts: 217.20.175.74 www.reviews.techradar.comO1 - Hosts: 217.20.175.74 reviews.techradar.comO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dllO2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dllO3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dllO3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dllO4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exeO4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exeO4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exeO4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exeO4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exeO4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNCO4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNCO4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMENameO4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exeO4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exeO4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exeO4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exeO4 - HKLM\..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exeO4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exeO4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exeO4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXEO4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exeO4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspectO4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automationO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osbootO4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitserviceO4 - HKLM\..\Run: [TrialReset] C:\WINDOWS\fix.exeO4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exeO4 - Global Startup: Acer Empowering Technology.lnk = ?O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cabO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exeO23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeO23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exeO23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exeO23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exeO23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXEO23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exeO23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exeO23 - Service: lxcr_device -   - C:\WINDOWS\system32\lxcrcoms.exeO23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exeO23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exeO23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exeO23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--End of file - 12690 bytes

[Xypheri]

Panda Active Scan Log

;***********************************************************************************************************************************************************************************ANALYSIS: 2008-12-11 10:36:01PROTECTIONS: 1MALWARE: 41SUSPECTS: 0;***********************************************************************************************************************************************************************************PROTECTIONSDescription								  Version					   Active	Updated;===================================================================================================================================================================================ESET NOD32 Antivirus 3.0					 3.0						   Yes	   Yes;===================================================================================================================================================================================MALWAREId		Description						Type				Active	Severity  Disinfectable  Disinfected Location;===================================================================================================================================================================================00139059  Cookie/Traffic Marketplace		 TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@trafficmp[1].txt00139059  Cookie/Traffic Marketplace		 TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@trafficmp[1].txt00139064  Cookie/Atlas DMT				   TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@atdmt[2].txt00145405  Cookie/RealMedia				   TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@247realmedia[1].txt00145731  Cookie/Tribalfusion				TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@tribalfusion[1].txt00145732  Cookie/Falkag					  TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@as-eu.falkag[2].txt00145738  Cookie/Mediaplex				   TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@mediaplex[2].txt00167430  Cookie/myaffiliateprogram		  TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@www.myaffiliateprogram[1].txt00167642  Cookie/Com.com					 TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@com[1].txt00167704  Cookie/Xiti						TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@xiti[1].txt00167749  Cookie/Toplist					 TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@toplist[1].txt00168048  Cookie/Overture					TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@perf.overture[1].txt00168090  Cookie/Serving-sys				 TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@serving-sys[1].txt00168090  Cookie/Serving-sys				 TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@serving-sys[1].txt00168093  Cookie/Serving-sys				 TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@bs.serving-sys[1].txt00168106  Cookie/Weborama					TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@weborama[1].txt00168106  Cookie/Weborama					TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@weborama[1].txt00168109  Cookie/Adtech					  TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@adtech[2].txt00168110  Cookie/Server.iad.Liveperson	   TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@server.iad.liveperson[1].txt00168114  Cookie/onestat.com				 TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@stat.onestat[2].txt00169190  Cookie/Advertising				 TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@advertising[2].txt00169190  Cookie/Advertising				 TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@advertising[1].txt00170495  Cookie/PointRoll				   TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@ads.pointroll[2].txt00170554  Cookie/Overture					TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@overture[1].txt00170556  Cookie/RealMedia				   TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@realmedia[1].txt00171982  Cookie/QuestionMarket			  TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@questionmarket[2].txt00171982  Cookie/QuestionMarket			  TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@questionmarket[1].txt00172221  Cookie/Zedo						TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@zedo[2].txt00172449  Cookie/MetriWeb					TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@metriweb[1].txt00173520  Cookie/Bluestreak				  TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@bluestreak[2].txt00194327  Cookie/Go						  TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@go[1].txt00194327  Cookie/Go						  TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@go[3].txt00207338  Cookie/Target					  TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@target[1].txt00262020  Cookie/Atwola					  TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@atwola[1].txt00286739  Cookie/Hitbox					  TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@ehg-dig.hitbox[1].txt00293517  Cookie/AdDynamix				   TrackingCookie	  No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@ads.addynamix[2].txt00413318  Application/Antivirus2010		  HackTools		   No		0		 Yes			No		   C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\SO1VBJSS\svchost[1].exe00413318  Application/Antivirus2010		  HackTools		   No		0		 Yes			No		   C:\system volume information\_restore{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP184\A0030223.EXE00444112  Bck/Tdss.C						 Virus/Trojan		No		0		 Yes			No		   C:\system volume information\_restore{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP184\A0030220.SYS00449733  Bck/Tdss.C						 Virus/Trojan		No		0		 Yes			No		   C:\system volume information\_restore{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP184\A0030216.DLL00455834  Adware/RapidAntivirus			  Adware			  No		0		 Yes			No		   C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\W9MV4HIV\6002[1].exe03939308  Adware/XPAntiSpyware2009		   Adware			  No		1		 Yes			No		   C:\system volume information\_restore{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP184\A0030217.DLL03939310  Adware/UltimateDefender			Adware			  No		0		 Yes			No		   C:\system volume information\_restore{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP184\A0030218.DLL04181111  Generic Trojan					 Virus/Trojan		No		0		 Yes			No		   F:\SYSTEM.EXE04181111  Generic Trojan					 Virus/Trojan		No		0		 Yes			No		   C:\system volume information\_restore{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP184\A0030221.EXE04181111  Generic Trojan					 Virus/Trojan		No		0		 Yes			No		   C:\Documents and Settings\Clint and Karen\Local Settings\Temporary Internet Files\Content.IE5\0HONGVWF\load[1].exe04206933  Generic Trojan					 Virus/Trojan		No		0		 Yes			No		   C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\6DT9YZ01\AV2010[1].exe04206933  Generic Trojan					 Virus/Trojan		No		0		 Yes			No		   C:\system volume information\_restore{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP184\A0030222.EXE04224900  Generic Trojan					 Virus/Trojan		No		0		 Yes			No		   C:\system volume information\_restore{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP184\A0030219.DLL04235143  Trj/Downloader.MDW				 Virus/Trojan		No		1		 Yes			No		   C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GPABGHIZ\mmm[1].exe04310274  Generic Trojan					 Virus/Trojan		No		0		 Yes			No		   C:\system volume information\_restore{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP184\A0030215.DLL04310274  Generic Trojan					 Virus/Trojan		No		0		 Yes			No		   C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\F86M6LY6\IEDefender[1].dll;===================================================================================================================================================================================SUSPECTSSent	  Location																																																																																																																											  };===================================================================================================================================================================================;===================================================================================================================================================================================VULNERABILITIESId		Severity   Description																																																																																																																								};===================================================================================================================================================================================;===================================================================================================================================================================================