Options
Best Offer malware
could someone please help me remove "Best offer" pop ups. Here is my log. Thanks.
Logfile of HijackThis v1.99.1
Scan saved at 8:14:32 AM, on 7/1/2006
Platform: Windows 2000 SP2 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINNT\system32\srvany.exe
C:\WINNT\system32\srvany.exe
C:\WINNT\System32\svchost.exe
C:\winnt\system32\Shared\dllhost.exe
C:\WINNT\system32\drivers\KodakCCS.exe
C:\winnt\system32\Shared\lsass.exe
C:\WINNT\System32\nvsvc32.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\ptssvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\tcpsvcs.exe
C:\WINNT\System32\snmp.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.exe
C:\WINNT\System32\xkblwr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\WINNT\System32\wuauclt.exe
C:\PROGRA~1\WinZip\winzip32.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://webmail.canada.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Rogers Yahoo!
F2 - REG:system.ini: Shell=Explorer.exe C:\WINNT\Nail.exe
F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe
O2 - BHO: Band Class - {00F1D395-4744-40f0-A611-980F61AE2C59} - C:\WINNT\dsr.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: - {b2f09240-78ed-498a-951e-1b28f034741d} - C:\WINNT\System32\as.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [sieeqqj] C:\WINNT\System32\xkblwr.exe r
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O12 - Plugin for .avi: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npavi32.dll
O12 - Plugin for .pdf: C:\Program Files\Netscape\Communicator\Program\PLUGINS\nppdf32.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O12 - Plugin for .wmv: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npdsplay.dll
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Advanced) - https://www.epost.ca/printing/smsx.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540013} (CInstall Class) - http://adserver.sharewareonline.com/adserver/Install.cab
O16 - DPF: {266B9238-31A5-4B53-9039-272FE846DF9D} (DiameterTransfer Control) - http://www.sis.com/download/SISTransfer.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135184821064
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {94B6A838-7EA3-4C3C-B768-D260DDD685B6} - http://www.rogershelp.com/help/content/how/home_network/getfqdn.cab
O16 - DPF: {A1426AC5-8CE5-4A00-B71E-011D35709AC6} - http://advnt01.com/dialer/int_ver34.CAB
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4759/mcfscan.cab
O21 - SSODL: UONDaHSTOk - {B8C3B608-1269-1CA2-08A7-6290A5F7DDD6} - C:\WINNT\System32\dzjbf.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: dllhost - Unknown owner - C:\WINNT\system32\srvany.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: DNS - Unknown owner - C:\WINNT\system32\srvany.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINNT\system32\drivers\KodakCCS.exe
O23 - Service: nvscv - Unknown owner - C:\WINNT\system32\srvany.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: ptssvc - KODAK - C:\Program Files\Kodak\Kodak EasyShare software\bin\ptssvc.exe
O23 - Service: scvhost - Unknown owner - C:\WINNT\system32\srvany.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINNT\svcproc.exe
O23 - Service: syslock - Unknown owner - C:\WINNT\system32\srvany.exe
Logfile of HijackThis v1.99.1
Scan saved at 8:14:32 AM, on 7/1/2006
Platform: Windows 2000 SP2 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINNT\system32\srvany.exe
C:\WINNT\system32\srvany.exe
C:\WINNT\System32\svchost.exe
C:\winnt\system32\Shared\dllhost.exe
C:\WINNT\system32\drivers\KodakCCS.exe
C:\winnt\system32\Shared\lsass.exe
C:\WINNT\System32\nvsvc32.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\ptssvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\tcpsvcs.exe
C:\WINNT\System32\snmp.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.exe
C:\WINNT\System32\xkblwr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\WINNT\System32\wuauclt.exe
C:\PROGRA~1\WinZip\winzip32.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://webmail.canada.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Rogers Yahoo!
F2 - REG:system.ini: Shell=Explorer.exe C:\WINNT\Nail.exe
F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe
O2 - BHO: Band Class - {00F1D395-4744-40f0-A611-980F61AE2C59} - C:\WINNT\dsr.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: - {b2f09240-78ed-498a-951e-1b28f034741d} - C:\WINNT\System32\as.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [sieeqqj] C:\WINNT\System32\xkblwr.exe r
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O12 - Plugin for .avi: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npavi32.dll
O12 - Plugin for .pdf: C:\Program Files\Netscape\Communicator\Program\PLUGINS\nppdf32.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O12 - Plugin for .wmv: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npdsplay.dll
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Advanced) - https://www.epost.ca/printing/smsx.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540013} (CInstall Class) - http://adserver.sharewareonline.com/adserver/Install.cab
O16 - DPF: {266B9238-31A5-4B53-9039-272FE846DF9D} (DiameterTransfer Control) - http://www.sis.com/download/SISTransfer.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135184821064
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {94B6A838-7EA3-4C3C-B768-D260DDD685B6} - http://www.rogershelp.com/help/content/how/home_network/getfqdn.cab
O16 - DPF: {A1426AC5-8CE5-4A00-B71E-011D35709AC6} - http://advnt01.com/dialer/int_ver34.CAB
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4759/mcfscan.cab
O21 - SSODL: UONDaHSTOk - {B8C3B608-1269-1CA2-08A7-6290A5F7DDD6} - C:\WINNT\System32\dzjbf.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: dllhost - Unknown owner - C:\WINNT\system32\srvany.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: DNS - Unknown owner - C:\WINNT\system32\srvany.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINNT\system32\drivers\KodakCCS.exe
O23 - Service: nvscv - Unknown owner - C:\WINNT\system32\srvany.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: ptssvc - KODAK - C:\Program Files\Kodak\Kodak EasyShare software\bin\ptssvc.exe
O23 - Service: scvhost - Unknown owner - C:\WINNT\system32\srvany.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINNT\svcproc.exe
O23 - Service: syslock - Unknown owner - C:\WINNT\system32\srvany.exe
0
Comments
You have two nasty infections, but hopefully, we can remove them easily.
BEFORE BEGINNING, Please read completely through the instructions below and download the files from the links provided. You may want to save or print out these instructions for easier reference.
Please download Ewido to your Desktop or to your usual Download Folder.
http://www.ewido.net/en/download/
- Install Ewido by double clicking the installer.
- Follow the prompts. Make sure that Launch Ewido is checked.
- On the main screen under Your Computer's security.
- Click on Change state next to Resident shield. It should now change to inactive.
- Next to Last Update, click on Update now. (You will need an active internet connection to perform this)
- Wait until you see the Update succesfull message.
- Right-click the Ewido Tray Icon and select Exit. Confirm by clicking Yes.
If you are having problems with the updater, you can use this link to manually update ewido.Ewido manual updates.
Download the Full database to your Desktop or to your usual Download Folder and install it by double clicking the file. Make sure that Ewido is closed before installing the update.
Next, download Lavasoft's Ad-Aware using the default options and then download VX2 Cleaner Plug-in taking all the defaults there as well.
Run Ad-Aware, update to the latest definitions, then click on Add-ons in the lefthand column. Select VX2 Cleaner V2.0 and click Run Tool. Click "OK", then, if something is found, click "Clean" as in the directions given. Click "Close", and exit Ad-Aware.
Reboot your PC and run Ad-Aware again. This time, click on the Start button in Ad-Aware, select "Perform smart system scan" and click Next. Once the scan finishes, click "Next" again. Select all objects found (right click anywhere in the list of found objects and click "Select All Objects"). Click "Next" one more time, then "OK" to confirm the removal.
You will be prompted to set Ad-Aware to run on reboot, click "OK". Exit Ad-Aware and restart your PC once again.
When Ad-Aware starts up, click on "Start", then "Next". Follow the steps above if anything is found, or click "Finish", then exit Ad-Aware.
Close ALL open Windows / Programs / Folders. Please start Ewido and run a full scan.
Click on Recommended Action and choose Quarantine from the popup menu.
All checkboxes should be ticked.
All checkboxes should be ticked.
Select Automatically generate report after every scan and uncheck Only if threats were found.
Select Scan every file.
Please finish up by rebooting your system once more, and posting a new HijackThis log and the log from the Ewido scan.
Logfile of HijackThis v1.99.1
Scan saved at 9:55:53 AM, on 7/4/2006
Platform: Windows 2000 SP2 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINNT\system32\srvany.exe
C:\WINNT\system32\srvany.exe
C:\WINNT\System32\svchost.exe
C:\winnt\system32\Shared\dllhost.exe
C:\winnt\system32\Shared\lsass.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINNT\system32\drivers\KodakCCS.exe
C:\WINNT\System32\nvsvc32.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\ptssvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\tcpsvcs.exe
C:\WINNT\System32\snmp.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\WINNT\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\WinZip\winzip32.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://webmail.canada.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Rogers Yahoo!
F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: - {b2f09240-78ed-498a-951e-1b28f034741d} - C:\WINNT\System32\as.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O12 - Plugin for .avi: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npavi32.dll
O12 - Plugin for .pdf: C:\Program Files\Netscape\Communicator\Program\PLUGINS\nppdf32.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O12 - Plugin for .wmv: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npdsplay.dll
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Advanced) - https://www.epost.ca/printing/smsx.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540013} (CInstall Class) - http://adserver.sharewareonline.com/adserver/Install.cab
O16 - DPF: {266B9238-31A5-4B53-9039-272FE846DF9D} (DiameterTransfer Control) - http://www.sis.com/download/SISTransfer.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135184821064
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {94B6A838-7EA3-4C3C-B768-D260DDD685B6} - http://www.rogershelp.com/help/content/how/home_network/getfqdn.cab
O16 - DPF: {A1426AC5-8CE5-4A00-B71E-011D35709AC6} - http://advnt01.com/dialer/int_ver34.CAB
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4759/mcfscan.cab
O21 - SSODL: UONDaHSTOk - {B8C3B608-1269-1CA2-08A7-6290A5F7DDD6} - C:\WINNT\System32\dzjbf.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: dllhost - Unknown owner - C:\WINNT\system32\srvany.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: DNS - Unknown owner - C:\WINNT\system32\srvany.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINNT\system32\drivers\KodakCCS.exe
O23 - Service: nvscv - Unknown owner - C:\WINNT\system32\srvany.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: ptssvc - KODAK - C:\Program Files\Kodak\Kodak EasyShare software\bin\ptssvc.exe
O23 - Service: scvhost - Unknown owner - C:\WINNT\system32\srvany.exe
O23 - Service: syslock - Unknown owner - C:\WINNT\system32\srvany.exe
Please do the same for C:\WINNT\System32\dzjbf.dll
=====
Please go to this file:
C:\WINNT\system32\srvany.exe
Right-click on the file >> go to Properties >> then go to the Version tab and tell me what it says next to company OR if it is blank.
ewido anti-spyware - Scan Report
+ Created at: 9:33:25 AM 7/2/2006
+ Scan result:
C:\WINNT\dinst.exe -> Adware.BetterInternet : Cleaned with backup (quarantined).
C:\WINNT\rlqqpvljb.exe -> Adware.BetterInternet : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : Cleaned with backup (quarantined).
C:\WINNT\Downloaded Program Files\Install.dll -> Adware.SpywareStorm : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned with backup (quarantined).
C:\WINNT\system32\dhcp\files\copy\LOCKREG.TXT -> Backdoor.Digarix.a : Cleaned with backup (quarantined).
C:\WINNT\system32\dhcp\files\copy\SCVREG.TXT -> Backdoor.Digarix.a : Cleaned with backup (quarantined).
C:\WINNT\system32\dhcp\files\copy\SYSREG.TXT -> Backdoor.Digarix.a : Cleaned with backup (quarantined).
C:\WINNT\system32\dhcp\files\copy\fire.TXT -> Backdoor.Digarix.a : Cleaned with backup (quarantined).
C:\WINNT\system32\dhcp\files\copy\fire.reg -> Backdoor.Digarix.a : Cleaned with backup (quarantined).
C:\WINNT\system32\dhcp\files\copy\scv.reg -> Backdoor.Digarix.a : Cleaned with backup (quarantined).
C:\WINNT\system32\dhcp\files\copy\sys.reg -> Backdoor.Digarix.a : Cleaned with backup (quarantined).
C:\WINNT\system32\dhcp\files\copy\winclock.bat -> Backdoor.Digarix.a : Cleaned with backup (quarantined).
C:\WINNT\system32\winclock.bat -> Backdoor.Digarix.a : Cleaned with backup (quarantined).
C:\WINNT\system32\dhcp\files\temp -> Backdoor.SdBot.ry : Cleaned with backup (quarantined).
C:\WINNT\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.Downloader.Win32.PopCap.b : Cleaned with backup (quarantined).
C:\WINNT\system32\dhcp\files\copy\clearlogs.exe -> Not-A-Virus.HackTool.Win32.Clearlog : Cleaned with backup (quarantined).
C:\WINNT\system32\dhcp\files\xscan.exe -> Not-A-Virus.NetTool.Win32.XScan.13 : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Local Settings\Temp\temp.fr21D6 -> Proxy.Agent.df : Cleaned with backup (quarantined).
:mozilla.175:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.13:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.14:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.15:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.16:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.17:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.18:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.19:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.20:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.21:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.22:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.23:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.24:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.25:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.26:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.26:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.27:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.28:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.29:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.29:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.30:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.30:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.31:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.31:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.32:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.32:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.33:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.34:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.35:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.36:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.37:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.38:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Cookies\administrator@amazonsearsca.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Cookies\administrator@epost.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Cookies\administrator@homedepotca.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Cookies\administrator@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Cookies\administrator@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@2o7[3].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@2o7[4].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@2o7[5].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@cnetaustralia.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@2o7[3].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@abetterinternet[2].txt -> TrackingCookie.Abetterinternet : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@abetterinternet[3].txt -> TrackingCookie.Abetterinternet : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@abetterinternet[7].txt -> TrackingCookie.Abetterinternet : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@abetterinternet[9].txt -> TrackingCookie.Abetterinternet : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@abetterinternet[1].txt -> TrackingCookie.Abetterinternet : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@abetterinternet[2].txt -> TrackingCookie.Abetterinternet : Cleaned with backup (quarantined).
:mozilla.128:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Ad-logics : Cleaned with backup (quarantined).
:mozilla.135:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Ad-logics : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Cookies\administrator@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned with backup (quarantined).
:mozilla.232:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.233:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.234:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@z1.adserver[2].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.54:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.55:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.56:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.39:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
:mozilla.50:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Cookies\administrator@bestoffersnetworks[1].txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Cookies\administrator@shop.bestoffersnetworks[2].txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@bestoffersnetworks[2].txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@bestoffersnetworks[3].txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@bestoffersnetworks[4].txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@shop.bestoffersnetworks[1].txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup (quarantined).
:mozilla.115:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup (quarantined).
:mozilla.179:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup (quarantined).
:mozilla.230:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
:mozilla.94:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@bluestreak[3].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@bluestreak[3].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
:mozilla.46:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.47:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.59:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.60:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@casalemedia[3].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@casalemedia[4].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@casalemedia[3].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.256:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup (quarantined).
:mozilla.257:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@centrport[1].txt -> TrackingCookie.Centrport : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@centrport[2].txt -> TrackingCookie.Centrport : Cleaned with backup (quarantined).
:mozilla.118:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Clickbank : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Cookies\administrator@cliks[1].txt -> TrackingCookie.Cliks : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@cliks[3].txt -> TrackingCookie.Cliks : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@cliks[5].txt -> TrackingCookie.Cliks : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@cliks[8].txt -> TrackingCookie.Cliks : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@cliks[9].txt -> TrackingCookie.Cliks : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@cliks[1].txt -> TrackingCookie.Cliks : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@cliks[3].txt -> TrackingCookie.Cliks : Cleaned with backup (quarantined).
:mozilla.218:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.219:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Cookies\administrator@com[1].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Cookies\administrator@techrepublic.com[2].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@com[2].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@com[2].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.160:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup (quarantined).
:mozilla.164:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup (quarantined).
:mozilla.165:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup (quarantined).
:mozilla.28:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.8:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Cookies\administrator@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned with backup (quarantined).
:mozilla.238:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.266:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@e-2dj6wfkogoczscq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@e-2dj6wjk4glajwfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@e-2dj6wjkyuhazagq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@e-2dj6wjl4ehd5ebq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@e-2dj6wjliogazeao.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@e-2dj6wjmyqhcjieq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.73:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Estat : Cleaned with backup (quarantined).
:mozilla.129:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Euniverseads : Cleaned with backup (quarantined).
:mozilla.130:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Euniverseads : Cleaned with backup (quarantined).
:mozilla.136:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Euniverseads : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@webpdp.gator[1].txt -> TrackingCookie.Gator : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Cookies\administrator@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Cleaned with backup (quarantined).
:mozilla.119:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.147:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.148:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.149:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.152:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.240:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.247:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@ehg-tigerdirect2.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@ehg-accenture.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.167:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.168:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.169:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.170:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.190:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.191:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.192:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@sales.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@server.iad.liveperson[3].txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.43:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
:mozilla.61:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@master.mx-targeting[1].txt -> TrackingCookie.Mx-targeting : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Cookies\administrator@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup (quarantined).
:mozilla.117:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.118:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.150:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.176:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.177:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.208:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@perf.overture[2].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.57:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.58:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.62:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.63:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.64:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@ads.pointroll[4].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@ads.pointroll[5].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@ads.pointroll[3].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.142:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
:mozilla.143:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
:mozilla.144:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
:mozilla.89:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
:mozilla.231:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.173:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@revenue[1].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
:mozilla.56:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.100:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.101:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.102:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.103:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.98:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.99:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.114:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.115:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Cookies\administrator@anat.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Cookies\administrator@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.193:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
:mozilla.70:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
:mozilla.116:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.99:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Trafic : Cleaned with backup (quarantined).
:mozilla.108:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.50:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@tribalfusion[3].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@www.web-stat[2].txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).
:mozilla.64:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.199:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.200:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.201:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.202:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.203:C:\Documents and Settings\seetha\Application Data\Mozilla\Profiles\schocka2\asdt1sxf.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.194:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\schocka2\bkqoakvz.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@c7.zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Cookies\seetha@zedo[3].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\Documents and Settings\seetha\Local Settings\Temp\Cookies\seetha@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\FOUND.027\FILE0002.CHK -> Trojan.Agent.ay : Cleaned with backup (quarantined).
C:\WINNT\system32\dhcp\files\copy\undo.bat -> Trojan.KillAV.an : Cleaned with backup (quarantined).
C:\WINNT\system32\undo.bat -> Trojan.KillAV.an : Cleaned with backup (quarantined).
::Report end
File: srvany.exe
Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5 c9b18abe9063a33e77f6be81cc8df0c5
Packers detected: -
Scanner results
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found Program.SrvAny
F-Prot Antivirus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
UNA Found nothing
VirusBuster Found nothing
VBA32 Found nothing
Please scan this file with Jotti and post the results.
Please let me know about this.
=====
Please do the following:
Please print out or copy this page to Notepad . Make sure to work through the steps in the exact order in which they are mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fix.
O2 - BHO: - {b2f09240-78ed-498a-951e-1b28f034741d} - C:\WINNT\System32\as.dll (file missing)