Viruses, Spyware and other Nasties RSS Viruses, Spyware and other Nasties RSS

Help Red Circle etc.. HJT file enc

Reply

Join Date: Apr 2006
Posts: 4
Reputation: Jav is an unknown quantity at this point 
Solved Threads: 0
Jav Jav is offline Offline
Unverified User

Help Red Circle etc.. HJT file enc

 
0
  #1
Apr 13th, 2006
Hope you can help me, ive got the red circle with white cross... its messing up my browser and with annoying pop ups ... ive done the HJT and the log is as follows :-

Logfile of HijackThis v1.99.1
Scan saved at 15:41:15, on 13/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Daily Weather Forecast\weather.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\QuickTime\qttask.exe
C:\Documents and Settings\Javeed\Application Data\sgrunt\IE4321.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe
C:\PROGRA~1\MICROS~4\wcescomm.exe
C:\winstall.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe
C:\WINDOWS\Downloaded Program Files\CONFLICT.7\AUTO_4289_N.exe
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\dialere.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Javeed\My Documents\Unzipped\hijackthis[1]\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.co.uk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.co.uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [] winlog.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Daily Weather Forecast] C:\Program Files\Daily Weather Forecast\weather.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [winsupdater] C:\Program Files\winsupdater\winsupdater.exe /auto
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Olympic] C:\Documents and Settings\Javeed\Application Data\sgrunt\IE4321.exe
O4 - HKLM\..\RunServices: [] winlog.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~4\wcescomm.exe"
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: www.linkautomatici.com
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.sgrunt.biz
O15 - Trusted Zone: www.skymasters.biz
O15 - Trusted Zone: www.xbeta69.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B2F49FB} - http://www.sgrunt.biz/closer/close.exe
O20 - Winlogon Notify: PCANotify - C:\WINDOWS\SYSTEM32\PCANotify.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

your help will be really appreciated.
Reply With Quote Quick reply to this message  
Join Date: Jul 2005
Posts: 1,542
Reputation: tayspen is on a distinguished road 
Solved Threads: 98
Team Colleague
tayspen's Avatar
tayspen tayspen is offline Offline
<Insert title here>

Re: Help Red Circle etc.. HJT file enc

 
0
  #2
Apr 13th, 2006
Ok, you have a fair amount of nasties. Lets knock some out with scanners before we proceed manually.

Download the Free trial version of Spysweeper

http://www.webroot.com/consumer/pro...&rc=4129&ac=tsg

Update the defintions and run it.

Then download ewido

www.ewido.net - Install. Update. Scan. Remove anything it finds.

Download smitRem.exe (http://www.bleepingcomputer.com/resources/link240.html), saving the file to your desktop. Double click it to extract the contents to a folder of it's own. Restart your computer in safe mode, logon to the user account that is infected, open the smitRem folder and double click the RunThis.bat file to start the tool. Follow the prompts on screen and allow disk cleanup to complete. Upon reboot, you can reset your desktop background.

Then run HJT again, select "Do System Scan only", then place a check next to these items.

O15 - Trusted Zone: www.archiviosex.net

O15 - Trusted Zone: www.linkautomatici.com

O15 - Trusted Zone: www.redfunny.com

O15 - Trusted Zone: www.sgrunt.biz

O15 - Trusted Zone: www.skymasters.biz

O15 - Trusted Zone: www.xbeta69.com

O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B2F49FB} - http://www.sgrunt.biz/closer/close.exe
Click Fix Checked.

Then post a new HJT log, the ewido log, the Spysweeper log, and the contents of C:\smitfiles.txt
Firefox
Ewido
Tune up windows
Get detailed system information
My Fixes

Member - Alliance of Security Analysis Professionals - Since 2006
Reply With Quote Quick reply to this message  
Join Date: Apr 2006
Posts: 4
Reputation: Jav is an unknown quantity at this point 
Solved Threads: 0
Jav Jav is offline Offline
Unverified User

Re: Help Red Circle etc.. HJT file enc

 
0
  #3
Apr 15th, 2006
Hi, right i think the nasties started messing with my internet. i ran nortan antivirus it detected a 35 and deleted them and hence i was able to get back online. below are the spy sweeper logs, the awido crashed half way thru so i didnt get a log for that part. second time round it was complete and the log is below. no probs with the smit, log below and finally the HJT log...

|··· Saturday, 15 April 2006 10:46 PM ···|
Updating software definitions
Your software definitions have been updated.
10:53 PM Sweeping memory for active software.
10:53 PM Memory sweep has completed.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
Found: Backweb registry trace.
10:53 PM Registry sweep completed.
10:53 PM Full sweep on all local drives initiated.
10:53 PM Now sweeping drive C:
Found Cookie: About Cookie, version 1
Found Cookie: About Cookie, version 1
Found Cookie: BurstNet Cookie, version 1
Found Cookie: About Cookie, version 1
Found Cookie: Clickbank Cookie, version 1
Found Cookie: Com.com Cookie, version 1
Found Cookie: Counter Cookie, version 1
Found Cookie: Counter Cookie, version 1
Found Cookie: Overture Cookie, version 1
Found Cookie: Dealtime Cookie, version 1
Found Cookie: About Cookie, version 1
Found Cookie: Travelocity.com Cookie, version 1
Found Cookie: Com.com Cookie, version 1
Found Cookie: Com.com Cookie, version 1
Found Cookie: Com.com Cookie, version 1
Found Cookie: About Cookie, version 1
Found Cookie: HowStuffWorks Cookie, version 1
Found Cookie: About Cookie, version 1
Found Cookie: One-time-offer Cookie, version 1
Found Cookie: Passport Cookie, version 1
Found Cookie: Passport Cookie, version 1
Found Cookie: LivePerson Cookie, version 1
Found Cookie: Falkag Cookie, version 1
Found Cookie: About Cookie, version 1
Found Cookie: freestats.net Cookie, version 1
Found Cookie: Dealtime Cookie, version 1
Found Cookie: About Cookie, version 1
Found Cookie: Com.com Cookie, version 1
Found Cookie: Com.com Cookie, version 1
Found Adware: SaveNow - WhenUSave, version 1.6.0.1
Found Adware: SaveNow - WhenUSave, version 1.6.0.1
Found Adware: SaveNow - WhenUSave, version 1.6.0.1
Found Adware: Backweb, version 1
Found Adware: Backweb, version 1
Found Adware: Backweb, version 1
Found Adware: Backweb, version 1
Found Adware: Backweb, version 1
Found Adware: Backweb, version 1
Found Adware: Backweb, version 1
Found Adware: Backweb, version 1
Found Adware: Backweb, version 1
Found Adware: Internet Washer, version 1
Found System Monitor: Spy Sweeper Update, version 1
Found Adware: Backweb, version 1
11:16 PM Full Sweep has completed. Elapsed time 0 hours, 22 minutes, 46 seconds.
Files swept: 76,116
Software Located: 778
Spy Sweeper quarantined a cookie: About Cookie
Spy Sweeper quarantined a cookie: About Cookie
Spy Sweeper quarantined a cookie: About Cookie
Spy Sweeper quarantined a cookie: About Cookie
Spy Sweeper quarantined a cookie: About Cookie
Spy Sweeper quarantined a cookie: About Cookie
Spy Sweeper quarantined a cookie: About Cookie
Spy Sweeper quarantined a cookie: About Cookie
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined registry traces of: Backweb
Spy Sweeper quarantined: Backweb
Spy Sweeper quarantined: Backweb
Spy Sweeper quarantined: Backweb
Spy Sweeper quarantined: Backweb
Spy Sweeper quarantined: Backweb
Spy Sweeper quarantined: Backweb
Spy Sweeper quarantined: Backweb
Spy Sweeper quarantined: Backweb
Spy Sweeper quarantined: Backweb
Spy Sweeper quarantined: Backweb
Spy Sweeper quarantined a cookie: BurstNet Cookie
Spy Sweeper quarantined a cookie: Clickbank Cookie
Spy Sweeper quarantined a cookie: Com.com Cookie
Spy Sweeper quarantined a cookie: Com.com Cookie
Spy Sweeper quarantined a cookie: Com.com Cookie
Spy Sweeper quarantined a cookie: Com.com Cookie
Spy Sweeper quarantined a cookie: Com.com Cookie
Spy Sweeper quarantined a cookie: Com.com Cookie
Spy Sweeper quarantined a cookie: Counter Cookie
Spy Sweeper quarantined a cookie: Counter Cookie
Spy Sweeper quarantined a cookie: Dealtime Cookie
Spy Sweeper quarantined a cookie: Dealtime Cookie
Spy Sweeper quarantined a cookie: Falkag Cookie
Spy Sweeper quarantined a cookie: freestats.net Cookie
Spy Sweeper quarantined a cookie: HowStuffWorks Cookie
Spy Sweeper quarantined: Internet Washer
Spy Sweeper quarantined a cookie: LivePerson Cookie
Spy Sweeper quarantined a cookie: One-time-offer Cookie
Spy Sweeper quarantined a cookie: Overture Cookie
Spy Sweeper quarantined a cookie: Passport Cookie
Spy Sweeper quarantined a cookie: Passport Cookie
Spy Sweeper quarantined: SaveNow - WhenUSave
Spy Sweeper quarantined: SaveNow - WhenUSave
Spy Sweeper quarantined: SaveNow - WhenUSave
Spy Sweeper quarantined a cookie: Travelocity.com Cookie
Spy Sweeper quarantined: Spy Sweeper Update
········· End of Session 11:28 PM ·········


|··· Saturday, 15 April 2006 11:29 PM ···|

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 00:20:32, 16/04/2006
+ Report-Checksum: 9BF57506

+ Scan result:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WhenUSaveMsg -> Adware.SaveNow : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@casinotropez[1].txt -> TrackingCookie.Casinotropez : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@clickbank[2].txt -> TrackingCookie.Clickbank : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@com[2].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wfk4ogc5wbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wfkiggc5edp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wfkigpdzmlq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wfkiohazkco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wfkiqgcjebo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wfkiujdpmaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wfkoalajgbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wfkoeid5gfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wfkoekczoko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wfkownazgeo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wfkyehdpshp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wfkyglazagq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wfkykmc5ehp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wfl4skd5obq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wfliepdpkko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wflikgajcfq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wflikncpsep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wflioldzikq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wflioodzgbo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wfloagajwep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wfloojczgdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wfloqhcpecq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wfloqicpgap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wflougdjsbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wflowjczakp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wflyeod5mhq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wfmywndziao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wgk4khcjedo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wgk4qkazedq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wgkigodjkcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wgkiohcjafo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wgkiqmczado.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wgkoekcjeeo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wgkoggc5gcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wgkoqgdpwbq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wgkycocpiap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wgkyoidjico.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjl4kjc5klp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjl4ojdzabq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjl4qlcpgdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjl4spdjmeo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjl4wmcjehq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjl4wpd5kdq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjliandjeco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjlieod5kap.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjliogc5slp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjliqncpolo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjloclczago.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjloogcpebp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjloogcpwdq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjlookdjshp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjlowjcjido.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjlyugcjwaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjmiagdjaep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjmiwmcjofo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjmyajazwbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjmyapcjobq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjmyomdpeaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@e-2dj6wjnyqoazehq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@estat[1].txt -> TrackingCookie.Estat : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@sales.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@sel.as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Javeed\Cookies\javeed@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\11733.exe -> Not-A-Virus.Hoax.Win32.Renos.bw : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\13858.exe -> Not-A-Virus.Hoax.Win32.Renos.bm : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\13888.exe -> Not-A-Virus.Hoax.Win32.Renos.bw : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\16218.exe -> Not-A-Virus.Hoax.Win32.Renos.al : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\16357.exe -> Not-A-Virus.Hoax.Win32.Renos.bm : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\16682.exe -> Not-A-Virus.Hoax.Win32.Renos.bm : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\16730.exe -> Not-A-Virus.Hoax.Win32.Renos.bw : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\17917.exe -> Not-A-Virus.Hoax.Win32.Renos.bw : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\19570.exe -> Not-A-Virus.Hoax.Win32.Renos.bw : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\1995.exe -> Not-A-Virus.Hoax.Win32.Renos.al : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\20089.exe -> Not-A-Virus.Hoax.Win32.Renos.bw : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\22092.exe -> Not-A-Virus.Hoax.Win32.Renos.bm : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\23446.exe -> Not-A-Virus.Hoax.Win32.Renos.ad : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\24303.exe -> Not-A-Virus.Hoax.Win32.Renos.bw : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\27096.exe -> Not-A-Virus.Hoax.Win32.Renos.bw : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\3949.exe -> Not-A-Virus.Hoax.Win32.Renos.bw : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\640.exe -> Not-A-Virus.Hoax.Win32.Renos.bj : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\6663.exe -> Not-A-Virus.Hoax.Win32.Renos.bw : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\8194.exe -> Not-A-Virus.Hoax.Win32.Renos.az : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\8426.exe -> Not-A-Virus.Hoax.Win32.Renos.bw : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temp\VVSNInst.exe -> Adware.SaveNow : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temporary Internet Files\Content.IE5\7ZDBNL8W\prompt[2].htm -> Downloader.IstBar.j : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temporary Internet Files\Content.IE5\A9C3EPI5\dai[1].exe -> Trojan.Dialer.on : Cleaned with backup
C:\Documents and Settings\Javeed\Local Settings\Temporary Internet Files\Content.IE5\JA03RHG9\dialere[1].exe -> Trojan.Dialer.on : Cleaned with backup
C:\Documents and Settings\Javeed\Start Menu\Programs\WhenU -> Adware.SaveNow : Cleaned with backup
C:\Documents and Settings\Javeed\Start Menu\Programs\WhenU\Learn More About WhenU Save.url -> Adware.SaveNow : Cleaned with backup
C:\Documents and Settings\Javeed\Start Menu\Programs\WhenU\Learn More About WhenU SaveNow.url -> Adware.SaveNow : Cleaned with backup
C:\Documents and Settings\Javeed\Start Menu\Programs\WhenU\WhenU.com Website.url -> Adware.SaveNow : Cleaned with backup
C:\My Downloads\free pocket pc poker games.zip/Install Package/SetupCasino.exe -> Adware.Casino : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\dialere.exe -> Trojan.Dialer.on : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\dialere.exe -> Trojan.Dialer.on : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\dialere.exe -> Trojan.Dialer.on : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.4\dialere.exe -> Trojan.Dialer.on : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\dai.exe -> Trojan.Dialer.on : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\dialere.exe -> Trojan.Dialer.on : Cleaned with backup


::Report End


smitRem © log file
version 2.8

by noahdfear


Microsoft Windows XP [Version 5.1.2600]
The current date is: 16/04/2006
The current time is: 0:43:24.18

Running from
C:\Documents and Settings\Javeed\Desktop\smitRem

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Pre-run SharedTask Export

(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright(C) 2006 BleepingComputer.com

Registry Pseudo-Format Mode (Not a valid reg file):

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

checking for ShudderLTD key

ShudderLTD key not present!

checking for PSGuard.com key


PSGuard.com key not present!


checking for WinHound.com key


WinHound.com key not present!

spyaxe uninstaller NOT present
Winhound uninstaller NOT present
SpywareStrike uninstaller NOT present

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Existing Pre-run Files


~~~ Program Files ~~~



~~~ Shortcuts ~~~

Install.dat


~~~ Favorites ~~~



~~~ system32 folder ~~~

logfiles


~~~ Icons in System32 ~~~



~~~ Windows directory ~~~



~~~ Drive root ~~~


~~~ Miscellaneous Files/folders ~~~




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 776 'explorer.exe'

Starting registry repairs

Registry repairs complete

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SharedTask Export after registry fix

(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright(C) 2006 BleepingComputer.com

Registry Pseudo-Format Mode (Not a valid reg file):

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Deleting files

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Remaining Post-run Files


~~~ Program Files ~~~



~~~ Shortcuts ~~~



~~~ Favorites ~~~



~~~ system32 folder ~~~



~~~ Icons in System32 ~~~



~~~ Windows directory ~~~



~~~ Drive root ~~~


~~~ Miscellaneous Files/folders ~~~


~~~ Wininet.dll ~~~

CLEAN!

Logfile of HijackThis v1.99.1
Scan saved at 01:02:41, on 16/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Daily Weather Forecast\weather.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\PROGRA~1\MICROS~4\wcescomm.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Javeed\My Documents\Unzipped\hijackthis[1]\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [] winlog.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Daily Weather Forecast] C:\Program Files\Daily Weather Forecast\weather.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [winsupdater] C:\Program Files\winsupdater\winsupdater.exe /auto
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Olympic] C:\Documents and Settings\Javeed\Application Data\sgrunt\IE4321.exe
O4 - HKLM\..\RunServices: [] winlog.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~4\wcescomm.exe"
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: PCANotify - C:\WINDOWS\SYSTEM32\PCANotify.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

i hope that this reads better now, coz i aint got a clue ....
thanks ....what next ??
Reply With Quote Quick reply to this message  
Join Date: Jul 2005
Posts: 1,542
Reputation: tayspen is on a distinguished road 
Solved Threads: 98
Team Colleague
tayspen's Avatar
tayspen tayspen is offline Offline
<Insert title here>

Re: Help Red Circle etc.. HJT file enc

 
0
  #4
Apr 15th, 2006
Hi, your log looks alot better, but there are a few things to fix. Run HJT, and check the following items.


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm

O4 - HKLM\..\Run: [] winlog.exe

O4 - HKLM\..\Run: [winsupdater] C:\Program Files\winsupdater\winsupdater.exe /auto

O4 - HKLM\..\Run: [Olympic] C:\Documents and Settings\Javeed\Application Data\sgrunt\IE4321.exe

O4 - HKLM\..\RunServices: [] winlog.exe



Click Fix Checked
------------------------------------------------------
Then please go to Start>Control Panel>Add/Remove programs

Uninstall anything haveing to do with the following.

-winsupdater

-Win Updater
------------------------------------------------------

Then please boot into safe mode and and configure windows to show hidden files.. Once in safe mode, please delete the following files.

C:\Program Files\winsupdater\winsupdater.exe

C:\Windows\winlog.exe

C:\Windows\system32\winlog.exe

If you can't find any of the files just skip it and go onto the next...

-----------------------------------------------------

Then while your still in safe mode delete the following folder

C:\Program Files\winsupdater\
----------------------------------------------------

Empty Recycle Bin and then reboot normally.

Post a new log.
Firefox
Ewido
Tune up windows
Get detailed system information
My Fixes

Member - Alliance of Security Analysis Professionals - Since 2006
Reply With Quote Quick reply to this message  
Join Date: Apr 2006
Posts: 4
Reputation: Jav is an unknown quantity at this point 
Solved Threads: 0
Jav Jav is offline Offline
Unverified User

Re: Help Red Circle etc.. HJT file enc

 
0
  #5
Apr 16th, 2006
hi, i couldnt find anything under remove programs or anything under the following step... here is my new log....

Logfile of HijackThis v1.99.1
Scan saved at 10:09:51, on 16/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe
C:\Program Files\Daily Weather Forecast\weather.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\PROGRA~1\MICROS~4\wcescomm.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Javeed\My Documents\Unzipped\hijackthis[1]\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Daily Weather Forecast] C:\Program Files\Daily Weather Forecast\weather.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~4\wcescomm.exe"
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: PCANotify - C:\WINDOWS\SYSTEM32\PCANotify.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

cheers....
Reply With Quote Quick reply to this message  
Join Date: Jul 2005
Posts: 1,542
Reputation: tayspen is on a distinguished road 
Solved Threads: 98
Team Colleague
tayspen's Avatar
tayspen tayspen is offline Offline
<Insert title here>

Re: Help Red Circle etc.. HJT file enc

 
0
  #6
Apr 16th, 2006
Thats a clean log . Does everything seem to be back to normal?
Firefox
Ewido
Tune up windows
Get detailed system information
My Fixes

Member - Alliance of Security Analysis Professionals - Since 2006
Reply With Quote Quick reply to this message  
Join Date: Apr 2006
Posts: 4
Reputation: Jav is an unknown quantity at this point 
Solved Threads: 0
Jav Jav is offline Offline
Unverified User

Re: Help Red Circle etc.. HJT file enc

 
0
  #7
Apr 16th, 2006
yep it all seems fine, thank you so much. One last question, how do permanently remove item that open in my systems traay i.e programs that open on start up and are listed in the bottom right next to the time ?
Reply With Quote Quick reply to this message  
Join Date: Jan 2006
Posts: 1,605
Reputation: 'Stein is on a distinguished road 
Solved Threads: 104
Team Colleague
'Stein's Avatar
'Stein 'Stein is offline Offline
Lapsed Skeptic

Re: Help Red Circle etc.. HJT file enc

 
0
  #8
Apr 16th, 2006
Well, most of the time it depends on the program. Some programs (ie QuickTime) allow ya to manually prevent the icon from opening (its inside System preferences> advanced tab).

Other programs, however, open them on their own.

I'd reccomend going thru each individual program trying to find that option, cause most programs give that option to ya.

Thanks.
Now if ya like the help ya could always raise our reputation...
Reply With Quote Quick reply to this message  
Join Date: Jul 2005
Posts: 1,542
Reputation: tayspen is on a distinguished road 
Solved Threads: 98
Team Colleague
tayspen's Avatar
tayspen tayspen is offline Offline
<Insert title here>

Re: Help Red Circle etc.. HJT file enc

 
0
  #9
Apr 16th, 2006
Another way, would be just to disable some of the startup items that you don't need. This will also improve your startup time.

http://netsquirrel.com/msconfig/
Firefox
Ewido
Tune up windows
Get detailed system information
My Fixes

Member - Alliance of Security Analysis Professionals - Since 2006
Reply With Quote Quick reply to this message  
Reply

Quick Reply to Thread
This thread is more than three months old.
Perhaps start a new thread instead?
Message:



Similar Threads
Other Threads in the Viruses, Spyware and other Nasties Forum
Thread Tools Search this Thread



adware anti-malware anti-virussitesaccessissue antivirus apple attack audio avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial commercials conficker connect control crosssitescripting cyber cybercrime cyberwarfare ddos domains e-mafia education email europe exam exploit fake fancheckvirus gaming gtaiv gumblar halloween hijack hosting internet iphone kaspersky legal mail malware mcafee mega-d messagelabs microsoft mobile msn nazi news obama onlinethreats paedophile parents patch phishing police policeprovirusmba-mblockedinternetaccess president pro problem redirect reliability report research risk rogueantivirus samhain sans school search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system teen translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses vista war windows worm yahoo zeroday
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC