DaniWeb IT Discussion Community - Need Help With Drop Spam

DaniWeb IT Discussion Community (http://www.daniweb.com/forums/index.php)

- Viruses, Spyware and other Nasties (http://www.daniweb.com/forums/forum64.html)

- - Need Help With Drop Spam (http://www.daniweb.com/forums/thread49194.html)

Need Help With Drop Spam

I think I have tons of spyware/adware on my PC. Can someone help me get rid of this?

Re: Need Help With Drop Spam

Download HijackThis (current verison is v1.99.1)

or here (Alternate 1, a self-extracting zip file)
or here (Alternate 2, an *.exe file)

Make a new folder to put your HijackThis.exe into.

(Anywhere on your hard drive is fine other than your Desktop or the Temp folder. Suitable examples are:

C:HijackThis
C:Programshijackthis
C:WindowsMy DocumentsHJT

but feel free to use any name.)

Extract and save the HijackThis download to the new folder you made. Then navigate to it and run HijackThis from there. (This is to ensure it makes the necessary backups for recovery if fixes are made) Then, doubleclick HijackThis.exe, and click Scan.

When the scan is finished, the "Scan" button will change into a "Save Log" button. Press that and copy & paste its contents in your reply. Most of what it lists will be harmless or even essential, don't try to fix anything yourself.

Thanks.

Re: Need Help With Drop Spam

Thanks. Here's my log:

