 |  |  |  |  |  |  |  |
aurora and drpmon.dll problem
 |
For some reason I picked it up and dont know where. Tried to remove it using Adaware and its still there and when I tried deleting the drpmon.dll file it wont let me. SO I ran hijackthis and here is my log
Logfile of HijackThis v1.99.1
Scan saved at 11:53:09 AM, on 6/19/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\windows\system32\htjmkdh.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis\HijackThis.exe
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: Games toolbar - {02ffc86e-283e-4faa-95d6-addca024f30a} - C:\Program Files\Games\tbGame.dll (file missing)
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O4 - HKLM\..\Run: [ztkedjw] c:\windows\system32\htjmkdh.exe r
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunServices: [Winzip Archiver] Winzip32.exe
O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {C9B8ABB6-1CC3-4957-9CA3-053036B2EE3A} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Broken Internet access because of LSP provider 'xfire_lsp_10650.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B869A6F-B0FE-440E-96C9-D20A237B706A}: NameServer = 4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{99C2A277-40E5-4C84-9214-A21786E4CA32}: NameServer = 4.2.2.2
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
What do I do now?
Logfile of HijackThis v1.99.1
Scan saved at 11:53:09 AM, on 6/19/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\windows\system32\htjmkdh.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis\HijackThis.exe
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: Games toolbar - {02ffc86e-283e-4faa-95d6-addca024f30a} - C:\Program Files\Games\tbGame.dll (file missing)
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O4 - HKLM\..\Run: [ztkedjw] c:\windows\system32\htjmkdh.exe r
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunServices: [Winzip Archiver] Winzip32.exe
O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {C9B8ABB6-1CC3-4957-9CA3-053036B2EE3A} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Broken Internet access because of LSP provider 'xfire_lsp_10650.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B869A6F-B0FE-440E-96C9-D20A237B706A}: NameServer = 4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{99C2A277-40E5-4C84-9214-A21786E4CA32}: NameServer = 4.2.2.2
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
What do I do now?
ok and now I have werid things going on...
the way my computer is set up is I have an 80 gig hard drive with a slaved 20 gig hard drive....the 20 gig harddrive is where i have all mygames installed at that I play online.....for some reason I cant open any games because a file is missing and when I open theat hard drive this is what it looks like http://us.share.geocities.com/tamed_kaos/desktop.bmp
for 1. there is more files there than should be....and for 2 those are deffinately not the names I titled them lol.....what is going on and how do I fix it?
the way my computer is set up is I have an 80 gig hard drive with a slaved 20 gig hard drive....the 20 gig harddrive is where i have all mygames installed at that I play online.....for some reason I cant open any games because a file is missing and when I open theat hard drive this is what it looks like http://us.share.geocities.com/tamed_kaos/desktop.bmp
for 1. there is more files there than should be....and for 2 those are deffinately not the names I titled them lol.....what is going on and how do I fix it?
Hi SediAK, welcome to DaniWeb 
Go to Add/Remove Programs in your Control Panel and remove (if present):
MyWay (or MySearch, MyBar, or anything similar)
Download Ewido Security Suite from here:
http://fileforum.betanews.com/detail...e/1098736486/1
Install it, and while installing, under Additional Options, uncheck Install background guard and Install scan via context menu.
From the main Ewido screen, click on Update in the left menu, and then click the Start update button. After the update finishes (the status bar at the bottom will display Update successful), close the program (don't scan yet).
Download Nailfix from here:
http://users.pandora.be/bluepatchy/nailfix.zip
Unzip it to your desktop, but do not run it yet.
Reboot into Safe Mode.
Double-click on the Nailfix.bat that is on your desktop. Your desktop and icons will disappear and reappear, and a window should open and close very quickly -- this is normal.
Then run a full system scan with Ewido (note: you will be posting the log from this scan when back in normal mode).
Reboot normally.
Scan with hijackthis and have it fix the following entries:
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: Games toolbar - {02ffc86e-283e-4faa-95d6-addca024f30a} - C:\Program Files\Games\tbGame.dll (file missing)
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O4 - HKLM\..\Run: [ztkedjw] c:\windows\system32\htjmkdh.exe r
O9 - Extra button: (no name) - {C9B8ABB6-1CC3-4957-9CA3-053036B2EE3A} - (no file)
O10 - Broken Internet access because of LSP provider 'xfire_lsp_10650.dll' missing
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
These entries are suspicious; check with your ISP and ask if they should be there:
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B869A6F-B0FE-440E-96C9-D20A237B706A}: NameServer = 4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{99C2A277-40E5-4C84-9214-A21786E4CA32}: NameServer = 4.2.2.2
Be sure to close any open windows, other then hijackthis, before hitting Fix checked.
Go to the following locations and delete the highlighted files and folders (if present):
C:\WINDOWS\Nail.exe
C:\WINDOWS\svcproc.exe
C:\windows\system32\htjmkdh.exe
C:\Program Files\Games\tbGame.dll
C:\Program Files\MyWay
Empty your Recycle Bin and reboot.
Close any open browser windows, scan with hijackthis, and post a new log along with the Ewido log.
Go to Add/Remove Programs in your Control Panel and remove (if present):
MyWay (or MySearch, MyBar, or anything similar)
Download Ewido Security Suite from here:
http://fileforum.betanews.com/detail...e/1098736486/1
Install it, and while installing, under Additional Options, uncheck Install background guard and Install scan via context menu.
From the main Ewido screen, click on Update in the left menu, and then click the Start update button. After the update finishes (the status bar at the bottom will display Update successful), close the program (don't scan yet).
Download Nailfix from here:
http://users.pandora.be/bluepatchy/nailfix.zip
Unzip it to your desktop, but do not run it yet.
Reboot into Safe Mode.
Double-click on the Nailfix.bat that is on your desktop. Your desktop and icons will disappear and reappear, and a window should open and close very quickly -- this is normal.
Then run a full system scan with Ewido (note: you will be posting the log from this scan when back in normal mode).
Reboot normally.
Scan with hijackthis and have it fix the following entries:
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: Games toolbar - {02ffc86e-283e-4faa-95d6-addca024f30a} - C:\Program Files\Games\tbGame.dll (file missing)
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O4 - HKLM\..\Run: [ztkedjw] c:\windows\system32\htjmkdh.exe r
O9 - Extra button: (no name) - {C9B8ABB6-1CC3-4957-9CA3-053036B2EE3A} - (no file)
O10 - Broken Internet access because of LSP provider 'xfire_lsp_10650.dll' missing
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
These entries are suspicious; check with your ISP and ask if they should be there:
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B869A6F-B0FE-440E-96C9-D20A237B706A}: NameServer = 4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{99C2A277-40E5-4C84-9214-A21786E4CA32}: NameServer = 4.2.2.2
Be sure to close any open windows, other then hijackthis, before hitting Fix checked.
Go to the following locations and delete the highlighted files and folders (if present):
C:\WINDOWS\Nail.exe
C:\WINDOWS\svcproc.exe
C:\windows\system32\htjmkdh.exe
C:\Program Files\Games\tbGame.dll
C:\Program Files\MyWay
Empty your Recycle Bin and reboot.
Close any open browser windows, scan with hijackthis, and post a new log along with the Ewido log.
Links to help you help yourself :
Protect Your PC & Avoid Infections -- http://www.daniweb.com/techtalkforums/thread27519.html
Cleanup Procedures & Tools -- http://www.daniweb.com/techtalkforums/thread27570.html
Infection Removal & HijackThis Use -- http://www.daniweb.com/techtalkforums/thread28196.html
Protect Your PC & Avoid Infections -- http://www.daniweb.com/techtalkforums/thread27519.html
Cleanup Procedures & Tools -- http://www.daniweb.com/techtalkforums/thread27570.html
Infection Removal & HijackThis Use -- http://www.daniweb.com/techtalkforums/thread28196.html
Logfile of HijackThis v1.99.1
Scan saved at 4:08:22 PM, on 6/20/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
c:\windows\system32\cstqpn.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll (file missing)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [iotfss] c:\windows\system32\cstqpn.exe r
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Broken Internet access because of LSP provider 'xfire_lsp_10650.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B869A6F-B0FE-440E-96C9-D20A237B706A}: NameServer = 4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{99C2A277-40E5-4C84-9214-A21786E4CA32}: NameServer = 4.2.2.2
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
EWIDO Log
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 3:53:40 PM, 6/20/2005
+ Report-Checksum: 9931B0D6
+ Scan result:
HKLM\SOFTWARE\Classes\IMIToolbar.BottomFrame -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.BottomFrame\CLSID -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.BottomFrame\CurVer -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.LeftFrame -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.LeftFrame\CLSID -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.LeftFrame\CurVer -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.PopupBrowser -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.PopupBrowser\CLSID -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.PopupBrowser\CurVer -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.PopupWindow -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.PopupWindow\CLSID -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.PopupWindow\CurVer -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\Wbho.Band -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\Wbho.Band\CLSID -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\Wbho.Band\CurVer -> Spyware.IEPlugin
HKLM\SOFTWARE\eUniverse -> Spyware.KeenValue
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PUK -> Spyware.CometCursor
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RelevantKnowledge -> Spyware.BroadCastPC
HKU\S-1-5-21-1844237615-839522115-682003330-1004\Software\intexp -> Spyware.IEPlugin
HKU\S-1-5-21-1844237615-839522115-682003330-1004\Software\intexp\Config -> Spyware.IEPlugin
HKU\S-1-5-21-1844237615-839522115-682003330-1004\Software\intexp\MyFileSystem2 -> Spyware.IEPlugin
:mozilla.10:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adjuggler
:mozilla.11:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Atdmt
:mozilla.22:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Specificclick
:mozilla.23:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Specificclick
:mozilla.24:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Specificclick
:mozilla.25:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Specificclick
:mozilla.30:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Mediaplex
:mozilla.32:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Netshelter
:mozilla.33:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Netshelter
:mozilla.34:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adtech
:mozilla.35:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adtech
:mozilla.40:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Questionmarket
:mozilla.48:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Doubleclick
:mozilla.49:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adrevolver
:mozilla.50:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adrevolver
:mozilla.51:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adrevolver
:mozilla.52:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adrevolver
:mozilla.53:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adrevolver
:mozilla.54:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adrevolver
:mozilla.55:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adserver
:mozilla.56:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Fastclick
:mozilla.57:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Fastclick
:mozilla.58:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Fastclick
:mozilla.59:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adserver
:mozilla.60:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adserver
:mozilla.61:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adserver
:mozilla.62:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Partner2profit
:mozilla.73:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Serving-sys
:mozilla.74:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Serving-sys
:mozilla.77:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Serving-sys
:mozilla.84:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Serving-sys
:mozilla.100:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Overture
:mozilla.101:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram
:mozilla.102:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram
:mozilla.123:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Timeinc
:mozilla.128:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Tribalfusion
:mozilla.129:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Tribalfusion
:mozilla.130:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Tribalfusion
:mozilla.131:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Tribalfusion
:mozilla.132:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Googleadservices
:mozilla.133:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Com
:mozilla.134:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Com
:mozilla.136:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Wwwdownload
:mozilla.137:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Webshots
:mozilla.150:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Miniclip
:mozilla.151:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Miniclip
:mozilla.152:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.153:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.154:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.155:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.156:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.157:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.158:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.159:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.160:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.161:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.162:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.163:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.164:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.165:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.166:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.167:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.168:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.169:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.170:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.171:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.172:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.173:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.174:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.175:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.176:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.177:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.178:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.179:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.180:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.181:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.182:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.183:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.184:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.185:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.186:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.187:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.188:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.189:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.190:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.191:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.192:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.199:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Zedo
:mozilla.200:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Zedo
:mozilla.201:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Zedo
:mozilla.217:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Targetgraph
:mozilla.218:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Targetgraph
:mozilla.219:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Targetgraph
:mozilla.221:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.2o7
:mozilla.225:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Abum
:mozilla.226:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Abum
:mozilla.227:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adknowledge
:mozilla.228:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Casalemedia
:mozilla.229:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Casalemedia
:mozilla.230:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Casalemedia
:mozilla.231:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Casalemedia
:mozilla.232:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Casalemedia
:mozilla.240:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adlegend
:mozilla.241:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Hitbox
:mozilla.243:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Hitbox
:mozilla.244:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Hitbox
:mozilla.249:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Belnk
:mozilla.253:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Intellisrv
:mozilla.254:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Intellisrv
:mozilla.255:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Intellisrv
:mozilla.256:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Intellisrv
:mozilla.260:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Humanclick
:mozilla.261:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Humanclick
:mozilla.262:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Humanclick
:mozilla.263:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Pointroll
:mozilla.264:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Pointroll
:mozilla.265:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Pointroll
:mozilla.266:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Pointroll
:mozilla.267:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Webtrendslive
:mozilla.268:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Webtrendslive
:mozilla.269:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Hitslink
:mozilla.270:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Hitslink
:mozilla.271:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Hitslink
:mozilla.272:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Hitslink
:mozilla.288:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Imrworldwide
:mozilla.290:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Imrworldwide
:mozilla.304:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Coremetrics
:mozilla.327:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Webstat
:mozilla.328:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Webstat
:mozilla.332:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Bravenet
:mozilla.333:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Bravenet
:mozilla.349:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Maxserving
:mozilla.351:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Hitbox
:mozilla.353:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Trafficmp
:mozilla.354:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Trafficmp
:mozilla.355:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Trafficmp
:mozilla.356:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Trafficmp
:mozilla.357:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Valueclick
:mozilla.358:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Realtechnetwork
:mozilla.359:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Valueclick
:mozilla.360:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Realmedia
:mozilla.361:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Realmedia
:mozilla.362:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Realmedia
:mozilla.363:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Tmcs
:mozilla.379:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Hitbox
:mozilla.385:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Centrport
:mozilla.386:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Ru4
:mozilla.387:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Ru4
:mozilla.390:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Element5
:mozilla.391:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Wwwdownload
C:\Documents and Settings\Bryan\Cookies\bryan@888[1].txt -> Spyware.Cookie.888.com
C:\Documents and Settings\Bryan\Cookies\bryan@abetterinternet[2].txt -> Spyware.Cookie.Abetterinternet
C:\Documents and Settings\Bryan\Cookies\bryan@aimtoday.aol[1].txt -> Spyware.Cookie.Aol
C:\Documents and Settings\Bryan\Cookies\bryan@btg.btgrab[1].txt -> Spyware.Cookie.Btgrab
C:\Documents and Settings\Bryan\Cookies\bryan@cliks[1].txt -> Spyware.Cookie.Cliks
C:\Documents and Settings\Bryan\Cookies\bryan@doubleclick[1].txt -> Spyware.Cookie.Doubleclick
C:\Documents and Settings\Bryan\Cookies\bryan@emarketmakers[1].txt -> Spyware.Cookie.Emarketmakers
C:\Documents and Settings\Bryan\Cookies\bryan@linksynergy[2].txt -> Spyware.Cookie.Linksynergy
C:\Documents and Settings\Bryan\Cookies\bryan@myway[2].txt -> Spyware.Cookie.Myway
C:\Documents and Settings\Bryan\Cookies\bryan@netflix[2].txt -> Spyware.Cookie.Netflix
C:\Documents and Settings\Bryan\Cookies\bryan@offeroptimizer[1].txt -> Spyware.Cookie.Offeroptimizer
C:\Documents and Settings\Bryan\Cookies\bryan@www.azoogleads[2].txt -> Spyware.Cookie.Azoogleads
C:\Documents and Settings\Bryan\Cookies\bryan@www.everyfreegift[2].txt -> Spyware.Cookie.Everyfreegift
:mozilla.9:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Atdmt
:mozilla.26:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Serving-sys
:mozilla.27:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Serving-sys
:mozilla.28:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Serving-sys
:mozilla.29:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Serving-sys
:mozilla.30:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Serving-sys
:mozilla.31:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Netflix
:mozilla.32:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Netflix
:mozilla.33:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Netflix
:mozilla.34:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Netflix
:mozilla.35:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Netflix
:mozilla.36:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Netflix
:mozilla.37:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Netflix
:mozilla.38:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Netflix
:mozilla.39:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Netflix
:mozilla.40:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Doubleclick
:mozilla.57:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Questionmarket
:mozilla.58:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Mediaplex
:mozilla.59:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Valueclick
:mozilla.60:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Valueclick
:mozilla.64:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Bluestreak
:mozilla.66:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Centrport
:mozilla.67:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Centrport
:mozilla.75:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.76:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.77:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.78:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.79:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.80:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.82:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.83:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.84:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.85:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.86:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.87:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.88:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.89:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.90:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.91:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.92:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.93:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.94:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.95:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.96:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.97:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.99:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.100:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.101:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.102:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.103:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.107:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Imrworldwide
:mozilla.108:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Webtrendslive
:mozilla.109:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Imrworldwide
:mozilla.111:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Coremetrics
:mozilla.117:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Apmebf
:mozilla.118:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Qksrv
:mozilla.119:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Qksrv
:mozilla.120:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Apmebf
:mozilla.121:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Addfreestats
:mozilla.122:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Bfast
:mozilla.124:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Hitbox
:mozilla.125:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Overture
:mozilla.126:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Overture
:mozilla.127:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Bizrate
:mozilla.128:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Hitbox
:mozilla.129:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Hitbox
:mozilla.130:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Bizrate
:mozilla.135:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Bizrate
:mozilla.136:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Bizrate
:mozilla.145:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.2o7
:mozilla.146:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.2o7
:mozilla.147:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.2o7
:mozilla.156:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Abum
:mozilla.157:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Adknowledge
:mozilla.158:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Abum
:mozilla.159:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Fastclick
:mozilla.160:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Casalemedia
:mozilla.161:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Casalemedia
:mozilla.162:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Casalemedia
:mozilla.173:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Trafficmp
:mozilla.174:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Trafficmp
:mozilla.175:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Trafficmp
:mozilla.176:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Trafficmp
:mozilla.177:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Trafficmp
:mozilla.178:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Zedo
:mozilla.179:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Zedo
:mozilla.180:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Zedo
:mozilla.181:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.About
:mozilla.183:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.About
:mozilla.184:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.About
:mozilla.185:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.About
:mozilla.186:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.About
:mozilla.191:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Specificclick
:mozilla.192:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Specificclick
:mozilla.193:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Wwwbettycrocker
:mozilla.197:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Checkm8
:mozilla.198:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Checkm8
:mozilla.199:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Checkm8
:mozilla.200:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Checkm8
:mozilla.204:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Ru4
:mozilla.206:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Pointroll
:mozilla.207:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Pointroll
:mozilla.208:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Pointroll
:mozilla.209:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Pointroll
:mozilla.210:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Pointroll
:mozilla.12:C:\Documents and Settings\Shamai\Application Data\Mozilla\Profiles\default\rll6lq4o.slt\cookies.txt -> Spyware.Cookie.Questionmarket
C:\Documents and Settings\Shamai\Cookies\shamai@888[2].txt -> Spyware.Cookie.888.com
C:\Documents and Settings\Shamai\Cookies\shamai@a.websponsors[1].txt -> Spyware.Cookie.Websponsors
C:\Documents and Settings\Shamai\Cookies\shamai@aavalue[1].txt -> Spyware.Cookie.Aavalue
C:\Documents and Settings\Shamai\Cookies\shamai@abetterinternet[2].txt -> Spyware.Cookie.Abetterinternet
C:\Documents and Settings\Shamai\Cookies\shamai@adknowledge[2].txt -> Spyware.Cookie.Adknowledge
C:\Documents and Settings\Shamai\Cookies\shamai@adultfriendfinder[1].txt -> Spyware.Cookie.Adult-friend-finder
C:\Documents and Settings\Shamai\Cookies\shamai@aimtoday.aol[1].txt -> Spyware.Cookie.Aol
C:\Documents and Settings\Shamai\Cookies\shamai@atdmt[2].txt -> Spyware.Cookie.Atdmt
C:\Documents and Settings\Shamai\Cookies\shamai@azjmp[1].txt -> Spyware.Cookie.Azjmp
C:\Documents and Settings\Shamai\Cookies\shamai@bigchurch[2].txt -> Spyware.Cookie.Bigchurch
C:\Documents and Settings\Shamai\Cookies\shamai@btg.btgrab[1].txt -> Spyware.Cookie.Btgrab
C:\Documents and Settings\Shamai\Cookies\shamai@chtah[1].txt -> Spyware.Cookie.Chtah
C:\Documents and Settings\Shamai\Cookies\shamai@cliks[2].txt -> Spyware.Cookie.Cliks
C:\Documents and Settings\Shamai\Cookies\shamai@creativeby.viewpoint[1].txt -> Spyware.Cookie.Viewpoint
C:\Documents and Settings\Shamai\Cookies\shamai@desktop.kazaa[1].txt -> Spyware.Cookie.Kazaa
C:\Documents and Settings\Shamai\Cookies\shamai@dist.belnk[2].txt -> Spyware.Cookie.Belnk
C:\Documents and Settings\Shamai\Cookies\shamai@dr.webservicehosts[1].txt -> Spyware.Cookie.Webservicehosts
C:\Documents and Settings\Shamai\Cookies\shamai@e.rn11[1].txt -> Spyware.Cookie.Rn11
C:\Documents and Settings\Shamai\Cookies\shamai@emarketmakers[2].txt -> Spyware.Cookie.Emarketmakers
C:\Documents and Settings\Shamai\Cookies\shamai@eztracks.aavalue[2].txt -> Spyware.Cookie.Aavalue
C:\Documents and Settings\Shamai\Cookies\shamai@hoylegames.sierra[1].txt -> Spyware.Cookie.Sierra
C:\Documents and Settings\Shamai\Cookies\shamai@kazaa[1].txt -> Spyware.Cookie.Kazaa
C:\Documents and Settings\Shamai\Cookies\shamai@login.tracking101[2].txt -> Spyware.Cookie.Tracking101
C:\Documents and Settings\Shamai\Cookies\shamai@mediaplex[1].txt -> Spyware.Cookie.Mediaplex
C:\Documents and Settings\Shamai\Cookies\shamai@myway[2].txt -> Spyware.Cookie.Myway
C:\Documents and Settings\Shamai\Cookies\shamai@mywebsearch[1].txt -> Spyware.Cookie.Mywebsearch
C:\Documents and Settings\Shamai\Cookies\shamai@namesdatabase[2].txt -> Spyware.Cookie.Namesdatabase
C:\Documents and Settings\Shamai\Cookies\shamai@offeroptimizer[2].txt -> Spyware.Cookie.Offeroptimizer
C:\Documents and Settings\Shamai\Cookies\shamai@partner2profit[2].txt -> Spyware.Cookie.Partner2profit
C:\Documents and Settings\Shamai\Cookies\shamai@pyn.pynix[2].txt -> Spyware.Cookie.Pynix
C:\Documents and Settings\Shamai\Cookies\shamai@rightmedia[2].txt -> Spyware.Cookie.Rightmedia
C:\Documents and Settings\Shamai\Cookies\shamai@rn11[2].txt -> Spyware.Cookie.Rn11
C:\Documents and Settings\Shamai\Cookies\shamai@sageanalyst[1].txt -> Spyware.Cookie.Sageanalyst
C:\Documents and Settings\Shamai\Cookies\shamai@ssa.kazaa[1].txt -> Spyware.Cookie.Kazaa
C:\Documents and Settings\Shamai\Cookies\shamai@webservicehosts[1].txt -> Spyware.Cookie.Webservicehosts
C:\Documents and Settings\Shamai\Cookies\shamai@www.azoogleads[2].txt -> Spyware.Cookie.Azoogleads
C:\Documents and Settings\Shamai\Cookies\shamai@www.match[2].txt -> Spyware.Cookie.Wwwmatch
C:\Documents and Settings\Shamai\Local Settings\Temp\p2psetup.exe -> Spyware.P2PNetworking
C:\Documents and Settings\Shamai\Local Settings\Temp\THI2810.tmp\pynix.cab/Pynix.dll -> Spyware.BiSpy
C:\Documents and Settings\Shamai\Local Settings\Temp\THI2810.tmp\pynix.cab/polall1p.exe -> Trojan.Agent.ay
C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Spyware.Wheaterbug
C:\Program Files\Hewlett-Packard\Memories Disc\hpodlog.exe -> Heuristic.Win32.Hijacker1
C:\Program Files\Microsoft Office\Office\MSOHTMED.EXE -> Heuristic.Win32.Downloader
C:\WINDOWS\bshpejk.exe -> Spyware.BetterInternet
C:\WINDOWS\NDNuninstall6_38.exe -> Spyware.NewDotNet
C:\WINDOWS\vmithbmnj.exe -> Spyware.BetterInternet
C:\WINDOWS\wupdt.exe -> TrojanDownloader.Intexp.c
::Report End
Scan saved at 4:08:22 PM, on 6/20/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
c:\windows\system32\cstqpn.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll (file missing)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [iotfss] c:\windows\system32\cstqpn.exe r
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Broken Internet access because of LSP provider 'xfire_lsp_10650.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B869A6F-B0FE-440E-96C9-D20A237B706A}: NameServer = 4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{99C2A277-40E5-4C84-9214-A21786E4CA32}: NameServer = 4.2.2.2
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
EWIDO Log
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 3:53:40 PM, 6/20/2005
+ Report-Checksum: 9931B0D6
+ Scan result:
HKLM\SOFTWARE\Classes\IMIToolbar.BottomFrame -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.BottomFrame\CLSID -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.BottomFrame\CurVer -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.LeftFrame -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.LeftFrame\CLSID -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.LeftFrame\CurVer -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.PopupBrowser -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.PopupBrowser\CLSID -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.PopupBrowser\CurVer -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.PopupWindow -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.PopupWindow\CLSID -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\IMIToolbar.PopupWindow\CurVer -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\Wbho.Band -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\Wbho.Band\CLSID -> Spyware.IEPlugin
HKLM\SOFTWARE\Classes\Wbho.Band\CurVer -> Spyware.IEPlugin
HKLM\SOFTWARE\eUniverse -> Spyware.KeenValue
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PUK -> Spyware.CometCursor
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RelevantKnowledge -> Spyware.BroadCastPC
HKU\S-1-5-21-1844237615-839522115-682003330-1004\Software\intexp -> Spyware.IEPlugin
HKU\S-1-5-21-1844237615-839522115-682003330-1004\Software\intexp\Config -> Spyware.IEPlugin
HKU\S-1-5-21-1844237615-839522115-682003330-1004\Software\intexp\MyFileSystem2 -> Spyware.IEPlugin
:mozilla.10:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adjuggler
:mozilla.11:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Atdmt
:mozilla.22:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Specificclick
:mozilla.23:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Specificclick
:mozilla.24:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Specificclick
:mozilla.25:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Specificclick
:mozilla.30:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Mediaplex
:mozilla.32:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Netshelter
:mozilla.33:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Netshelter
:mozilla.34:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adtech
:mozilla.35:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adtech
:mozilla.40:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Questionmarket
:mozilla.48:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Doubleclick
:mozilla.49:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adrevolver
:mozilla.50:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adrevolver
:mozilla.51:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adrevolver
:mozilla.52:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adrevolver
:mozilla.53:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adrevolver
:mozilla.54:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adrevolver
:mozilla.55:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adserver
:mozilla.56:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Fastclick
:mozilla.57:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Fastclick
:mozilla.58:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Fastclick
:mozilla.59:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adserver
:mozilla.60:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adserver
:mozilla.61:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adserver
:mozilla.62:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Partner2profit
:mozilla.73:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Serving-sys
:mozilla.74:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Serving-sys
:mozilla.77:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Serving-sys
:mozilla.84:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Serving-sys
:mozilla.100:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Overture
:mozilla.101:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram
:mozilla.102:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram
:mozilla.123:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Timeinc
:mozilla.128:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Tribalfusion
:mozilla.129:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Tribalfusion
:mozilla.130:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Tribalfusion
:mozilla.131:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Tribalfusion
:mozilla.132:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Googleadservices
:mozilla.133:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Com
:mozilla.134:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Com
:mozilla.136:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Wwwdownload
:mozilla.137:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Webshots
:mozilla.150:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Miniclip
:mozilla.151:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Miniclip
:mozilla.152:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.153:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.154:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.155:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.156:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.157:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.158:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.159:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.160:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.161:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.162:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.163:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.164:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.165:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.166:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.167:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.168:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.169:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.170:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.171:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.172:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.173:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.174:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.175:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.176:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.177:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.178:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.179:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.180:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.181:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.182:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.183:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.184:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.185:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.186:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.187:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.188:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.189:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.190:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.191:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.192:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.199:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Zedo
:mozilla.200:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Zedo
:mozilla.201:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Zedo
:mozilla.217:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Targetgraph
:mozilla.218:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Targetgraph
:mozilla.219:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Targetgraph
:mozilla.221:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.2o7
:mozilla.225:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Abum
:mozilla.226:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Abum
:mozilla.227:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adknowledge
:mozilla.228:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Casalemedia
:mozilla.229:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Casalemedia
:mozilla.230:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Casalemedia
:mozilla.231:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Casalemedia
:mozilla.232:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Casalemedia
:mozilla.240:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Adlegend
:mozilla.241:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Hitbox
:mozilla.243:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Hitbox
:mozilla.244:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Hitbox
:mozilla.249:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Belnk
:mozilla.253:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Intellisrv
:mozilla.254:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Intellisrv
:mozilla.255:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Intellisrv
:mozilla.256:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Intellisrv
:mozilla.260:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Humanclick
:mozilla.261:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Humanclick
:mozilla.262:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Humanclick
:mozilla.263:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Pointroll
:mozilla.264:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Pointroll
:mozilla.265:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Pointroll
:mozilla.266:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Pointroll
:mozilla.267:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Webtrendslive
:mozilla.268:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Webtrendslive
:mozilla.269:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Hitslink
:mozilla.270:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Hitslink
:mozilla.271:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Hitslink
:mozilla.272:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Hitslink
:mozilla.288:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Imrworldwide
:mozilla.290:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Imrworldwide
:mozilla.304:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Coremetrics
:mozilla.327:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Webstat
:mozilla.328:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Webstat
:mozilla.332:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Bravenet
:mozilla.333:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Bravenet
:mozilla.349:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Maxserving
:mozilla.351:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Hitbox
:mozilla.353:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Trafficmp
:mozilla.354:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Trafficmp
:mozilla.355:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Trafficmp
:mozilla.356:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Trafficmp
:mozilla.357:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Valueclick
:mozilla.358:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Realtechnetwork
:mozilla.359:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Valueclick
:mozilla.360:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Realmedia
:mozilla.361:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Realmedia
:mozilla.362:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Realmedia
:mozilla.363:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Tmcs
:mozilla.379:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Hitbox
:mozilla.385:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Centrport
:mozilla.386:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Ru4
:mozilla.387:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Ru4
:mozilla.390:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Element5
:mozilla.391:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ujdoam5u.default\cookies.txt -> Spyware.Cookie.Wwwdownload
C:\Documents and Settings\Bryan\Cookies\bryan@888[1].txt -> Spyware.Cookie.888.com
C:\Documents and Settings\Bryan\Cookies\bryan@abetterinternet[2].txt -> Spyware.Cookie.Abetterinternet
C:\Documents and Settings\Bryan\Cookies\bryan@aimtoday.aol[1].txt -> Spyware.Cookie.Aol
C:\Documents and Settings\Bryan\Cookies\bryan@btg.btgrab[1].txt -> Spyware.Cookie.Btgrab
C:\Documents and Settings\Bryan\Cookies\bryan@cliks[1].txt -> Spyware.Cookie.Cliks
C:\Documents and Settings\Bryan\Cookies\bryan@doubleclick[1].txt -> Spyware.Cookie.Doubleclick
C:\Documents and Settings\Bryan\Cookies\bryan@emarketmakers[1].txt -> Spyware.Cookie.Emarketmakers
C:\Documents and Settings\Bryan\Cookies\bryan@linksynergy[2].txt -> Spyware.Cookie.Linksynergy
C:\Documents and Settings\Bryan\Cookies\bryan@myway[2].txt -> Spyware.Cookie.Myway
C:\Documents and Settings\Bryan\Cookies\bryan@netflix[2].txt -> Spyware.Cookie.Netflix
C:\Documents and Settings\Bryan\Cookies\bryan@offeroptimizer[1].txt -> Spyware.Cookie.Offeroptimizer
C:\Documents and Settings\Bryan\Cookies\bryan@www.azoogleads[2].txt -> Spyware.Cookie.Azoogleads
C:\Documents and Settings\Bryan\Cookies\bryan@www.everyfreegift[2].txt -> Spyware.Cookie.Everyfreegift
:mozilla.9:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Atdmt
:mozilla.26:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Serving-sys
:mozilla.27:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Serving-sys
:mozilla.28:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Serving-sys
:mozilla.29:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Serving-sys
:mozilla.30:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Serving-sys
:mozilla.31:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Netflix
:mozilla.32:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Netflix
:mozilla.33:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Netflix
:mozilla.34:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Netflix
:mozilla.35:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Netflix
:mozilla.36:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Netflix
:mozilla.37:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Netflix
:mozilla.38:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Netflix
:mozilla.39:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Netflix
:mozilla.40:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Doubleclick
:mozilla.57:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Questionmarket
:mozilla.58:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Mediaplex
:mozilla.59:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Valueclick
:mozilla.60:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Valueclick
:mozilla.64:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Bluestreak
:mozilla.66:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Centrport
:mozilla.67:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Centrport
:mozilla.75:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.76:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.77:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.78:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.79:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.80:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.82:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.83:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.84:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.85:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.86:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.87:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.88:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.89:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.90:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.91:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.92:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.93:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.94:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.95:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.96:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.97:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.99:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.100:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.101:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.102:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.103:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Advertising
:mozilla.107:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Imrworldwide
:mozilla.108:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Webtrendslive
:mozilla.109:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Imrworldwide
:mozilla.111:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Coremetrics
:mozilla.117:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Apmebf
:mozilla.118:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Qksrv
:mozilla.119:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Qksrv
:mozilla.120:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Apmebf
:mozilla.121:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Addfreestats
:mozilla.122:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Bfast
:mozilla.124:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Hitbox
:mozilla.125:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Overture
:mozilla.126:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Overture
:mozilla.127:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Bizrate
:mozilla.128:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Hitbox
:mozilla.129:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Hitbox
:mozilla.130:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Bizrate
:mozilla.135:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Bizrate
:mozilla.136:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Bizrate
:mozilla.145:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.2o7
:mozilla.146:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.2o7
:mozilla.147:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.2o7
:mozilla.156:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Abum
:mozilla.157:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Adknowledge
:mozilla.158:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Abum
:mozilla.159:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Fastclick
:mozilla.160:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Casalemedia
:mozilla.161:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Casalemedia
:mozilla.162:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Casalemedia
:mozilla.173:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Trafficmp
:mozilla.174:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Trafficmp
:mozilla.175:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Trafficmp
:mozilla.176:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Trafficmp
:mozilla.177:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Trafficmp
:mozilla.178:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Zedo
:mozilla.179:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Zedo
:mozilla.180:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Zedo
:mozilla.181:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.About
:mozilla.183:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.About
:mozilla.184:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.About
:mozilla.185:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.About
:mozilla.186:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.About
:mozilla.191:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Specificclick
:mozilla.192:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Specificclick
:mozilla.193:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Wwwbettycrocker
:mozilla.197:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Checkm8
:mozilla.198:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Checkm8
:mozilla.199:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Checkm8
:mozilla.200:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Checkm8
:mozilla.204:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Ru4
:mozilla.206:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Pointroll
:mozilla.207:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Pointroll
:mozilla.208:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Pointroll
:mozilla.209:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Pointroll
:mozilla.210:C:\Documents and Settings\Shamai\Application Data\Mozilla\Firefox\Profiles\unpvm2y6.default\cookies.txt -> Spyware.Cookie.Pointroll
:mozilla.12:C:\Documents and Settings\Shamai\Application Data\Mozilla\Profiles\default\rll6lq4o.slt\cookies.txt -> Spyware.Cookie.Questionmarket
C:\Documents and Settings\Shamai\Cookies\shamai@888[2].txt -> Spyware.Cookie.888.com
C:\Documents and Settings\Shamai\Cookies\shamai@a.websponsors[1].txt -> Spyware.Cookie.Websponsors
C:\Documents and Settings\Shamai\Cookies\shamai@aavalue[1].txt -> Spyware.Cookie.Aavalue
C:\Documents and Settings\Shamai\Cookies\shamai@abetterinternet[2].txt -> Spyware.Cookie.Abetterinternet
C:\Documents and Settings\Shamai\Cookies\shamai@adknowledge[2].txt -> Spyware.Cookie.Adknowledge
C:\Documents and Settings\Shamai\Cookies\shamai@adultfriendfinder[1].txt -> Spyware.Cookie.Adult-friend-finder
C:\Documents and Settings\Shamai\Cookies\shamai@aimtoday.aol[1].txt -> Spyware.Cookie.Aol
C:\Documents and Settings\Shamai\Cookies\shamai@atdmt[2].txt -> Spyware.Cookie.Atdmt
C:\Documents and Settings\Shamai\Cookies\shamai@azjmp[1].txt -> Spyware.Cookie.Azjmp
C:\Documents and Settings\Shamai\Cookies\shamai@bigchurch[2].txt -> Spyware.Cookie.Bigchurch
C:\Documents and Settings\Shamai\Cookies\shamai@btg.btgrab[1].txt -> Spyware.Cookie.Btgrab
C:\Documents and Settings\Shamai\Cookies\shamai@chtah[1].txt -> Spyware.Cookie.Chtah
C:\Documents and Settings\Shamai\Cookies\shamai@cliks[2].txt -> Spyware.Cookie.Cliks
C:\Documents and Settings\Shamai\Cookies\shamai@creativeby.viewpoint[1].txt -> Spyware.Cookie.Viewpoint
C:\Documents and Settings\Shamai\Cookies\shamai@desktop.kazaa[1].txt -> Spyware.Cookie.Kazaa
C:\Documents and Settings\Shamai\Cookies\shamai@dist.belnk[2].txt -> Spyware.Cookie.Belnk
C:\Documents and Settings\Shamai\Cookies\shamai@dr.webservicehosts[1].txt -> Spyware.Cookie.Webservicehosts
C:\Documents and Settings\Shamai\Cookies\shamai@e.rn11[1].txt -> Spyware.Cookie.Rn11
C:\Documents and Settings\Shamai\Cookies\shamai@emarketmakers[2].txt -> Spyware.Cookie.Emarketmakers
C:\Documents and Settings\Shamai\Cookies\shamai@eztracks.aavalue[2].txt -> Spyware.Cookie.Aavalue
C:\Documents and Settings\Shamai\Cookies\shamai@hoylegames.sierra[1].txt -> Spyware.Cookie.Sierra
C:\Documents and Settings\Shamai\Cookies\shamai@kazaa[1].txt -> Spyware.Cookie.Kazaa
C:\Documents and Settings\Shamai\Cookies\shamai@login.tracking101[2].txt -> Spyware.Cookie.Tracking101
C:\Documents and Settings\Shamai\Cookies\shamai@mediaplex[1].txt -> Spyware.Cookie.Mediaplex
C:\Documents and Settings\Shamai\Cookies\shamai@myway[2].txt -> Spyware.Cookie.Myway
C:\Documents and Settings\Shamai\Cookies\shamai@mywebsearch[1].txt -> Spyware.Cookie.Mywebsearch
C:\Documents and Settings\Shamai\Cookies\shamai@namesdatabase[2].txt -> Spyware.Cookie.Namesdatabase
C:\Documents and Settings\Shamai\Cookies\shamai@offeroptimizer[2].txt -> Spyware.Cookie.Offeroptimizer
C:\Documents and Settings\Shamai\Cookies\shamai@partner2profit[2].txt -> Spyware.Cookie.Partner2profit
C:\Documents and Settings\Shamai\Cookies\shamai@pyn.pynix[2].txt -> Spyware.Cookie.Pynix
C:\Documents and Settings\Shamai\Cookies\shamai@rightmedia[2].txt -> Spyware.Cookie.Rightmedia
C:\Documents and Settings\Shamai\Cookies\shamai@rn11[2].txt -> Spyware.Cookie.Rn11
C:\Documents and Settings\Shamai\Cookies\shamai@sageanalyst[1].txt -> Spyware.Cookie.Sageanalyst
C:\Documents and Settings\Shamai\Cookies\shamai@ssa.kazaa[1].txt -> Spyware.Cookie.Kazaa
C:\Documents and Settings\Shamai\Cookies\shamai@webservicehosts[1].txt -> Spyware.Cookie.Webservicehosts
C:\Documents and Settings\Shamai\Cookies\shamai@www.azoogleads[2].txt -> Spyware.Cookie.Azoogleads
C:\Documents and Settings\Shamai\Cookies\shamai@www.match[2].txt -> Spyware.Cookie.Wwwmatch
C:\Documents and Settings\Shamai\Local Settings\Temp\p2psetup.exe -> Spyware.P2PNetworking
C:\Documents and Settings\Shamai\Local Settings\Temp\THI2810.tmp\pynix.cab/Pynix.dll -> Spyware.BiSpy
C:\Documents and Settings\Shamai\Local Settings\Temp\THI2810.tmp\pynix.cab/polall1p.exe -> Trojan.Agent.ay
C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Spyware.Wheaterbug
C:\Program Files\Hewlett-Packard\Memories Disc\hpodlog.exe -> Heuristic.Win32.Hijacker1
C:\Program Files\Microsoft Office\Office\MSOHTMED.EXE -> Heuristic.Win32.Downloader
C:\WINDOWS\bshpejk.exe -> Spyware.BetterInternet
C:\WINDOWS\NDNuninstall6_38.exe -> Spyware.NewDotNet
C:\WINDOWS\vmithbmnj.exe -> Spyware.BetterInternet
C:\WINDOWS\wupdt.exe -> TrojanDownloader.Intexp.c
::Report End
Remove Newdotnet either from Add/Remove Programs, or by going to http://www.newdotnet.com/#remove and scrolling down to the Uninstall tool.
For every User listed under C:\Documents and Settings, delete the entire contents of these folders (not the folders themselves):
Local Settings\Temp
Cookies
History
Local Settings\Temporary Internet Files\Content.IE5
Delete the entire contents of your C:\Windows\Temp folder.
Delete the entire contents of your C:\Temp folder (if you have one).
Do a search for *.tmp and delete all entries found.
Go to Start, Run, and type in cleanmgr, and then click OK. Select the drive XP is on, and check the boxes for Downloaded Program Files (move any files you wish to keep out of this folder first), Temporary Internet Files, Recycle Bin, Temporary Files, Temporary Offline Files, Offline Files, (and Compress old files & Catalog files for the Content Indexer if you wish), and then click OK. Click Yes to confirm you want these files deleted. It may take awhile for this to run, please be patient.
Note: if any of these temporary files cannot be deleted while in normal mode, try Safe Mode.
Open Firefox, go to Tools, Options, and click on Privacy (padlock icon on the left); click on the Clear All button.
Go to Add/Remove Programs in your Control Panel and remove Kazaa.
Get Kazaabegone to remove all remnants of Kazaa:
http://www.spychecker.com/program/kazaagone.html
Before running Kazaabegone, download LSPfix from http://www.computercops.biz/downloads-file-334.html (the process of getting rid of Kazaa sometimes messes up the internet connection and this will allow you to restore it).
Run Kazaabegone; if your internet connection is lost, start LSPfix.
On the opening screen, click the I know what I'm doing checkbox. Then click Finish.
That will restore all previous settings.
Scan with hijackthis and have it fix the following entries:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll (file missing)
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM\..\Run: [iotfss] c:\windows\system32\cstqpn.exe r
O10 - Broken Internet access because of LSP provider 'xfire_lsp_10650.dll' missing
Remember to close any open windows before hitting Fix checked.
Did you find out if these are legit?
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B869A6F-B0FE-440E-96C9-D20A237B706A}: NameServer = 4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{99C2A277-40E5-4C84-9214-A21786E4CA32}: NameServer = 4.2.2.2
Go to the following locations and delete the highlighted files:
C:\WINDOWS\systb.dll
C:\windows\system32\cstqpn.exe
Empty your Recycle Bin, reboot, and post a new hijackthis log please.
For every User listed under C:\Documents and Settings, delete the entire contents of these folders (not the folders themselves):
Local Settings\Temp
Cookies
History
Local Settings\Temporary Internet Files\Content.IE5
Delete the entire contents of your C:\Windows\Temp folder.
Delete the entire contents of your C:\Temp folder (if you have one).
Do a search for *.tmp and delete all entries found.
Go to Start, Run, and type in cleanmgr, and then click OK. Select the drive XP is on, and check the boxes for Downloaded Program Files (move any files you wish to keep out of this folder first), Temporary Internet Files, Recycle Bin, Temporary Files, Temporary Offline Files, Offline Files, (and Compress old files & Catalog files for the Content Indexer if you wish), and then click OK. Click Yes to confirm you want these files deleted. It may take awhile for this to run, please be patient.
Note: if any of these temporary files cannot be deleted while in normal mode, try Safe Mode.
Open Firefox, go to Tools, Options, and click on Privacy (padlock icon on the left); click on the Clear All button.
Go to Add/Remove Programs in your Control Panel and remove Kazaa.
Get Kazaabegone to remove all remnants of Kazaa:
http://www.spychecker.com/program/kazaagone.html
Before running Kazaabegone, download LSPfix from http://www.computercops.biz/downloads-file-334.html (the process of getting rid of Kazaa sometimes messes up the internet connection and this will allow you to restore it).
Run Kazaabegone; if your internet connection is lost, start LSPfix.
On the opening screen, click the I know what I'm doing checkbox. Then click Finish.
That will restore all previous settings.
Scan with hijackthis and have it fix the following entries:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll (file missing)
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM\..\Run: [iotfss] c:\windows\system32\cstqpn.exe r
O10 - Broken Internet access because of LSP provider 'xfire_lsp_10650.dll' missing
Remember to close any open windows before hitting Fix checked.
Did you find out if these are legit?
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B869A6F-B0FE-440E-96C9-D20A237B706A}: NameServer = 4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{99C2A277-40E5-4C84-9214-A21786E4CA32}: NameServer = 4.2.2.2
Go to the following locations and delete the highlighted files:
C:\WINDOWS\systb.dll
C:\windows\system32\cstqpn.exe
Empty your Recycle Bin, reboot, and post a new hijackthis log please.
•
•
•
•
Originally Posted by dlh6213
Remove Newdotnet either from Add/Remove Programs, or by going to http://www.newdotnet.com/#remove and scrolling down to the Uninstall tool.
•
•
•
•
Originally Posted by dlh6213
For every User listed under C:\Documents and Settings, delete the entire contents of these folders (not the folders themselves):
Local Settings\Temp
Cookies
History
Local Settings\Temporary Internet Files\Content.IE5
•
•
•
•
Originally Posted by dlh6213
Do a search for *.tmp and delete all entries found.
Sorry, that site has been revised; please go here instead and follow the instructions:
http://www.newdotnet.com/removal.html
Your system needs to be set to Show hidden files and folders in order to see those folders.
Deleting the temp files hurt won't the programs.
http://www.newdotnet.com/removal.html
Your system needs to be set to Show hidden files and folders in order to see those folders.
Deleting the temp files hurt won't the programs.
ok did all that and here you go.....
Logfile of HijackThis v1.99.1
Scan saved at 12:22:33 AM, on 6/21/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
c:\windows\system32\coyeps.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hijackthis\HijackThis.exe
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [qisqtc] c:\windows\system32\coyeps.exe r
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B869A6F-B0FE-440E-96C9-D20A237B706A}: NameServer = 4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{99C2A277-40E5-4C84-9214-A21786E4CA32}: NameServer = 4.2.2.2
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Logfile of HijackThis v1.99.1
Scan saved at 12:22:33 AM, on 6/21/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
c:\windows\system32\coyeps.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hijackthis\HijackThis.exe
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [qisqtc] c:\windows\system32\coyeps.exe r
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B869A6F-B0FE-440E-96C9-D20A237B706A}: NameServer = 4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{99C2A277-40E5-4C84-9214-A21786E4CA32}: NameServer = 4.2.2.2
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Do this again please...
Reboot into Safe Mode.
Double-click on the Nailfix.bat that is on your desktop.
When it's finished, run a full system scan with Ewido.
Reboot normally.
Scan with hijackthis and have it fix the following entries:
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O4 - HKLM\..\Run: [qisqtc] c:\windows\system32\coyeps.exe r
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
Be sure to close all open windows before hitting Fix checked.
go to the following locations and delete the highlighted files:
C:\WINDOWS\Nail.exe
C:\windows\system32\coyeps.exe
C:\WINDOWS\svcproc.exe
Reboot and post a new hijackthis log and the new Ewido log.
Reboot into Safe Mode.
Double-click on the Nailfix.bat that is on your desktop.
When it's finished, run a full system scan with Ewido.
Reboot normally.
Scan with hijackthis and have it fix the following entries:
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O4 - HKLM\..\Run: [qisqtc] c:\windows\system32\coyeps.exe r
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
Be sure to close all open windows before hitting Fix checked.
go to the following locations and delete the highlighted files:
C:\WINDOWS\Nail.exe
C:\windows\system32\coyeps.exe
C:\WINDOWS\svcproc.exe
Reboot and post a new hijackthis log and the new Ewido log.
|
Similar Threads
- DrPmon.dll & Aurora problems (Viruses, Spyware and other Nasties)
- DrPmon.dll & Aurora problems (Viruses, Spyware and other Nasties)
- DrPmon.dll & Aurora problems (Viruses, Spyware and other Nasties)
- Aurora/drpmon.dll - assistance needed (Viruses, Spyware and other Nasties)
- Aurora popups and Drpmon.dll trouble (Viruses, Spyware and other Nasties)
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: threats, virus, etc cant be removed
- Next Thread: Persistent Spyware(hijack log included)
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Viruses, Spyware and other Nasties Posts
adware anti-malware anti-virussitesaccessissue antivirus apple attack audio avg backtoschoolspeech bar blackhat botnet censorship china commercials conficker connect control crosssitescripting cyber cyberwarfare ddos domains e-mafia education email europe exploit facebook fake fancheckvirus gaming gtaiv gumblar halloween hijack internet iphone kaspersky legal logfiles mail malware mcafee mega-d messagelabs microsoft mobile msn nazi news obama onlinethreats paedophile panel parents patch phishing police president privacy pro problem redirect redirecting reliability report research risk rogueantivirus samhain sans scareware school search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system teen translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses war warning windows worm yahoo zeroday
