Options
Need help with an "undeletable" virus
Hi,
I have a virus that was found by Norton Antivirus and it said that the virus could not be deleted. It's listed as:
C:\WINDOWS\SYSTEM32\KBDENU.DDL
I downloaded hijackthis and found the file, checked it to be "fixed," rebooted and ran hijackthis again, and the file was still there. I did this both in regular and in safemode. Any thoughts?
Here is the log from hijack this.
Thanks,
Kelly
Logfile of HijackThis v1.99.1
Scan saved at 6:44:30 PM, on 8/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ACS.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Common Files\AOL\1142478882\ee\AOLSoftware.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Location Finder\LocationFinder.exe
c:\program files\common files\aol\1142478882\ee\aim6.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\toshiba\ivp\ism\ivpsvmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\METAMA~1\METAMA~1\METAMA~1.EXE
C:\PROGRA~1\METAMA~1\METAMA~1\METAMA~2.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\Kelly\LOCALS~1\Temp\Temporary Directory 4 for hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.toshibadirect.com/dpdstart
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: MCIEPlugIn Class - {C09C9904-FD44-11D6-A711-00105AC8F168} - C:\PROGRA~1\METAMA~1\METAMA~1\IEPlugIn.dll
O2 - BHO: (no name) - {f2000717-0438-4430-a4de-c748a1ce1ac8} - C:\WINDOWS\system32\kbdenu.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [ZoomingHook] ZoomingHook.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1142478882\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Location Finder] "C:\Program Files\Microsoft Location Finder\LocationFinder.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://mpsgroup.webex.com/client/v_mywebex-t20sp24/webex/ieatgpc.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: kbdenu - C:\WINDOWS\SYSTEM32\kbdenu.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\ACS.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsu****a Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
I have a virus that was found by Norton Antivirus and it said that the virus could not be deleted. It's listed as:
C:\WINDOWS\SYSTEM32\KBDENU.DDL
I downloaded hijackthis and found the file, checked it to be "fixed," rebooted and ran hijackthis again, and the file was still there. I did this both in regular and in safemode. Any thoughts?
Here is the log from hijack this.
Thanks,
Kelly
Logfile of HijackThis v1.99.1
Scan saved at 6:44:30 PM, on 8/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ACS.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Common Files\AOL\1142478882\ee\AOLSoftware.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Location Finder\LocationFinder.exe
c:\program files\common files\aol\1142478882\ee\aim6.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\toshiba\ivp\ism\ivpsvmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\METAMA~1\METAMA~1\METAMA~1.EXE
C:\PROGRA~1\METAMA~1\METAMA~1\METAMA~2.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\Kelly\LOCALS~1\Temp\Temporary Directory 4 for hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.toshibadirect.com/dpdstart
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: MCIEPlugIn Class - {C09C9904-FD44-11D6-A711-00105AC8F168} - C:\PROGRA~1\METAMA~1\METAMA~1\IEPlugIn.dll
O2 - BHO: (no name) - {f2000717-0438-4430-a4de-c748a1ce1ac8} - C:\WINDOWS\system32\kbdenu.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [ZoomingHook] ZoomingHook.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1142478882\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Location Finder] "C:\Program Files\Microsoft Location Finder\LocationFinder.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://mpsgroup.webex.com/client/v_mywebex-t20sp24/webex/ieatgpc.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: kbdenu - C:\WINDOWS\SYSTEM32\kbdenu.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\ACS.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsu****a Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
0
Comments
Here's what came up, on an otherwise blank screen:
"The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file"
Okay, it's in its own folder.
This is a 30 day trial of the program
- Once you have downloaded ewido anti-spyware, locate the icon on the desktop and double-click it to launch the set up program.
- Once the setup is complete you will need run ewido and update the definition files.
- On the main screen select the icon "Update" then select the "Update now" link.
- Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
- Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
- Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
- Under "Reports"
- Select "Automatically generate report after every scan"
- Un-Select "Only if threats were found"
Close ewido anti-spyware, Do Not run a scan just yet, we will shortly.IMPORTANT: Do not open any other windows or programs while ewido is scanning, it may interfere with the scanning proccess:
Once the scan is complete do the following:
(I'm posting from my desktop now, not my laptop where the virus is, so as not to interrupt the scan)
ewido anti-spyware - Scan Report
+ Created at: 8:24:53 PM 8/17/2006
+ Scan result:
C:\Program Files\Common Files\Sandlot Shared\slghex.dll -> Adware.SpywareStorm : Cleaned with backup (quarantined).
C:\Downloads\CakeManiaSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined).
C:\Downloads\ScrabbleSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\ieatgpc.dll -> Adware.WebEx : Cleaned with backup (quarantined).
C:\WINDOWS\system32\kbdenu.dll -> Downloader.ConHook.aa : Cleaned with backup (quarantined).
[224] C:\WINDOWS\system32\kbdenu.dll -> Downloader.ConHook.aa : Cleaned with backup (quarantined).
[784] C:\WINDOWS\system32\kbdenu.dll -> Downloader.ConHook.aa : Cleaned with backup (quarantined).
C:\WINDOWS\system32\ddccbya.dll -> Downloader.ConHook.ab : Cleaned with backup (quarantined).
:mozilla.106:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.117:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.136:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.276:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.306:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.345:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.355:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.371:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.402:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.419:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.458:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.472:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.506:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.512:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.529:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.567:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.673:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.676:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.677:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.820:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.975:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.982:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@cbs.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@highbeam.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@nbcuniversal.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@newlinecinema.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@tgn.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Local Settings\Temp\Cookies\kelly@highbeam.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Local Settings\Temp\Cookies\kelly@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.969:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned with backup (quarantined).
:mozilla.355:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
:mozilla.535:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
:mozilla.358:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.585:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@media.adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.363:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.364:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.365:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.928:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.931:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.932:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.933:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.34:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
:mozilla.891:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
:mozilla.892:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
:mozilla.140:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
:mozilla.733:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
:mozilla.907:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Local Settings\Temp\Cookies\kelly@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
:mozilla.135:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
:mozilla.874:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
:mozilla.89:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
:mozilla.908:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Local Settings\Temp\Cookies\kelly@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Local Settings\Temp\Cookies\kelly@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
:mozilla.957:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.958:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.959:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.134:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned with backup (quarantined).
:mozilla.139:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.806:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@com[2].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.772:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup (quarantined).
:mozilla.774:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup (quarantined).
:mozilla.775:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Local Settings\Temp\Cookies\kelly@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned with backup (quarantined).
:mozilla.56:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.35:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.749:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.750:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.753:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.779:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.491:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup (quarantined).
:mozilla.492:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup (quarantined).
:mozilla.493:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.588:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
:mozilla.231:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup (quarantined).
:mozilla.798:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup (quarantined).
:mozilla.388:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.400:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.468:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.480:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.765:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.799:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@data4.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Local Settings\Temp\Cookies\kelly@data4.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.30:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.31:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.35:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.36:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@qksrv[1].txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
:mozilla.368:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.373:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.509:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.510:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.421:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.422:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.423:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.424:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.430:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.435:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.439:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.441:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.442:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.586:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.587:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.588:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.589:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.590:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.591:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.592:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.593:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.594:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.595:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.900:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.901:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.902:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.903:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.904:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.905:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.906:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Local Settings\Temp\Cookies\kelly@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@revenue[1].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
:mozilla.553:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.554:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.555:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.556:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.88:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.905:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
:mozilla.913:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
:mozilla.934:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
:mozilla.935:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
:mozilla.938:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
:mozilla.10:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.579:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.580:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.11:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.255:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.292:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.294:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.618:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.619:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.620:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.889:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.900:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.926:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@anad.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@anat.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Local Settings\Temp\Cookies\kelly@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Local Settings\Temp\Cookies\kelly@anat.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Local Settings\Temp\Cookies\kelly@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned with backup (quarantined).
:mozilla.650:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.651:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.654:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.751:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.989:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.990:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Local Settings\Temp\Cookies\kelly@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.107:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.108:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.109:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\u18bd0l9.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.884:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.885:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.886:C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\uc7gv3m4.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@c5.zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\Documents and Settings\Kelly\Cookies\kelly@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
::Report end
You will need to allow an active x install for the scan to run.
Leave the scanning options at default and press "click here to scan"
When finished scanning, click on "click here to export the scan report"
Save it to your desktop, at "file name" type in "bdscan" then click save.
Please attach the bdscan.html file to your next post along with a new hijackthis log.
Here's the new hijackthis log:
Logfile of HijackThis v1.99.1
Scan saved at 10:03:36 PM, on 8/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ACS.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\toshiba\ivp\ism\pinger.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AOL\1142478882\ee\AOLSoftware.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Location Finder\LocationFinder.exe
c:\program files\common files\aol\1142478882\ee\aim6.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\METAMA~1\METAMA~1\METAMA~1.EXE
C:\PROGRA~1\METAMA~1\METAMA~1\METAMA~2.EXE
C:\Documents and Settings\Kelly\Desktop\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.toshibadirect.com/dpdstart
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: MCIEPlugIn Class - {C09C9904-FD44-11D6-A711-00105AC8F168} - C:\PROGRA~1\METAMA~1\METAMA~1\IEPlugIn.dll
O2 - BHO: (no name) - {f2000717-0438-4430-a4de-c748a1ce1ac8} - C:\WINDOWS\system32\kbdenu.dll (file missing)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [ZoomingHook] ZoomingHook.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1142478882\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Location Finder] "C:\Program Files\Microsoft Location Finder\LocationFinder.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://mpsgroup.webex.com/client/v_mywebex-t20sp24/webex/ieatgpc.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: kbdenu - kbdenu.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\ACS.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsu****a Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
I'm taking off for the weekend, but I'll check back in when I get back. In the meantime, my computer is moving MUCH faster, so thank you