Logfile of HijackThis v1.99.1
Scan saved at 2:21:51 PM, on 7/3/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\1103629124\ee\services\sscFirewallPlugin\ver1_10_3_1\aolavupd.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpoopm07.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Common Files\AOL\1103629124\ee\services\sscAntiSpywarePlugin\ver1_10_3_1\AOLSP Scheduler.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\DropSpam\oesrv.exe
C:\Program Files\dslifestyle\dslifestyle.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\PROGRA~1\mcafee.com\ANTIVI~1\mcinsupd.exe
C:\WINDOWS\TEMP\mca1603.tmp\avdat.exe
C:\PROGRA~1\mcafee.com\ANTIVI~1\mcinsupd.exe
C:\WINDOWS\TEMP\mca1607.tmp\avdat.exe
C:\PROGRA~1\mcafee.com\ANTIVI~1\mcinsupd.exe
C:\WINDOWS\TEMP\mca160B.tmp\avdat.exe
C:\PROGRA~1\mcafee.com\ANTIVI~1\mcinsupd.exe
C:\WINDOWS\TEMP\mca160F.tmp\avdat.exe
C:\PROGRA~1\mcafee.com\ANTIVI~1\mcinsupd.exe
C:\WINDOWS\TEMP\mca1615.tmp\avdat.exe
C:\PROGRA~1\mcafee.com\ANTIVI~1\mcinsupd.exe
C:\WINDOWS\TEMP\mca1619.tmp\avdat.exe
C:\PROGRA~1\mcafee.com\ANTIVI~1\mcinsupd.exe
C:\WINDOWS\TEMP\mca161D.tmp\avdat.exe
C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
C:\PROGRA~1\mcafee.com\ANTIVI~1\OasClnt.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://sidesearch.dropspam.com/sidesearch.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://sidesearch.dropspam.com/sidesearch.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://sidesearch.dropspam.com/sidesearch.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://sidesearch.dropspam.com/sidesearch.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://as.starware.com/dp/search?x=w...yFTv8Row33lCQ=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - - (no file)
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_1/home.html"); (C:\Documents and Settings\laaiqa\Application Data\Mozilla\Profiles\default\akv6je7a.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\laaiqa\Application Data\Mozilla\Profiles\default\akv6je7a.slt\prefs.js)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Drop Spam Toolbar - {2DEA8791-C2B7-48E1-8992-8E8E6A6FE789} - C:\Program Files\DropSpam\ewwie.dll
O2 - BHO: PaltalkWebLogin - {502C3BA4-2C3E-4317-BC29-C0445E82B1F9} - C:\Program Files\Common Files\Paltalk\PaltalkWebLogin.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Drop Spam Toolbar - {2DEA8791-C2B7-48E1-8992-8E8E6A6FE789} - C:\Program Files\DropSpam\ewwie.dll
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [HPAIO_PrintFolderMgr] C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpoopm07.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [DDCM] "C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" -Background
O4 - HKLM\..\Run: [DDCActiveMenu] "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -boot
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\WINDOWS\system32\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [AOLSPScheduler] C:\Program Files\Common Files\AOL\1103629124\ee\services\sscAntiSpywarePlugin\ver1_10_3_1\AOLSP Scheduler.exe
O4 - HKLM\..\Run: [sscRun] C:\Program Files\Common Files\AOL\1103629124\ee\services\sscFirewallPlugin\ver1_10_3_1\SSCRun.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\mcafee.com\antivirus\oasclnt.exe
O4 - HKLM\..\Run: [EmailScan] C:\Program Files\mcafee.com\antivirus\mcvsescn.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1103629124\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [oe_drop_spam] C:\Program Files\DropSpam\oesrv.exe
O4 - HKLM\..\Run: [DropSpam Lifestyle] "C:\Program Files\dslifestyle\dslifestyle.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar3.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {B6E649FA-5461-40d7-AB4D-54FC3C8DB767} - C:\Program Files\DropSpam\ewwie.dll
O9 - Extra 'Tools' menuitem: Looksitup Toolbar - {B6E649FA-5461-40d7-AB4D-54FC3C8DB767} - C:\Program Files\DropSpam\ewwie.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .pps: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O12 - Plugin for .xml: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O16 - DPF: {01CA75F1-054B-4A63-9221-C6926369EC52} (HS_live Control) - http://install.homestead.com/~site/InstallFiles/SIFiles/lpxlive/HS_live.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {3DA5D23B-EFE1-4181-ADB7-7D457567AACA} (TGOnlineCtrl Class) - http://zone.msn.com/bingame/pacz/default/pandaonline.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.pw.aol.com/molbin/shared/mcinsctl/en-us/4,0,0,77/mcinsctl.cab
O16 - DPF: {528C14CD-CF9E-489C-A365-5999F17B69B9} (LightSurfUploadCtl Class) - http://pictures.sprintpcs.com/activex/LightSurfUploadControl.cab
O16 - DPF: {60EFC337-15C2-4369-B2A0-3429B071D8B8} (Hewlett-Packard Printer Diagnostics) - http://h20278.www2.hp.com/HPISWeb/Customer/cabs/HPISWebManager.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1134744444778
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.pw.aol.com/molbin/shared/mcgdmgr/en-us/1,0,0,18/mcgdmgr.cab
O16 - DPF: {BDF9A7C7-F4DC-455D-B5C2-045D74788295} (AOLRegistrationWizard Control) - https://free.aol.com/tryaolfree/wr6_pcbackup/AOLRegistrationWizard.cab
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) -
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} (SCEWebLauncherCtl Object) - http://zone.msn.com/bingame/hsol/default/SCEWebLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?326
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX/kdx.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Antivirus Update Service (aolavupd) - America Online - C:\Program Files\Common Files\AOL\1103629124\ee\services\sscFirewallPlugin\ver1_10_3_1\aolavupd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: Symantec Proxy Service (ccPxySvc) - Unknown owner - C:\Program Files\Norton Internet Security\ccPxySvc.exe (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee McShield (McShield) - McAfee Inc. - C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Unknown owner - C:\Program Files\Norton Internet Security\NISUM.EXE (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - Unknown owner - C:\WINDOWS\system32\pctspk.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Re: Need Help With Drop Spam

If anyone can help me with this I would really appreciate it!

Re: Need Help With Drop Spam

Hi, I am sorry I missed you.

Please run HJT again, and check these items.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://sidesearch.dropspam.com/sidesearch.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://sidesearch.dropspam.com/sidesearch.htm

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://sidesearch.dropspam.com/sidesearch.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://sidesearch.dropspam.com/sidesearch.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://as.starware.com/dp/search?x=w...yFTv8Row33lCQ=

R3 - URLSearchHook: (no name) - - (no file)

O2 - BHO: Drop Spam Toolbar - {2DEA8791-C2B7-48E1-8992-8E8E6A6FE789} - C:\Program Files\DropSpam\ewwie.dll

O3 - Toolbar: Drop Spam Toolbar - {2DEA8791-C2B7-48E1-8992-8E8E6A6FE789} - C:\Program Files\DropSpam\ewwie.dll

O4 - HKLM\..\Run: [DDCM] "C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" -Background

O4 - HKLM\..\Run: [DDCActiveMenu] "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -boot

O4 - HKLM\..\Run: [oe_drop_spam] C:\Program Files\DropSpam\oesrv.exe

O4 - HKLM\..\Run: [DropSpam Lifestyle] "C:\Program Files\dslifestyle\dslifestyle.exe"

