0

Seems Daniweb helps a lot of folks out and I would be forever grateful if someone could help me solve this problem. I never actually use IE, just Firefox, but for the past couple of months I have been dealing with occasional popups and at least two copies of IEXPLORE.EXE running in processes all the time. Close one and another pops right back up.

Anyhow, here is my hijackthis log. I hope someone can help. Thanks!

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 10:58:30 AM, on 9/23/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Belkin\PCI F5D700F\Wireless Utility\Belkinwcui.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Adobe\Installers\435a6af7459cb02a9c1138113a26e93\Setup.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Mr. Demo\Desktop\HiJackThis_v2.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [axis web cake second] C:\Documents and Settings\All Users\Application Data\Book Slow Axis Web\USER PURE.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [MediaProxy] C:\DOCUME~1\MR7D46~1.DEM\APPLIC~1\MAPIMA~1\INTERNET ARMY MFCD.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Belkin Wireless G Desktop Card Client Utility.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 6018 bytes

6
Contributors
10
Replies
12
Views
9 Years
Discussion Span
Last Post by jholland1964
0

I can't see anything in the HJT log - but it seems from your report that the browser has been hijacked. You can make a rudimentary heck by seeing wether the default web site is the same as in FireFox; if not and if it is one of these undesired locations, then you've been hijacked.

The afflicting scourge will likely have been by way of registry modification that forces the condition at start up. You can try fiddling in the Registry but ....

Better to get some decent anti-spyware (which you haven't mentioned) like Ad-Aware or SpyBot or AVG.

Let us know.

0

I have run Adaware several times and it hasn't done the trick. The processes are always running, but there aren't always windows open. They seem to pop up more often while I'm surfing in Firefox, particularly when I'm not actually navigating, often when I'm just typing in forums, like it just did now while I was typing this.

Frankly I could keep ignoring it, but I went to install Dreamweaver this morning and it won't install until I close the browser, which obviously I cannot do.

I'll try to run Adaware in safe mode later on to see if that does the trick.

0

Then maybe you do need do delve into your Registry and see what's running at startup.

I posted a fix for Vundo (which I haven't seen in your HJT log on 24-Aug. Take a look at this. The discipline for finding what DLLs, INIs, SYS files and so on could well help you to solve this. The fix I posted didn't rely on any registry work other than to clean up later.

But check your Registry first under RUN and Startup.

0

Hmmm, that rather looks like a Lop infection there - it's pretty pesky adware. These two entries point it out:

O4 - HKLM\..\Run: [axis web cake second] C:\Documents and Settings\All Users\Application Data\Book Slow Axis Web\USER PURE.exe
O4 - HKCU\..\Run: [MediaProxy] C:\DOCUME~1\MR7D46~1.DEM\APPLIC~1\MAPIMA~1\INTERNET ARMY MFCD.exe

Best to use the proper tool, and then follow up with a clean and general adware/spyware scan.
==Download NoLop from the link on this page; follow the instructions given. Post the report C:\NoLop.log.
http://www.thespykiller.co.uk/index.php?action=tpmod;dl=item16
==Get CCleaner from http://www.ccleaner.com/ - and put it in a new folder. You should aim to keep this one for general use. I set the installation checkboxes only to open from the recycle bin. It's neater that way.
Now run CCleaner from the recycle bin rclick menu using its default settings [if you set up CCleaner as i suggested, rclicking the bin icon should give you the Open CCleaner option...]. Select the Cleaner icon, press Run Cleaner.
[For future quick temp file cleaning select the options you wish to use via the Windows and Applications tabs ..]
==GET AVG antispyware 7.5 here.. http://free.grisoft.com/doc/5390/lng/us/tpl/v5
or here.. http://free.grisoft.com/freeweb.php/doc/5390/lng/us/tpl/v5#avg-anti-spyware-free
-Install it and UPDATE it.
Start AVG a-s 7.5;
-under Scanner/ Settings please change the default action from Recommended Actions to QUARANTINE, and run the complete system scan.
-press Apply all Actions and Save the log file. Post the log file.
That lot should do it. Don't try to just fix those two entries above manually.

0

Here is the nolop log.


NoLop! Log by Skate_Punk_21

Fix running from: C:\Program Files\Mozilla Firefox
[9/24/2007]
[10:51:55 AM]

---Infection Files Found/Removed---
C:\WINDOWS\tasks\B4A00DC2820B8C3A.job

Beginning Removal...
Rebooting...

Beginning Removal...
Rebooting...

Beginning Removal...
Rebooting...
Removing Lop's Leftover Files/Folders...
Editing Registry...
**Fix Complete!**

---Listing AppData sub directories---

C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\Adobe Systems
C:\Documents and Settings\All Users\Application Data\Apple Computer
C:\Documents and Settings\All Users\Application Data\Book Slow Axis Web
C:\Documents and Settings\All Users\Application Data\Installshield
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Microsoft Help
C:\Documents and Settings\All Users\Application Data\Nero
C:\Documents and Settings\All Users\Application Data\Pure Networks
C:\Documents and Settings\All Users\Application Data\That Amen Second Book -- EMPTY Directory
C:\Documents and Settings\All Users\Application Data\Trans Cake Up Flap
C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and Settings\All Users\Application Data\Winzip -- EMPTY Directory
C:\Documents and Settings\All Users\Application Data\Yahoo!
C:\Documents and Settings\Default User\Application Data\Microsoft
C:\Documents and Settings\Localservice\Application Data\Microsoft
C:\Documents and Settings\Mr. Demo\Application Data\Adobe
C:\Documents and Settings\Mr. Demo\Application Data\Ahead
C:\Documents and Settings\Mr. Demo\Application Data\Animo
C:\Documents and Settings\Mr. Demo\Application Data\Apple Computer
C:\Documents and Settings\Mr. Demo\Application Data\Azureus
C:\Documents and Settings\Mr. Demo\Application Data\Divx
C:\Documents and Settings\Mr. Demo\Application Data\Dvdcss
C:\Documents and Settings\Mr. Demo\Application Data\Identities
C:\Documents and Settings\Mr. Demo\Application Data\Lavasoft
C:\Documents and Settings\Mr. Demo\Application Data\Macromedia
C:\Documents and Settings\Mr. Demo\Application Data\Mapimaildart
C:\Documents and Settings\Mr. Demo\Application Data\Media Player Classic
C:\Documents and Settings\Mr. Demo\Application Data\Microsoft
C:\Documents and Settings\Mr. Demo\Application Data\Mozilla
C:\Documents and Settings\Mr. Demo\Application Data\Real
C:\Documents and Settings\Mr. Demo\Application Data\Sun
C:\Documents and Settings\Mr. Demo\Application Data\Thumbsplus -- EMPTY Directory
C:\Documents and Settings\Mr. Demo\Application Data\Vlc
C:\Documents and Settings\Networkservice\Application Data\Microsoft

And the AVG file


---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 11:43:19 AM 9/24/2007

+ Scan result:

:mozilla.387:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.100:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.104:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.425:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.53:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.54:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.55:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.56:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.57:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.58:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.59:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.60:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.610:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.61:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.62:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.63:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.64:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.65:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.66:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.67:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.687:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.68:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.69:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.70:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.71:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.72:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.73:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.74:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.75:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.76:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.77:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.78:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.799:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.79:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.80:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.81:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.82:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.83:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.84:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.85:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.86:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.87:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.88:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.89:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.90:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.95:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.96:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.97:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.98:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.99:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.458:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.459:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.460:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.198:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.199:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.334:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.338:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.339:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.340:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.341:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.342:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.343:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.344:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.345:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.346:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.306:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.307:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.308:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.309:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.310:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.7:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.607:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.644:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.647:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.649:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.113:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.114:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.115:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.116:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.117:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.119:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.121:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.122:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.123:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.124:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.125:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.126:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.823:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.824:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.188:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.427:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.428:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.429:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.118:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.120:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.502:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.509:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.629:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.462:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.463:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.464:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.465:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.467:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.468:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.469:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.423:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.535:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.538:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.728:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.758:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.761:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.375:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.378:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.379:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.380:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.482:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.525:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.560:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.561:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.562:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.563:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.626:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.670:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.673:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.442:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.443:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.784:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Information : Cleaned.
:mozilla.628:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Intelli-direct : Cleaned.
:mozilla.580:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.293:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.294:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.213:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
:mozilla.832:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.834:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.586:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned.
:mozilla.215:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.395:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.396:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.397:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.398:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.399:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.400:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.401:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.402:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.403:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.605:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.606:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.782:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.783:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.150:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.151:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.152:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.153:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.154:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.155:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.156:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.157:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.158:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.159:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.160:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.161:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.162:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.163:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.164:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.165:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.166:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.167:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.168:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.169:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.170:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.171:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.37:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.38:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.39:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.40:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.41:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.42:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.352:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.353:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.354:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.355:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.356:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.357:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.358:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.359:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.360:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.361:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.362:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.363:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.643:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.645:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.646:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.648:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.202:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.688:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.453:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.674:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.696:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.697:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.267:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.268:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.269:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.270:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.271:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.272:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.273:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.274:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.275:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.276:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.172:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.183:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.184:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.185:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.186:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.187:C:\Documents and Settings\Mr. Demo\Application Data\Mozilla\Firefox\Profiles\fkilruaf.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\All Users\Application Data\Trans Cake Up Flap\Plan Help.exe -> Trojan.Obfuscated.en : Cleaned with backup (quarantined).
C:\Documents and Settings\Mr. Demo\Application Data\mapimaildart\deqfawec.exe -> Trojan.Obfuscated.en : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B7CDFF46-974E-4A52-8F10-62341E9042F5}\RP157\A0022469.exe -> Trojan.Obfuscated.en : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B7CDFF46-974E-4A52-8F10-62341E9042F5}\RP182\A0025459.exe -> Trojan.Obfuscated.en : Cleaned with backup (quarantined).


::Report end

0

Could you post a fresh hijackthis log also, please, with your comments?
Oh, and in CCLeaner, if you are going to keep it, and may I suggest that you do... go Cleaner button, Apps tab, under FF pls check Cookies at least.. other choices are up to you...

These are the relevant entries in that AVG listing:
C:\Documents and Settings\All Users\Application Data\Trans Cake Up Flap\Plan Help.exe -> Trojan.Obfuscated.en : Cleaned with backup (quarantined).
C:\Documents and Settings\Mr. Demo\Application Data\mapimaildart\deqfawec.exe -> Trojan.Obfuscated.en : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B7CDFF46-974E-4A52-8F10-62341E9042F5}\RP157\A0022469.exe -> Trojan.Obfuscated.en : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B7CDFF46-974E-4A52-8F10-62341E9042F5}\RP182\A0025459.exe -> Trojan.Obfuscated.en : Cleaned with backup (quarantined).

IN AVG AS empty the quarantine bin.
System Restore Points Clearance:
==You SHOULD clear all your system restore points because some have been infected.... AVG may have cleaned them, but we cannot be sure it found everything. So go control panel > system > system restore tab, check Turn off sys res on all drives, Apply and OK. Do it all again but uncheck that box, Apply and OK.
[[a quick way in is Start > run, paste: control sysdm.cpl,,4 -and OK]]
Now make a fresh, clean restore point: Start > programs > accessories > system tools > system restore and create a restore point now!!

0

Hmmm, that rather looks like a Lop infection there - it's pretty pesky adware. These two entries point it out:

O4 - HKLM\..\Run: [axis web cake second] C:\Documents and Settings\All Users\Application Data\Book Slow Axis Web\USER PURE.exe
O4 - HKCU\..\Run: [MediaProxy] C:\DOCUME~1\MR7D46~1.DEM\APPLIC~1\MAPIMA~1\INTERNET ARMY MFCD.exe

Best to use the proper tool, and then follow up with a clean and general adware/spyware scan.
==Download NoLop from the link on this page; follow the instructions given. Post the report C:\NoLop.log.
http://www.thespykiller.co.uk/index.php?action=tpmod;dl=item16
==Get CCleaner from http://www.ccleaner.com/ - and put it in a new folder. You should aim to keep this one for general use. I set the installation checkboxes only to open from the recycle bin. It's neater that way.
Now run CCleaner from the recycle bin rclick menu using its default settings [if you set up CCleaner as i suggested, rclicking the bin icon should give you the Open CCleaner option...]. Select the Cleaner icon, press Run Cleaner.
[For future quick temp file cleaning select the options you wish to use via the Windows and Applications tabs ..]
==GET AVG antispyware 7.5 here.. http://free.grisoft.com/doc/5390/lng/us/tpl/v5
or here.. http://free.grisoft.com/freeweb.php/doc/5390/lng/us/tpl/v5#avg-anti-spyware-free
-Install it and UPDATE it.
Start AVG a-s 7.5;
-under Scanner/ Settings please change the default action from Recommended Actions to QUARANTINE, and run the complete system scan.
-press Apply all Actions and Save the log file. Post the log file.
That lot should do it. Don't try to just fix those two entries above manually.

This is a first time on the forum. Hopefully you'll be able to help...I believe I have the same problem. I downloaded HijackThis v1.99.1 and this is the report it gave me. Maybe you could give me a hand also! :)

0

Logfile of HijackThis v1.99.1
Scan saved at 5:12:44 AM, on 10/15/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\WIN40\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\WIN40\LEXPPS.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\CDProxyServ.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WScript.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\MYWEBS~1\bar\5.bin\mwsoemon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Steve\Desktop\HijackThis_199.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.begin2search.com/sidesearch.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.netflix.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {A9D68F80-DA57-4096-B412-5FB8B0AF0758} - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\5.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\5.bin\MWSSRCAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\5.bin\MWSBAR.DLL
O2 - BHO: 215651 helper - {0BC5E8C9-6EFF-4976-9A3C-D74148442CE7} - C:\WINDOWS\system32\215651\215651.dll (file missing)
O2 - BHO: - {15DD8797-E994-4D8F-BCDE-6B3E3BE4C3B1} - blank (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: gootbl2 - {435adc46-dcab-4593-92c8-25d2befceab7} - C:\WINDOWS\system32\mipinu.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7C109800-A5D5-438F-9640-18D17E168B88} - C:\Program Files\NetProject\sbmdl.dll (file missing)
O2 - BHO: (no name) - {A78860C8-EE1A-46DF-A97F-E3E6D433E80B} - blank (file missing)
O3 - Toolbar: mSpace Toolbar - {ED46E61C-C391-49ED-82F8-A3DCAA44671F} - blank (file missing)
O3 - Toolbar: Internet Service - {51D81DD5-55B7-497F-95DB-D356429BB54E} - C:\Program Files\NetProject\wamdl.dll (file missing)
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\5.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\5.bin\m3SrchMn.exe" /m=2 /w
O4 - HKLM\..\Run: [vrsden] C:\WINDOWS\system32\vrsden.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [saie] c:\windows\system32\saie.exe
O4 - HKLM\..\Run: [Rxagik] C:\WINDOWS\Meruoq.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Piolet] C:\Program Files\Piolet\Piolet.exe SILENT
O4 - HKLM\..\Run: [PaperPort PTD] c:\progra~1\vision~1\paperp~1\pptd40nt.exe
O4 - HKLM\..\Run: [OneTouch Monitor] C:\PROGRA~1\VISION~2\ONETOU~2.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NewsUpd] C:\Program Files\Creative\News\NewsUpd.EXE /q
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\5.bin\mwsoemon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [d50c20abe774] C:\WINDOWS\System32\cnvfat50.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [03dbc308a012] C:\WINDOWS\System32\cnvfat56.exe
O4 - HKLM\..\Run: [03491418.exe] C:\WINDOWS\system32\03491418.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [rs32net] C:\WINDOWS\System32\rs32net.exe
O4 - HKLM\..\Run: [lphc13kj0e351] C:\WINDOWS\system32\lphc13kj0e351.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Thaa] "C:\WINDOWS\CROSOF~1.NET\dllhost.exe" -vt ndrv
O4 - HKCU\..\Run: [RegPowerClean] "C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean.exe"
O4 - HKCU\..\Run: [prqtect] C:\WINDOWS\System32\prqtect.exe
O4 - HKCU\..\Run: [PPWebCap] C:\PROGRA~1\VISION~1\PAPERP~1\PPWebCap.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Ityhd] C:\PROGRA~1\COMMON~1\DOBE~1\wowexec.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [33350ae8.exe] C:\Documents and Settings\Steve\Local Settings\Application Data\33350ae8.exe
O4 - HKCU\..\Run: [user16] C:\WINDOWS\system32\winhlp.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZKfox000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ieservicegate.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ieservicegate.com/redirect.php (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: mSpace Toolbar - {ED46E61C-C391-49ED-82F8-A3DCAA44671F} - blank (file missing)
O9 - Extra 'Tools' menuitem: mSpace Toolbar - {ED46E61C-C391-49ED-82F8-A3DCAA44671F} - blank (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by103fd.bay103.hotmail.msn.com/activex/HMAtchmt.ocx
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - AppInit_DLLs: nslookup.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winwim32 - winwim32.dll (file missing)
O20 - Winlogon Notify: xdhamcog - C:\WINDOWS\SYSTEM32\xdhamcog32.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Plug and Play Device Manager ($sys$DRMServer) - Unknown owner - C:\WINDOWS\system32\$sys$filesystem\$sys$DRMServer.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: XCP CD Proxy (CD_Proxy) - Unknown owner - C:\WINDOWS\CDProxyServ.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICF (icf) - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: KService - Unknown owner - C:\Program Files\Kontiki\KService.exe (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\WIN40\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: OneStep Search Service - Unknown owner - C:\Program Files\OneStepSearch\onestep.exe" "C:\Program Files\OneStepSearch\onestep.dll" Service (file missing)

0

New member here.. I've had this issue with iexplore.exe starting on it's own even after I end the process. I recently had a problem with something called antimalware doctor. Called microsoft and they did some things to remove that problem, but ever since I've had pop-ups and other problems that never existed prior. Here's a log from hijack this. Any suggestions?

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Coloreal\coloreal.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\Program Files\Verizon\McciTrayApp .exe
C:\Program Files\McAfee.com\Agent\mcagent .exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd .exe
C:\windows\system\hpsysdrv .exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon .exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD .exe
C:\Program Files\Windows Defender\MSASCui .exe
C:\Program Files\Microsoft IntelliPoint\ipoint .exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.net/toolbar2.0/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fptb-wave
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
O1 - Hosts: ::1 localhost
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Wireless Optical Rechargeable Mouse\moffice.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [skb] rundll32 "qmqrauby.dll",,Run
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\RunOnce: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\Launcher.exe delay
O4 - HKCU\..\RunOnce: [UniblueRegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: scandisk.lnk = ?
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://secure.gestrip.com (HKLM)
O15 - Trusted Zone: http://update.randhi.com (HKLM)
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sdcCommon/download/DSL/Verizon%20High%20Speed%20Internet%20Installer.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {2C15848B-21C0-406A-9902-56C8D90684F3} (alaWeb.clsGetStats) - file://C:\WIN2000\CONTENT\cabs\alaWeb.CAB
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {33331111-1111-1111-1111-611111193423} - http://www.www2.p0rt2.com/files/777.cab
O16 - DPF: {33331111-1111-1111-1111-611111193429} - http://www.www2.p0rt2.com/files/_ipsec_.cab
O16 - DPF: {33331111-1111-1111-1111-615111193427} -
O16 - DPF: {33331111-1131-1111-1111-611111193428} -
O16 - DPF: {33331111-1234-1111-1111-615111193427} - http://www.www2.p0rt2.com/files/epl95bd.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {43331111-1111-1111-1111-611111195622} - http://www.www2.p0rt2.com/files/MirarSetup-875498.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/033415bb5e93195dfd19/netzip/RdxIE2.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1144243546562
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {999D162F-1319-48F0-A7DB-886C582EE2C6} (alaWeb.clsGetStats) - file://C:\WIN2000\CONTENT\cabs\alaWeb.CAB
O16 - DPF: {A7DB6550-3269-11D4-8C30-0001023CA9DC} (Vault Files Downloader) - http://vault.alamode.com/cab/vfd.cab
O16 - DPF: {AED6797A-D608-11D4-89D2-00105AA3C57F} (alaGrid.TechDocSearch) - file://C:\WIN2000\CONTENT\cabs\alaGrid.CAB
O16 - DPF: {C0C0CB9B-BFEB-47C2-90FA-BE9692875ADB} (CPlayFirstPetShopHopControl Object) -
O16 - DPF: {C118AE9E-3A30-4B96-9C1C-295AA4A1262A} - http://vault.alamode.com/cab/vaultinstall.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) -
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://l.yimg.com/jh/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter hijack: text/html - {be2747a7-954c-4a48-b237-46db9e24793c} - (no file)
O20 - Winlogon Notify: __c0043BFA - Invalid registry found
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: har98fefiesjfs93s8i9sejsdf - {C7BA40A1-74F2-52BD-F411-04B15A2C8953} - (no file)
O23 - Service: McAfee Application Installer Cleanup (0210601271470323) (0210601271470323mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\021060~1.EXE (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

--
End of file - 13030 bytes

0

mikep7394;1241536]New member here..
mike, this thread is three years old. You won't get any help in this one, you need to begin your OWN thread. We need you to follow the instructions in our Read Me Sticky and start your OWN thread and post the logs in it.
The HJT log you posted is incomplete anyway, it doesn't contain the very top portion of the log giving the version number, date run, your computer info so we couldn't use it anyway.
Go to the Read Me sticky and then create your own thread.
http://www.daniweb.com/forums/thread134865.html

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.