O9 - Extra button: (no name) - {B6E649FA-5461-40d7-AB4D-54FC3C8DB767} - C:\Program Files\DropSpam\ewwie.dll

O9 - Extra 'Tools' menuitem: Looksitup Toolbar - {B6E649FA-5461-40d7-AB4D-54FC3C8DB767} - C:\Program Files\DropSpam\ewwie.dll

O16 - DPF: {01CA75F1-054B-4A63-9221-C6926369EC52} (HS_live Control) - http://install.homestead.com/~site/I...ve/HS_live.cab

Click Fix Checked.
_______________________________________________________

Please go to Start>Control Panel>Add\Remove Programs and uninstall ([If found).

dslifestyle
DropSpam

Then boot into safe mode and delte these folders

C:\Program Files\DropSpam\

C:\Program Files\dslifestyle\

C:\WINDOWS\TEMP

Empty Recycle Bin

If you get an access denied error please boot into safe mode to delete the folders

________________________________________________________

Please download and install ewido anti-spyware tool

Close all other Applications Select language click Ok
Click I Agree
Click next
Click Install
Click Finish
Wait Ewido will open main screen automatically.
Wait again a few minutes and Ewido Should Auto update itself. If it doesn't click update at top of screen.
This in very important to get updates
When updating has finished. Close Ewido.

If you have an "always on" connection to the internet, physically disconnect that connection until you are finished with Safe Mode and have rebooted back into normal mode.

Next, please reboot your computer in Safe Mode by doing the following:
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
Instead of Windows loading as normal, a menu should appear use arrow up to highlight
Select the first option, to run Windows in Safe Mode hit enter.
For additional help in booting into Safe Mode, see the following site: HERE

You MUST manage to get into Safe Mode for the fix to work.

Make sure to close all open windows/programs/folders. Have nothing else open while ewido performs its scan!

Open Ewido
Click on scanner top of Ewido sceen
Click on Settings
Under How to Act click on Recommended Action choose Quarantine
Under How to scan all boxes should be selected
Under Possibly unwanted software all boxes should be selected
On right side under Reports: click on Automatically generate report after every scan.
Under What to scan select scan every file
Click On scan Tab
Click on Complete system scan
Let the program scan the machine It can take awhile give it time.
When scan has finished At bottom of screen click Apply all Actions
Click Save report
Click Save Report as (Save as window's screen should pop up.)
Click desktop
Click Save
Exit ewido

Reboot back to normal mode

___________________________________________________________
Post a new HJT log, and the ewido log

Re: Need Help With Drop Spam

Ok here's my ewido and hjt logs:

ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 8:01:18 PM 7/7/2006

+ Scan result:

HKU\S-1-5-21-1482476501-1078145449-1957994488-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA0D26BD-9029-431A-86E0-83152D67828A} -> Adware.180Solutions : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{BFB065A2-4F3C-61BB-4A5B-FA6D452D3EAC} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKU\S-1-5-21-1482476501-1078145449-1957994488-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{008602DA-BF96-4343-F9AA-6322853BD842} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKU\S-1-5-21-1482476501-1078145449-1957994488-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{15F6DF51-80DA-2FBF-3DB3-4BC956825654} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKU\S-1-5-21-1482476501-1078145449-1957994488-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6BFD4FF9-22B6-A8BC-8348-E8EF313969E1} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKU\S-1-5-21-1482476501-1078145449-1957994488-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{824CB85E-8849-F5FF-50D8-97E69A69E394} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKU\S-1-5-21-1482476501-1078145449-1957994488-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D04FEDA4-D7C0-3150-02FF-AD27F54D4CA1} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKU\S-1-5-21-1482476501-1078145449-1957994488-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2DEA8791-C2B7-48E1-8992-8E8E6A6FE789} -> Adware.Generic : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\ProductMessagingConfig.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\ProductMessagingConfig.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\SimpleUpdateConfig.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\SimpleUpdateConfig.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\TimerManagerConfig.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\TimerManagerConfig.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\FindIt.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\FindItHot.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\Highlight.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\HighlightHot.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\celebrity_news.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\celebrity_search.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\findithotxp.png -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\finditxp.png -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\gossip.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\highlighthotxp.png -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\highlightxp.png -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\logo.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\logoxp.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\contexts -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\contexts\error.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\contexts\related.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\contexts\travel.xml -> Adware.Starware : Cleaned with backup (quarantined).
HKU\S-1-5-21-1482476501-1078145449-1957994488-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA356D79-679B-4B4C-8E49-5AF97014F4C1} -> Adware.Starware : Cleaned with backup (quarantined).
HKU\S-1-5-21-1482476501-1078145449-1957994488-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D49E9D35-254C-4C6A-9D17-95018D228FF5} -> Adware.Starware : Cleaned with backup (quarantined).
C:\Program Files\whInstall -> Adware.Webhancer : Cleaned with backup (quarantined).
C:\Program Files\whInstall\Sporder.dll -> Adware.Webhancer : Cleaned with backup (quarantined).
C:\Program Files\whInstall\license.txt -> Adware.Webhancer : Cleaned with backup (quarantined).
C:\Program Files\whInstall\readme.txt -> Adware.Webhancer : Cleaned with backup (quarantined).
C:\Program Files\whInstall\webhdll.dll -> Adware.Webhancer : Cleaned with backup (quarantined).
C:\Program Files\whInstall\whAgent.exe -> Adware.Webhancer : Cleaned with backup (quarantined).
C:\Program Files\whInstall\whAgent.ini -> Adware.Webhancer : Cleaned with backup (quarantined).
C:\Program Files\whInstall\whInstaller.exe -> Adware.Webhancer : Cleaned with backup (quarantined).
C:\Program Files\whInstall\whSurvey.exe -> Adware.Webhancer : Cleaned with backup (quarantined).
C:\Program Files\whInstall\whiehlpr.dll -> Adware.Webhancer : Cleaned with backup (quarantined).
C:\WINDOWS\wh.exe/whAgent.exe -> Adware.WebHancer : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.Downloader.Win32.PopCap.b : Ignored.
C:\Documents and Settings\Guest\Cookies\guest@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.19:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Profiles\Default User\i4nn59ur.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.20:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Profiles\Default User\i4nn59ur.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.22:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Profiles\Default User\i4nn59ur.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.24:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Profiles\Default User\i4nn59ur.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.25:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Profiles\Default User\i4nn59ur.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\ADMIN\Cookies\admin@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\annie\Cookies\annie@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\annie\Cookies\annie@efashionsolutions.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\annie\Cookies\annie@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@wrigley.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.378:C:\Documents and Settings\ADMIN\Application Data\Netscape\NSB\Profiles\de93af0a.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.385:C:\Documents and Settings\ADMIN\Application Data\Netscape\NSB\Profiles\de93af0a.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.387:C:\Documents and Settings\ADMIN\Application Data\Netscape\NSB\Profiles\de93af0a.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.388:C:\Documents and Settings\ADMIN\Application Data\Netscape\NSB\Profiles\de93af0a.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.389:C:\Documents and Settings\ADMIN\Application Data\Netscape\NSB\Profiles\de93af0a.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.392:C:\Documents and Settings\ADMIN\Application Data\Netscape\NSB\Profiles\de93af0a.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.394:C:\Documents and Settings\ADMIN\Application Data\Netscape\NSB\Profiles\de93af0a.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.395:C:\Documents and Settings\ADMIN\Application Data\Netscape\NSB\Profiles\de93af0a.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.556:C:\Documents and Settings\ADMIN\Application Data\Netscape\NSB\Profiles\de93af0a.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\annie\Cookies\annie@aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\annie\Cookies\annie@lovefreegames.aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@dssatlascreditgroup.aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@eztracks.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@paidmarketingpanel.aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@prizeamerica.aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@abcsearch[1].txt -> TrackingCookie.Abcsearch : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@imgserv.adbutler[1].txt -> TrackingCookie.Adbutler : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ad.adition[2].txt -> TrackingCookie.Adition : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@adjuggler[2].txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\laaiqa\Local Settings\Temp\Cookies\laaiqa@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\laaiqa\Local Settings\Temp\Cookies\laaiqa@thunderbolt.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.30:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.31:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.32:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.36:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\ADMIN\Cookies\admin@adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@adrevolver[3].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\annie\Cookies\annie@adrevolver[3].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\annie\Cookies\annie@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.11:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Profiles\Default User\i4nn59ur.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.12:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Profiles\Default User\i4nn59ur.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.14:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Profiles\Default User\i4nn59ur.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.33:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.34:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.35:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@servedby.advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.26:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Profiles\Default User\i4nn59ur.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\ADMIN\Cookies\admin@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\annie\Cookies\annie@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\laaiqa\Local Settings\Temp\Cookies\laaiqa@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\ADMIN\Cookies\admin@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\annie\Cookies\annie@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@text.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\laaiqa\Local Settings\Temp\Cookies\laaiqa@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\laaiqa\Local Settings\Temp\Cookies\laaiqa@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\ADMIN\Cookies\admin@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\annie\Cookies\annie@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\ADMIN\Cookies\admin@centrport[1].txt -> TrackingCookie.Centrport : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@centrport[1].txt -> TrackingCookie.Centrport : Cleaned.
:mozilla.414:C:\Documents and Settings\ADMIN\Application Data\Netscape\NSB\Profiles\de93af0a.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned.
:mozilla.415:C:\Documents and Settings\ADMIN\Application Data\Netscape\NSB\Profiles\de93af0a.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned.
C:\Documents and Settings\ADMIN\Cookies\admin@clickbank[2].txt -> TrackingCookie.Clickbank : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@cz3.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@cz7.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@cz8.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@vip.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@news.com[2].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\laaiqa\Local Settings\Temp\Cookies\laaiqa@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\laaiqa\Local Settings\Temp\Cookies\laaiqa@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.15:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Profiles\Default User\i4nn59ur.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.17:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ad.doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ad.doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\ADMIN\Cookies\admin@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@estat[1].txt -> TrackingCookie.Estat : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@media.fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\annie\Cookies\annie@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\annie\Cookies\annie@media.fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.12:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.6:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.7:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.8:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.9:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@ehg-bestbuy.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@phg.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-adidas.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-cafepress.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-cdma.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-communityconnect.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-davidsbridal.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-findlaw.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-foxmovies.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-ifilm.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-ignitemedia.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-imedia.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-inforspaceinc.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-ittoolbox.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-knightridder.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-lls.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-paloaltosoftwareinc.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-playboy.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-providianbankcorpservices.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-randomhouse.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-rodale.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-saffronrouge.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-shoes.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-silverpop.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-sonycomputer.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-streamload.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-stubhub.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-thescooterstore.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-tigerdirect2.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-traderpublishing.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-vmware.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-warnerbrothers.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-webex.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-wildoats.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ehg-wss.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@w104.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned.
:mozilla.346:C:\Documents and Settings\ADMIN\Application Data\Netscape\NSB\Profiles\de93af0a.default\cookies.txt -> TrackingCookie.Kmpads : Cleaned.
:mozilla.347:C:\Documents and Settings\ADMIN\Application Data\Netscape\NSB\Profiles\de93af0a.default\cookies.txt -> TrackingCookie.Kmpads : Cleaned.
C:\Documents and Settings\ADMIN\Cookies\admin@kmpads[1].txt -> TrackingCookie.Kmpads : Cleaned.
C:\Documents and Settings\ADMIN\Cookies\admin@komtrack[1].txt -> TrackingCookie.Komtrack : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@komtrack[2].txt -> TrackingCookie.Komtrack : Cleaned.
C:\Documents and Settings\ADMIN\Cookies\admin@sales.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\annie\Cookies\annie@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@sales.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@www.myaffiliateprogram[2].txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
C:\Documents and Settings\laaiqa\Local Settings\Temp\Cookies\laaiqa@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\annie\Cookies\annie@overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
:mozilla.38:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.39:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.42:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@stats3.porntrack[1].txt -> TrackingCookie.Porntrack : Cleaned.
C:\Documents and Settings\ADMIN\Cookies\admin@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ads.realcastmedia[1].txt -> TrackingCookie.Realcastmedia : Cleaned.
:mozilla.31:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Profiles\Default User\i4nn59ur.slt\cookies.txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@revenue[1].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ads1.revenue[1].txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.16:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Profiles\Default User\i4nn59ur.slt\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.17:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Profiles\Default User\i4nn59ur.slt\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.18:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Profiles\Default User\i4nn59ur.slt\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.40:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.41:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\ADMIN\Cookies\admin@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\annie\Cookies\annie@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@h.starware[1].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@try.starware[1].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@www.starware[1].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\laaiqa\Local Settings\Temp\Cookies\laaiqa@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\ADMIN\Cookies\admin@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\annie\Cookies\annie@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@anat.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\laaiqa\Local Settings\Temp\Cookies\laaiqa@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\laaiqa\Local Settings\Temp\Cookies\laaiqa@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned.
:mozilla.18:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.19:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.20:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.21:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.22:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.23:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.24:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\annie\Cookies\annie@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@trafic[1].txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.26:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.28:C:\Documents and Settings\laaiqa\Application Data\Mozilla\Firefox\Profiles\yt9fzgmj.ProfileName\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\ADMIN\Cookies\admin@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@reduxads.valuead[1].txt -> TrackingCookie.Valuead : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@vdn.valuead[2].txt -> TrackingCookie.Valuead : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@ads.scot.valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@valueclick[3].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@scot.valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@server3.web-stat[1].txt -> TrackingCookie.Web-stat : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@web-stat[2].txt -> TrackingCookie.Web-stat : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@webstat[2].txt -> TrackingCookie.Web-stat : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@www.web-stat[1].txt -> TrackingCookie.Web-stat : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@free.wegcash[2].txt -> TrackingCookie.Wegcash : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@programs.wegcash[2].txt -> TrackingCookie.Wegcash : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@ads.x10[1].txt -> TrackingCookie.X10 : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@yadro[2].txt -> TrackingCookie.Yadro : Cleaned.
C:\Documents and Settings\ADMIN\Cookies\admin@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\annie\Cookies\annie@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\laaiqa\Cookies\laaiqa@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\laaiqa\Local Settings\Temp\Cookies\laaiqa@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.23:C:\Documents and Settings\ADMIN\Application Data\Netscape\NSB\Profiles\de93af0a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.24:C:\Documents and Settings\ADMIN\Application Data\Netscape\NSB\Profiles\de93af0a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\ADMIN\Cookies\admin@zedo[1].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Guest\Cookies\guest@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\annie\Cookies\annie@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\WINDOWS\aad.exe -> Trojan.Imiserv.c : Cleaned with backup (quarantined).
C:\WINDOWS\invupdate.exe -> Trojan.Imiserv.c : Cleaned with backup (quarantined).

::Report end

Hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 11:05:04 PM, on 7/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\1103629124\ee\services\sscFirewallPlugin\ver1_10_3_1\aolavupd.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpoopm07.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\Common Files\AOL\1103629124\ee\services\sscAntiSpywarePlugin\ver1_10_3_1\AOLSP Scheduler.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_1/home.html"); (C:\Documents and Settings\laaiqa\Application Data\Mozilla\Profiles\default\akv6je7a.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\laaiqa\Application Data\Mozilla\Profiles\default\akv6je7a.slt\prefs.js)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PaltalkWebLogin - {502C3BA4-2C3E-4317-BC29-C0445E82B1F9} - C:\Program Files\Common Files\Paltalk\PaltalkWebLogin.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [HPAIO_PrintFolderMgr] C:\WINDOWS\System32\spool\DRIVERS\W32X86\hpoopm07.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\WINDOWS\system32\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [AOLSPScheduler] C:\Program Files\Common Files\AOL\1103629124\ee\services\sscAntiSpywarePlugin\ver1_10_3_1\AOLSP Scheduler.exe
O4 - HKLM\..\Run: [sscRun] C:\Program Files\Common Files\AOL\1103629124\ee\services\sscFirewallPlugin\ver1_10_3_1\SSCRun.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\mcafee.com\antivirus\oasclnt.exe
O4 - HKLM\..\Run: [EmailScan] C:\Program Files\mcafee.com\antivirus\mcvsescn.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1103629124\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar3.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .pps: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O12 - Plugin for .xml: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {3DA5D23B-EFE1-4181-ADB7-7D457567AACA} (TGOnlineCtrl Class) - http://zone.msn.com/bingame/pacz/default/pandaonline.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.pw.aol.com/molbin/shared/mcinsctl/en-us/4,0,0,77/mcinsctl.cab
O16 - DPF: {528C14CD-CF9E-489C-A365-5999F17B69B9} (LightSurfUploadCtl Class) - http://pictures.sprintpcs.com/activex/LightSurfUploadControl.cab
O16 - DPF: {60EFC337-15C2-4369-B2A0-3429B071D8B8} (Hewlett-Packard Printer Diagnostics) - http://h20278.www2.hp.com/HPISWeb/Customer/cabs/HPISWebManager.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1134744444778
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.pw.aol.com/molbin/shared/mcgdmgr/en-us/1,0,0,18/mcgdmgr.cab
O16 - DPF: {BDF9A7C7-F4DC-455D-B5C2-045D74788295} (AOLRegistrationWizard Control) - https://free.aol.com/tryaolfree/wr6_pcbackup/AOLRegistrationWizard.cab
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) -
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} (SCEWebLauncherCtl Object) - http://zone.msn.com/bingame/hsol/default/SCEWebLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?326
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX/kdx.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Antivirus Update Service (aolavupd) - America Online - C:\Program Files\Common Files\AOL\1103629124\ee\services\sscFirewallPlugin\ver1_10_3_1\aolavupd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: Symantec Proxy Service (ccPxySvc) - Unknown owner - C:\Program Files\Norton Internet Security\ccPxySvc.exe (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee McShield (McShield) - McAfee Inc. - C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Unknown owner - C:\Program Files\Norton Internet Security\NISUM.EXE (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - Unknown owner - C:\WINDOWS\system32\pctspk.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Re: Need Help With Drop Spam

Logfile of HijackThis v1.99.1
Scan saved at 10:35:17 PM, on 9/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\dslifestyle\dslifestyle.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Brian\My Documents\Docs!\HJT\hijackthis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://sidesearch.dropspam.com/sidesearch.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://sidesearch.dropspam.com/sidesearch.htm
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: Drop Spam Toolbar - {2DEA8791-C2B7-48E1-8992-8E8E6A6FE789} - C:\Program Files\DropSpam\ewwie.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [DropSpam Lifestyle] "C:\Program Files\dslifestyle\dslifestyle.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_8 -reboot 1
O4 - Startup: BitTorrent.lnk = C:\Program Files\BitTorrent\bittorrent.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B6E649FA-5461-40d7-AB4D-54FC3C8DB767} - C:\Program Files\DropSpam\ewwie.dll
O9 - Extra 'Tools' menuitem: Looksitup Toolbar - {B6E649FA-5461-40d7-AB4D-54FC3C8DB767} - C:\Program Files\DropSpam\ewwie.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1153265193218
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?326
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Re: Need Help With Drop Spam

Quote:

Originally Posted by ChiQuitaPeKita (Post 230301)

I think I have tons of spyware/adware on my PC. Can someone help me get rid of this?

Logfile of HijackThis v1.99.1
Scan saved at 11:29:05 PM, on 9/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\DIGStream\PlayhouseDisneyDownloadManager.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\Napster\napster.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\WINDOWS\system32\LxrJD31s.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Wal-Mart Music Downloads Store\SWEBDLMgrSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Richard Palmer\Local Settings\Temporary Internet Files\Content.IE5\8L6BO9EJ\HijackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://sidesearch.dropspam.com/sidesearch.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://sidesearch.dropspam.com/sidesearch.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Drop Spam Toolbar - {2DEA8791-C2B7-48E1-8992-8E8E6A6FE789} - C:\Program Files\DropSpam\ewwie.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Drop Spam Toolbar - {2DEA8791-C2B7-48E1-8992-8E8E6A6FE789} - C:\Program Files\DropSpam\ewwie.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Dell Photo AIO Printer 942] "C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe"
O4 - HKLM\..\Run: [DLBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PlayhouseDisneyDownloadManager] C:\Program Files\DIGStream\PlayhouseDisneyDownloadManager.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [uomu] C:\Program Files\Common Files\uomu\uomum.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B6E649FA-5461-40d7-AB4D-54FC3C8DB767} - C:\Program Files\DropSpam\ewwie.dll
O9 - Extra 'Tools' menuitem: Looksitup Toolbar - {B6E649FA-5461-40d7-AB4D-54FC3C8DB767} - C:\Program Files\DropSpam\ewwie.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10...I.cab46479.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2871FC9B-5E34-4AAE-9E9C-EBD1652D5C92} (Rhapsody Player Engine) - http://forms.real.com/real/player/do...e_Inst_Win.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10...y.cab32846.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10...t.cab32846.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1159309412078
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - http://mediaplayer.walmart.com/installer/install.cab
O16 - DPF: {7FE26BE2-B923-4B41-9834-E84DA1CC1F96} (Maid Control) - http://vsp.closetmaid.com/vsp/cmaidc...downloader.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploa...loadClient.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramewor...o.cab34246.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10...y.cab41227.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: dlbu_device - Dell - C:\WINDOWS\system32\dlbucoms.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD31s.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe