PC being retarded

CoreyG87CoreyG87
edited May 2007 in Spyware & Virus Removal
Over the last 2 weeks or so, my computer has been acting pretty funny. It will work fine for about 10 minutes. Then, no media apps will open. ITunes, WMP, ATI, nothing. If its already open then its fine. But after that ten minute frame, it won't. Before this, Firefox wouldn't go to certain sites. That stopped and this started. Help please.

Comments

  • IndigoRedIndigoRed Perth Western Australia Icrontian
    edited March 2007
    Hey CoreyG87,
    Read and follow this and someone will help you out.

    http://www.short-media.com/forum/showthread.php?t=43902
  • CoreyG87CoreyG87
    edited March 2007
    Logfile of HijackThis v1.99.1
    Scan saved at 8:47:12 AM, on 3/23/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 SP2 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\PROGRA~1\Iomega\System32\AppServices.exe
    C:\WINDOWS\system32\LXSUPMON.EXE
    C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Program Files\Java\jre1.5.0_08\bin\jucheck.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.uchase.com/directory.php?a=1006
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
    F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
    O1 - Hosts: 80.69.74.15 auto.search.msn.com
    O2 - BHO: NavErrRedir Class - {0026AD90-C86F-4269-97F3-DAB4897C6D06} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
    O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
    O4 - Startup: V CAST Music Monitor.lnk = C:\Program Files\Verizon Wireless\V CAST Music Essentials Manager\V CAST Music Monitor.exe
    O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search

    Bar\ENCSBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

    (file missing)
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe

    (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350

    \scri350a.htm (file missing) (HKCU)
    O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing)

    (HKCU)
    O11 - Options group: [INTERNATIONAL] International*
    O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
    O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
    O16 - DPF: {05317530-B882-449D-9421-18D94FA3ED34} (OSInfo Control) - http://www.sis.com/support/ocis/OSInfo.cab
    O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1015_EN_XP.cab
    O16 - DPF: {16095503-786F-4097-AED6-5D567A26D760} (SiS_OCX Control) - http://www.sis.com/support/ocis/SiSAutodetectNT.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -

    http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://drivecleaner.com/.freeware/installdrivecleanerstart.cab
    O16 - DPF: {3EB4F9EA-51A6-48DA-846A-0D69DCBA39EF} (DownloadManager Control) -

    http://download.akamaitools.com.edgesuite.net/dlmanager/live/code/DownloadManager.ocx
    O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_EN_XP.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/235e55b44455677ee503/netzip/RdxIE601.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -

    http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

    http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1171617539357
    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.napster.com/client/isetup.cab
    O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} -

    http://download.cdn.winsoftware.com/files/installers/cab/WinAntiVirusPro2006FreeInstall.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
    O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX/kdx.cab
    O16 - DPF: {F72BC3F0-6C20-4793-9DDA-258589D8A907} - http://akamai.downloadv3.com/binaries/IA/netslv32_EN_XP.cab
    O16 - DPF: {FF0C042C-98E9-4C36-B2EC-E21FDFDCEF75} - http://download.redswoosh.net/Installer/104/rsinstaller.cab
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition

    Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition

    Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150

    \Intel 32\IDriverT.exe
    O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


    I did everything but the IE required scans. If I need to do those too, just let me know...
  • oldguy2oldguy2
    edited March 2007
    Hello CoreyG87

    First download AVG Anti-Spyware from HERE and save that file to your desktop.
    This is a 30 day trial of the program
    1. Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program.
    2. Once the setup is complete you will need run AVG Anti-Spyware and update the definition files.
    3. On the main screen select the icon "Update" then select the "Update now" link.
      • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
    4. Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
    5. Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
    6. Under "Reports"
      • Select "Automatically generate report after every scan"
      • Un-Select "Only if threats were found"
    Close AVG Anti-Spyware, Do Not run a scan just yet, we will shortly.
    1. Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
      IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
    2. Lauch AVG Anti-Spyware by double-clicking the icon on your desktop.
    3. Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
    4. AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.
      Once the scan is complete do the following:
    5. If you have any infections you will prompted, then select "Apply all actions"
    6. Next select the "Reports" icon at the top.
    7. Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
    8. Close AVG Anti-Spyware and reboot your system back into Normal Mode and post the results of the AVG Anti-Spyware report scan.
  • CoreyG87CoreyG87
    edited March 2007
    It is telling me I can't post links, how can I fix this?
  • oldguy2oldguy2
    edited March 2007
    CoreyG87 wrote:
    It is telling me I can't post links, how can I fix this?


    You don't need to post a link,, post back a fresh HJT log and post the report from AVG anti Virus scan same way you posted your previous HJT log
  • CoreyG87CoreyG87
    edited May 2007
    Logfile of HijackThis v1.99.1 Scan saved at 2:42:12 PM, on 5/9/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 SP2 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\PROGRA~1\Iomega\System32\AppServices.exe C:\WINDOWS\system32\LXSUPMON.EXE C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Gaim\gaim.exe C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe C:\Program Files\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.uchase.com/directory.php?a=1006 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe O1 - Hosts: 80.69.74.15 auto.search.msn.com O2 - BHO: NavErrRedir Class - {0026AD90-C86F-4269-97F3-DAB4897C6D06} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [SpyHunter] C:\Program Files\SpyHunter\SpyHunter.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - Startup: V CAST Music Monitor.lnk = C:\Program Files\Verizon Wireless\V CAST Music Essentials Manager\V CAST Music Monitor.exe O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing) O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU) O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU) O11 - Options group: [INTERNATIONAL] International* O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB O16 - DPF: {05317530-B882-449D-9421-18D94FA3ED34} (OSInfo Control) - http://www.sis.com/support/ocis/OSInfo.cab O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1015_EN_XP.cab O16 - DPF: {16095503-786F-4097-AED6-5D567A26D760} (SiS_OCX Control) - http://www.sis.com/support/ocis/SiSAutodetectNT.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://drivecleaner.com/.freeware/installdrivecleanerstart.cab O16 - DPF: {3EB4F9EA-51A6-48DA-846A-0D69DCBA39EF} (DownloadManager Control) - http://download.akamaitools.com.edgesuite.net/dlmanager/live/code/DownloadManager.ocx O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_EN_XP.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/235e55b44455677ee503/netzip/RdxIE601.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1171617539357 O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.napster.com/client/isetup.cab O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} - http://fdl.msn.com/zone/datafiles/heartbeat.cab O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://download.cdn.winsoftware.com/files/installers/cab/WinAntiVirusPro2006FreeInstall.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX/kdx.cab O16 - DPF: {F72BC3F0-6C20-4793-9DDA-258589D8A907} - http://akamai.downloadv3.com/binaries/IA/netslv32_EN_XP.cab O16 - DPF: {FF0C042C-98E9-4C36-B2EC-E21FDFDCEF75} - http://download.redswoosh.net/Installer/104/rsinstaller.cab O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  • CoreyG87CoreyG87
    edited May 2007
    AVG Anti-Spyware - Scan Report

    + Created at: 12:13:16 AM 3/28/2007

    + Scan result:



    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Local Settings\Temporary Internet Files\Content.IE5\W5IF0TYN\Setup[1].exe -> Adware.180Solutions : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028821.exe -> Adware.180Solutions : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028830.exe -> Adware.180Solutions : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028831.dll -> Adware.180Solutions : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028838.exe -> Adware.180Solutions : No action taken.
    C:\Program Files\TBONAS\TBONcomp.dll -> Adware.ActivShopper : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028828.dll -> Adware.ActivShopper : No action taken.
    HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : No action taken.
    HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : No action taken.
    C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Adware.Aws : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028748.dll -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028750.dll -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028751.dll -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028752.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028753.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028832.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028851.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028852.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028853.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028854.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028856.vxd -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028859.srg -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028871.vxd/C:/WINDOWS/System32/bbchk.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028871.vxd/C:/WINDOWS/System32/exdl.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028871.vxd/C:/WINDOWS/System32/exul.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028871.vxd/C:/WINDOWS/System32/javexulm.vxd -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028871.vxd/C:/WINDOWS/System32/mqexdlm.srg -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028871.vxd/C:/WINDOWS/System32/msbe.dll -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028871.vxd/C:/WINDOWS/System32/mscb.dll -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028871.vxd/C:/WINDOWS/System32/nvms.dll -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028905.ax/C:/Program Files/CashBack/bin/cashback.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028905.ax/C:/Program Files/CashBack/bin/cb.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028905.ax/C:/Program Files/CashBack/bin/flash.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028906.vxd/C:/Program Files/NaviSearch/bin/nls.exe -> Adware.BargainBuddy : No action taken.
    C:\WINDOWS\system32\SHAgentNew.dll -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028833.exe -> Adware.BetterInternet : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028840.exe -> Adware.BetterInternet : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028857.exe -> Adware.BetterInternet : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028861.exe -> Adware.BetterInternet : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028866.exe -> Adware.BetterInternet : No action taken.
    C:\WINDOWS\zcadvhb.exe -> Adware.BetterInternet : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028841.exe -> Adware.BiSpy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028842.exe -> Adware.BiSpy : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028814.exe -> Adware.Clipgenie : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028904.dll -> Adware.DotCom : No action taken.
    C:\Program Files\MediaLoads\v1\ML.exe -> Adware.DownloadWare : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028827.exe -> Adware.DownloadWare : No action taken.
    HKU\S-1-5-21-776561741-1993962763-1708537768-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00F1D395-4744-40F0-A611-980F61AE2C59} -> Adware.DrSearch : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028817.exe -> Adware.EZula : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028816.exe -> Adware.F1Organizer : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028756.dll -> Adware.Gator : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028757.dll -> Adware.Gator : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028758.dll -> Adware.Gator : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028759.dll -> Adware.Gator : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028760.exe -> Adware.Gator : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028761.exe -> Adware.Gator : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028763.exe -> Adware.Gator : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028787.dll -> Adware.Gator : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028788.exe -> Adware.Gator : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028789.dll -> Adware.Gator : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028790.dll -> Adware.Gator : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028791.dll -> Adware.Gator : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028792.dll -> Adware.Gator : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028793.dll -> Adware.Gator : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028794.dll -> Adware.Gator : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028795.dll -> Adware.Gator : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028797.dll -> Adware.Gator : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028798.dll -> Adware.Gator : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028799.dll -> Adware.Gator : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028822.exe -> Adware.Gator : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028823.exe -> Adware.Gator : No action taken.
    HKU\S-1-5-21-776561741-1993962763-1708537768-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FD44536-9DF0-4034-939F-5BD4D98E3187} -> Adware.Generic : No action taken.
    HKU\S-1-5-21-776561741-1993962763-1708537768-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F5DE8ADB-4A69-4E56-96AB-823171C8E9D8} -> Adware.Generic : No action taken.
    C:\RECYCLED\NPROTECT\00000018.EXE -> Adware.Hotbar : No action taken.
    C:\RECYCLED\NPROTECT\00000041.EXE -> Adware.Hotbar : No action taken.
    C:\RECYCLED\NPROTECT\00000092.EXE -> Adware.Hotbar : No action taken.
    C:\RECYCLED\NPROTECT\00000106.EXE -> Adware.Hotbar : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028835.dll -> Adware.ImiBar : No action taken.
    HKU\S-1-5-21-776561741-1993962763-1708537768-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000049-8F91-4D9C-9573-F016E7626484} -> Adware.Isearch : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028779.exe -> Adware.Keenval : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028782.exe -> Adware.Keenval : No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Incredifind -> Adware.KeenValue : No action taken.
    C:\WINDOWS\unstall.exe -> Adware.MediaMotor : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028815.DLL -> Adware.MediaPops : No action taken.
    C:\Program Files\FileSubmit\trigun.exe\NNEZTA388.exe -> Adware.NewDotNet : No action taken.
    C:\WINDOWS\NDNuninstall6_30.exe -> Adware.NewDotNet : No action taken.
    C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028778.dll -> Adware.Perfnav : No action taken.
    C:\Documents and Settings\Corey\!update.exe -> Adware.PurityScan : No action taken.
    C:\Documents and Settings\Corey\Application Data\eaom.exe -> Adware.PurityScan : No action taken.
    C:\Documents and Settings\Corey\Application Data\raar\!update.0000 -> Adware.PurityScan : No action taken.
    C:\Documents and Settings\Corey\Start Menu\Programs\PurityScan -> Adware.PurityScan : No action taken.
    C:\Documents and Settings\Corey\Start Menu\Programs\PurityScan\PurityScan.lnk -> Adware.PurityScan : No action taken.
    C:\Program Files\FileSubmit\trigun.exe\TBEZA127Q.exe -> Adware.Quick : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028858.dll -> Adware.Sahat : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028862.exe -> Adware.Sahat : No action taken.
    C:\Documents and Settings\VETTRONIC COMPUTERS\Start Menu\Programs\WeatherCast -> Adware.SaveNow : No action taken.
    C:\Documents and Settings\VETTRONIC COMPUTERS\Start Menu\Programs\WeatherCast\WeatherCast.lnk -> Adware.SaveNow : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028811.exe -> Adware.SaveNow : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028812.exe -> Adware.SaveNow : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028824.dll -> Adware.StatBlaster : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028825.exe -> Adware.StatBlaster : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028826.exe -> Adware.StatBlaster : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028803.dll -> Adware.WebHancer : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028804.exe -> Adware.WebHancer : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028805.inf -> Adware.WebHancer : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028807.dll -> Adware.WebHancer : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028808.exe -> Adware.WebHancer : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028810.exe -> Adware.WebHancer : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028869.exe -> Adware.WebHancer : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028885.inf -> Adware.WebHancer : No action taken.
    C:\WINDOWS\SET3A.tmp -> Adware.WebHancer : No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028813.dll -> Adware.Wintol : No action taken.
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\My Documents\funnyhits.com/ck.exe -> Backdoor.Agent.jn : No action taken.
    C:\WINDOWS\system32\netslv32.dll -> Dialer.EGroup.l : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028860.exe -> Dialer.Small : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028871.vxd/C:/WINDOWS/System32/msexreg.exe -> Dialer.Small : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028870.exe -> Downloader.Intexp.c : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028819.exe -> Downloader.Intexp.d : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028829.exe -> Downloader.Keenval : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028865.exe -> Downloader.Keenval : No action taken.
    C:\Program Files\Common Files\SearchUpgrader\SearchUpgrader.exe -> Downloader.Keenval.h : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028781.dll -> Downloader.Keenval.l : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028783.exe -> Downloader.Keenval.m : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP138\A0028734.dll -> Downloader.QDown.w : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028874.exe -> Downloader.Small.aak : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028834.exe -> Downloader.Stubby.c : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028837.exe -> Downloader.Stubby.c : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028847.exe -> Downloader.Stubby.d : No action taken.
    C:\Program Files\Windows Media Player\wmplayer.exe.tmp -> Downloader.VB.cm : No action taken.
    C:\WINDOWS\mm20.ocx -> Downloader.VB.db : No action taken.
    C:\WINDOWS\mmbun.exe -> Downloader.VB.df : No action taken.
    C:\WINDOWS\mm21.ocx -> Downloader.VB.ez : No action taken.
    C:\Documents and Settings\VETTRONIC COMPUTERS\Local Settings\Temp\TinyInstaller.exe -> Dropper.Agent.fa : No action taken.
    C:\WINDOWS\Wrapper.exe -> Dropper.Small.nm : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028883.exe -> Hijacker.DotComToolBar.a : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028843.exe -> Hijacker.DotComToolBar.b : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028844.exe -> Hijacker.DotComToolBar.e : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028839.exe -> Hijacker.StartPage.pe : No action taken.
    C:\WINDOWS\loads.exe -> Hijacker.VB.ek : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028845.exe -> Hijacker.VB.ge : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028749.dll -> Logger.Spung.a : No action taken.
    :mozilla.133:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.16:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.17:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.214:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.215:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.216:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.217:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.218:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.219:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.220:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.221:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.222:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.223:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.224:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.225:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.226:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.227:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.228:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.229:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.230:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.231:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.232:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.233:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.234:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.235:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.236:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.237:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.238:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.239:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.240:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.241:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.242:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.243:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.244:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.245:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.246:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.247:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.248:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.249:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.250:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.251:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.252:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.253:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.254:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.255:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.256:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.257:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.258:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.259:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.260:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.261:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.311:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.320:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.340:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.384:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Cookies\corey@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.107:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.108:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.109:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.61:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.64:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.65:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.68:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.100:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
    :mozilla.101:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
    :mozilla.102:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
    :mozilla.103:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
    :mozilla.104:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
    :mozilla.105:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
  • CoreyG87CoreyG87
    edited May 2007
    :mozilla.271:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
    :mozilla.272:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
    :mozilla.10:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.11:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.12:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.13:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.15:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.21:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.24:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.25:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.26:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.27:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.35:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
    :mozilla.42:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Cookies\corey@bestoffersnetworks[2].txt -> TrackingCookie.Bestoffersnetworks : No action taken.
    :mozilla.476:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Bridgetrack : No action taken.
    :mozilla.477:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Bridgetrack : No action taken.
    :mozilla.110:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
    :mozilla.81:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
    :mozilla.44:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.45:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.46:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.47:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.48:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.49:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.50:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.81:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.82:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.83:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.84:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.85:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.86:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.60:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Clickhype : No action taken.
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Cookies\corey@com[1].txt -> TrackingCookie.Com : No action taken.
    :mozilla.18:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
    :mozilla.32:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
    :mozilla.302:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
    :mozilla.62:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
    :mozilla.21:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.22:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.24:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.25:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.26:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.27:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.28:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.29:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.30:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.31:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.36:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.37:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.38:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.39:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.40:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.41:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.504:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.70:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken.
    :mozilla.71:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken.
    :mozilla.492:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Information : No action taken.
    :mozilla.106:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Kmpads : No action taken.
    :mozilla.107:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Kmpads : No action taken.
    :mozilla.82:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Kmpads : No action taken.
    :mozilla.83:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Kmpads : No action taken.
    :mozilla.493:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
    :mozilla.494:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
    :mozilla.495:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
    :mozilla.73:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
    :mozilla.74:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
    :mozilla.76:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
    :mozilla.77:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
    :mozilla.127:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Overture : No action taken.
    :mozilla.33:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Overture : No action taken.
    :mozilla.34:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Overture : No action taken.
    :mozilla.35:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Overture : No action taken.
    :mozilla.406:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Overture : No action taken.
    :mozilla.407:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Overture : No action taken.
    :mozilla.408:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Overture : No action taken.
    :mozilla.411:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Overture : No action taken.
    :mozilla.68:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Paypal : No action taken.
    :mozilla.147:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.148:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.149:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.150:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.151:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.270:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.93:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.94:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.95:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.96:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.97:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.418:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Qksrv : No action taken.
    :mozilla.419:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Qksrv : No action taken.
    :mozilla.29:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
    :mozilla.30:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
    :mozilla.31:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
    :mozilla.91:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
    :mozilla.92:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
    :mozilla.48:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
    :mozilla.49:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
    :mozilla.49:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
    :mozilla.50:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
    :mozilla.50:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
    :mozilla.51:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
    :mozilla.51:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
    :mozilla.52:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
    :mozilla.52:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
    :mozilla.84:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
    :mozilla.85:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
    :mozilla.86:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
    :mozilla.142:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
    :mozilla.174:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
    :mozilla.163:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.164:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.165:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.166:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.167:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.168:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.169:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.170:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.171:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.172:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.173:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.42:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.334:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
    :mozilla.335:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
    :mozilla.336:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
    :mozilla.337:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
    :mozilla.338:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
    :mozilla.339:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
    :mozilla.110:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.111:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.112:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.113:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.114:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.115:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.116:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.117:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.118:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.119:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.120:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.121:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.122:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.123:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.124:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.125:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.126:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.127:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.128:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.129:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.130:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.131:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.132:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.133:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.134:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.135:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.136:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.137:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.138:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.139:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.140:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.141:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.66:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.67:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.111:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.112:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.112:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.113:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.113:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.114:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.114:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.115:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.115:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.116:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.267:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.268:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.269:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.430:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.128:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
    :mozilla.47:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
    :mozilla.48:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
    :mozilla.483:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Tracking101 : No action taken.
    :mozilla.75:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
    :mozilla.139:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.140:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.141:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.142:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.143:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.144:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.145:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.146:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.443:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.444:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.51:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.52:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.53:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.54:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.55:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.56:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.57:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.58:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.87:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.88:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.97:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.98:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.99:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.421:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Valuead : No action taken.
    :mozilla.211:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
    :mozilla.32:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.33:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.34:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.35:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.36:C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Mozilla\Firefox\Profiles\tsqm7hu6.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.68:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.69:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.70:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.71:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.125:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    :mozilla.126:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    :mozilla.127:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    :mozilla.128:C:\Documents and Settings\Guest\Application Data\Netscape\NSB\Profiles\q3lzfeue.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    :mozilla.138:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\blvbh08o.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Local Settings\Temp\temp.frCC43 -> Trojan.Agent.ic : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028888.dll -> Trojan.Agent.ic : No action taken.
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\My Documents\download\mjordan2303\cddisturber.exe -> Trojan.CD_open.f : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028873.dll -> Trojan.P2E.al : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP142\A0031015.dll -> Trojan.P2E.al : No action taken.
    C:\WINDOWS\system32\authclient.exe -> Trojan.P2E.j : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028849.exe -> Trojan.Stervis.j : No action taken.
    C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP139\A0028867.exe -> Trojan.VB.kz : No action taken.
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Desktop\icon\icon.exe -> Trojan.VB.ot : No action taken.
    C:\WINDOWS\casicon.exe/icon.exe -> Trojan.VB.ot : No action taken.


    ::Report end
  • CoreyG87CoreyG87
    edited May 2007
    AVG Anti-Spyware - Scan Report

    + Created at: 5:45:50 PM 5/9/2007

    + Scan result:



    C:\Documents and Settings\Default User\My Documents\Data\Data\all_files2.exe -> Adware.GigatechSuperBar : No action taken.
    C:\MSOCache\All Users\{91120000-0014-0000-0000-0000000FF1CE}-C\setup.exe -> Backdoor.Huai : No action taken.
    C:\Documents and Settings\Default User\My Documents\Data\Data\all_files2_at.exe -> Downloader.VB.q : No action taken.


    ::Report end
  • CoreyG87CoreyG87
    edited May 2007
    Sorry this took so long. I went out of the town. The first AVG spyware Scan is the old one from March so all of those files are already in Quarantine. The second one is from today May 9th. The HJT Log file is up to date as well. Thanks if anyone still pays attention to this.


    Corey G.
  • CoreyG87CoreyG87
    edited May 2007
    No Help? Oh awesome dudes of spyware and virus eradication.
  • Rahina-RescueRahina-Rescue Finland
    edited May 2007
    Hello Corey, Welcome :)

    Sorry For the delay getting to you , forums have been extremely busy lately.

    Please download Deckard's System Scanner (DSS) and save it to your Desktop.
    • Close all other windows before proceeding.
    • Double-click on dss.exe and follow the prompts.
    • When it has finished, DSS will open two Notepads: main.txt and extra.txt
    • Use Save As to save both Notepad files to your Desktop and post them in your next reply.
  • CoreyG87CoreyG87
    edited May 2007
    It's cool. I understand. Thanks.
  • CoreyG87CoreyG87
    edited May 2007
    Deckard's System Scanner v20070426.43
    Run by Corey on 2007-05-16 at 12:17:22
    Computer is in Normal Mode.

    -- System Restore

    Successfully created a Deckard's System Scanner Restore Point.


    -- Last 5 Restore Point(s) --
    19: 2007-05-16 16:17:55 UTC - RP180 - Deckard's System Scanner Restore Point
    18: 2007-05-13 22:36:00 UTC - RP179 - System Checkpoint
    17: 2007-05-09 18:48:53 UTC - RP178 - Software Distribution Service 2.0
    16: 2007-05-09 18:17:45 UTC - RP177 - Software Distribution Service 2.0
    15: 2007-05-06 02:10:50 UTC - RP176 - System Checkpoint


    -- First Restore Point --
    1: 2007-04-14 13:19:15 UTC - RP162 - System Checkpoint


    Backed up registry hives.

    Performed disk cleanup.


    -- HijackThis (run as Corey.exe)

    Logfile of HijackThis v1.99.1
    Scan saved at 12:22:49 PM, on 5/16/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 SP2 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\PROGRA~1\Iomega\System32\AppServices.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\LXSUPMON.EXE
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Desktop\dss.exe
    C:\PROGRA~1\HIJACK~1\Corey.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.uchase.com/directory.php?a=1006
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
    F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
    O1 - Hosts: 80.69.74.15 auto.search.msn.com
    O2 - BHO: NavErrRedir Class - {0026AD90-C86F-4269-97F3-DAB4897C6D06} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
    O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [SpyHunter] C:\Program Files\SpyHunter\SpyHunter.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - Startup: V CAST Music Monitor.lnk = C:\Program Files\Verizon Wireless\V CAST Music Essentials Manager\V CAST Music Monitor.exe
    O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
    O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
    O11 - Options group: [INTERNATIONAL] International*
    O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
    O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
    O16 - DPF: {05317530-B882-449D-9421-18D94FA3ED34} (OSInfo Control) - http://www.sis.com/support/ocis/OSInfo.cab
    O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1015_EN_XP.cab
    O16 - DPF: {16095503-786F-4097-AED6-5D567A26D760} (SiS_OCX Control) - http://www.sis.com/support/ocis/SiSAutodetectNT.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://drivecleaner.com/.freeware/installdrivecleanerstart.cab
    O16 - DPF: {3EB4F9EA-51A6-48DA-846A-0D69DCBA39EF} (DownloadManager Control) - http://download.akamaitools.com.edgesuite.net/dlmanager/live/code/DownloadManager.ocx
    O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_EN_XP.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/235e55b44455677ee503/netzip/RdxIE601.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1171617539357
    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.napster.com/client/isetup.cab
    O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://download.cdn.winsoftware.com/files/installers/cab/WinAntiVirusPro2006FreeInstall.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
    O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX/kdx.cab
    O16 - DPF: {F72BC3F0-6C20-4793-9DDA-258589D8A907} - http://akamai.downloadv3.com/binaries/IA/netslv32_EN_XP.cab
    O16 - DPF: {FF0C042C-98E9-4C36-B2EC-E21FDFDCEF75} - http://download.redswoosh.net/Installer/104/rsinstaller.cab
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


    -- File Associations

    All associations okay.


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled

    S0 iomdisk (Iomega Devices Disk Filter Services) - c:\windows\system32\drivers\iomdisk.sys <Not Verified; Iomega Corporation; Iomega Disk Filter Driver>
    S3 SiSPort (SIS PORT Driver) - c:\windows\sisport.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
    S3 VRcore - c:\windows\system32\drivers\vrcore.sys <Not Verified; HAURI, Inc. 1998-2003; >
    S3 VRFIL - c:\windows\system32\drivers\vrfil.sys <Not Verified; HAURI; VR Filter for Windows NT/2K/XP>
    S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled

    R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - c:\program files\antivir personaledition classic\sched.exe <Not Verified; Avira GmbH; Scheduler>
    R2 Iomega App Services - "c:\progra~1\iomega\system32\appservices.exe" <Not Verified; Iomega Corporation; Iomega App Services>

    S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
    S4 Iomega Activity Disk2 - ""


    -- Scheduled Tasks

    2007-05-16 12:20:13 412 --a
    C:\WINDOWS\Tasks\Symantec NetDetect.job
    2007-05-14 13:30:04 284 --a
    C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


    -- Files created between 2007-04-16 and 2007-05-16

    2090-04-16 12:58:01 0 d
    C:\Program Files\Trend Micro
    2090-04-16 12:14:06 0 d
    C:\WINDOWS\system32\NtmsData
    2007-04-26 10:59:57 0 d
    C:\Program Files\Aspell
    2007-04-20 02:07:50 0 d
    C:\Program Files\VBA2
    2007-04-20 01:36:59 0 d
    C:\Program Files\VBA


    -- Find3M Report

    2090-04-16 00:42:08 0 d
    C:\Program Files\Yahoo!
    2007-05-16 12:00:33 0 d
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\.gaim
    2007-05-12 07:30:13 0 d
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\uTorrent
    2007-04-21 13:42:45 3362 --a
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\wklnhst.dat
    2007-04-14 23:39:57 0 d
    C:\Program Files\Opera
    2007-04-12 14:04:08 0 d
    C:\Program Files\iTunes
    2007-04-12 14:03:49 0 d
    C:\Program Files\iPod
    2007-04-12 13:58:58 0 d
    C:\Program Files\QuickTime
    2007-04-12 13:53:29 0 d
    C:\Program Files\Apple Software Update
    2007-04-04 03:24:18 0 d
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Ahead
    2007-04-04 03:11:29 0 d
    C:\Program Files\Common Files\Ahead
    2007-04-04 03:06:01 0 d
    C:\Program Files\Nero
    2007-04-03 23:57:13 0 d
    C:\Program Files\NCH Swift Sound
    2007-04-03 23:57:11 0 d
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\NCH Swift Sound
    2007-04-03 21:18:38 0 d
    C:\Program Files\CDBurnerXP Pro 3
    2007-04-03 21:16:51 0 d
    C:\Program Files\cdb
    2007-03-23 08:59:17 0 d
    C:\Program Files\Java
    2007-03-23 08:26:36 4212 ---h
    C:\WINDOWS\system32\zllictbl.dat
    2007-03-23 08:21:07 0 d
    C:\Program Files\SpywareBlaster
    2007-03-23 08:09:10 0 d
    C:\Program Files\MyWay
    2007-03-23 04:25:33 0 d
    C:\Program Files\TBONAS
    2007-03-23 03:54:18 0 d
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Lavasoft
    2007-03-23 03:54:11 0 d
    C:\Program Files\Lavasoft
    2007-03-23 03:53:48 0 d
    C:\Program Files\Common Files\Wise Installation Wizard
    2007-03-23 02:25:04 4 --a
    C:\WINDOWS\winsverr.dat
    2007-02-21 20:13:09 28672 --a
    C:\WINDOWS\gscr.dll
    2007-02-21 20:13:09 1514620 --a
    C:\WINDOWS\chelsea_01.exe <Not Verified; Macromedia, Inc.; Shockwave Flash>
    2007-02-21 20:13:07 135534 --a
    C:\WINDOWS\chelsea_01.scr <Not Verified; Wanpatan Software Lab; Bitbull>
    2007-02-16 15:25:55 22720 --a----c- C:\WINDOWS\system32\emptyregdb.dat
  • CoreyG87CoreyG87
    edited May 2007
    -- Registry Dump

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
    {0026AD90-C86F-4269-97F3-DAB4897C6D06} C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL [x]
    {53707962-6F74-2D53-2644-206D7942484F} C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "LXSUPMON"="C:\\WINDOWS\\system32\\LXSUPMON.EXE RUN"
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_10\\bin\\jusched.exe\""
    "IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"
    "ZoneAlarm Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
    "avgnt"="\"C:\\Program Files\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
    "!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
    "SpyHunter"="C:\\Program Files\\SpyHunter\\SpyHunter.exe"
    "NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "MySpaceIM"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"
    "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "SsAAD.exe"="C:\\PROGRA~1\\Sony\\SONICS~1\\SsAAD.exe"
    "Aim6"="\"C:\\Program Files\\AIM6\\aim6.exe\" /d locale=en-US ee://aol/imApp"
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "ctfmon.exe"="C:\\WINDOWS\\System32\\ctfmon.exe"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableRegistryTools"=dword:00000000
    "DisableTaskMgr"=dword:00000000

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
    Source REG_SZ http://www.hoobastank.com/v5/images/album_covers_hoobastank.gif

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
    Authentication Packages REG_MULTI_SZ msv1_0\0\0
    Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
    Notification Packages REG_MULTI_SZ scecli\0\0


    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^GStartup.lnk]
    "path"="C:\\Documents and Settings\\All Users.WINDOWS\\Start Menu\\Programs\\Startup\\GStartup.lnk"
    "backup"="C:\\WINDOWS\\pss\\GStartup.lnkCommon Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\COMMON~1\\GMT\\GMT.exe /startup"
    "item"="GStartup"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^LimeWire 3.8.10.lnk]
    "path"="C:\\Documents and Settings\\All Users.WINDOWS\\Start Menu\\Programs\\Startup\\LimeWire 3.8.10.lnk"
    "backup"="C:\\WINDOWS\\pss\\LimeWire 3.8.10.lnkCommon Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\LimeWire\\LIMEWI~1.5\\LimeWire.exe -startup"
    "item"="LimeWire 3.8.10"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^LimeWire 4.0.5.lnk]
    "path"="C:\\Documents and Settings\\All Users.WINDOWS\\Start Menu\\Programs\\Startup\\LimeWire 4.0.5.lnk"
    "backup"="C:\\WINDOWS\\pss\\LimeWire 4.0.5.lnkCommon Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\LimeWire\\LIMEWI~1.5\\LimeWire.exe -startup"
    "item"="LimeWire 4.0.5"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Corey.PVHS-F9M2GRKM2K^Start Menu^Programs^Startup^PowerReg Scheduler V3.exe]
    "path"="C:\\Documents and Settings\\Corey.PVHS-F9M2GRKM2K\\Start Menu\\Programs\\Startup\\PowerReg Scheduler V3.exe"
    "backup"="C:\\WINDOWS\\pss\\PowerReg Scheduler V3.exeStartup"
    "location"="Startup"
    "command"="C:\\Documents and Settings\\Corey.PVHS-F9M2GRKM2K\\Start Menu\\Programs\\Startup\\PowerReg Scheduler V3.exe"
    "item"="PowerReg Scheduler V3"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\180ax]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="180ax"
    "hkey"="HKLM"
    "command"="c:\\windows\\180ax.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\absxmb]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="absxmb"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\absxmb.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJCFD]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="CFD"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\BroadJump\\Client Foundation\\CFD.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BullsEye Network]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="bargains"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\BullsEye Network\\bin\\bargains.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CashBack]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="cashback"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\CashBack\\bin\\cashback.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="ccApp"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CMESys]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="CMESys"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Common Files\\CMEII\\CMESys.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CookiePatrol]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="CookiePatrol"
    "hkey"="HKLM"
    "command"="C:\\PROGRA~1\\PESTPA~1\\CookiePatrol.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DIGStream]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="digstream"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\DIGStream\\digstream.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Drag'n'Drop_Autolaunch]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Autolaunch"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Iomega HotBurn\\Autolaunch.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\easywww]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="easywww2"
    "hkey"="HKLM"
    "command"="C:\\windows\\easywww2.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Instant Access]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="rundll32"
    "hkey"="HKCU"
    "command"="rundll32.exe p2esocks_1015.dll,InstantAccess"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="point32"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Microsoft IntelliPoint\\point32.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kdx]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="KHost"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\kdx\\KHost.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LimeShop]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="LimeShop\""
    "hkey"="HKLM"
    "command"="C:\\Program Files\\LimeShop\\LimeShoprun.exe /cp:p \"C:\\Program Files\\LimeShop\\System\\Code\" Main lp: \"C:\\Program Files\\LimeShop\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]
    "key"="SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Windows"
    "item"="?????? ??????????"
    "hkey"="HKCU"
    "command"="?????? ??????????"
    "inimapping"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\loads.exe]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="medload"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\medload.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXSUPMON]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="LXSUPMON"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\System32\\LXSUPMON.EXE RUN"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="MsnMsgr"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyDailyHoroscope]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="MYDAIL~1"
    "hkey"="HKCU"
    "command"="C:\\PROGRA~1\\MYDAIL~1\\MYDAIL~1.EXE"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NaviSearch]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="nls"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\NaviSearch\\bin\\nls.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="NEWDOT~1"
    "hkey"="HKLM"
    "command"="rundll32 C:\\PROGRA~1\\NEWDOT~1\\NEWDOT~1.DLL,NewDotNetStartup -s"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PestPatrol Control Center]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="PPControl"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\PestPatrol\\PPControl.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPMemCheck]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="PPMemCheck"
    "hkey"="HKLM"
    "command"="C:\\PROGRA~1\\PESTPA~1\\PPMemCheck.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickFinder Scheduler]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="QFSCHD110"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\WordPerfect Office 11\\Programs\\QFSCHD110.EXE\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="qttask"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Red Swoosh EDN Client]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="RSEDNClient"
    "hkey"="HKCU"
    "command"="C:\\Program Files\\RSNet\\RSEDNClient.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\redirect]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="redirect9a"
    "hkey"="HKLM"
    "command"="C:\\windows\\redirect9a.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run]
    "key"="SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Windows"
    "item"="?????? ??????????"
    "hkey"="HKCU"
    "command"="?????? ??????????"
    "inimapping"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SAHAgent]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="SahAgent"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\System32\\SahAgent.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SM1BG]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="SM1BG"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\SM1BG.EXE"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="jusched"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\Java\\j2re1.4.2_01\\bin\\jusched.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="realsched"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\type32]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="type32"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Microsoft IntelliType Pro\\type32.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updater]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="wupdater"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\Common files\\updater\\wupdater.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USRpdA]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="3cpipe-USRpdA"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\SYSTEM32\\USRmlnkA.exe RunServices \\Device\\3cpipe-USRpdA"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Weather]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Weather"
    "hkey"="HKCU"
    "command"="C:\\Program Files\\AWS\\WeatherBug\\Weather.exe 1"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\webHancer Agent]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="whAgent"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\webHancer\\Programs\\whAgent.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\webHancer Survey Companion]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="whSurvey"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\webHancer\\Programs\\whSurvey.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WildTangent CDA]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="cdaEngine0400"
    "hkey"="HKLM"
    "command"="RUNDLL32.exe \"C:\\Program Files\\WildTangent\\Apps\\CDA\\cdaEngine0400.dll\",cdaEngineMain"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="winampa"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Winamp3\\winampa.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="ypager"
    "hkey"="HKCU"
    "command"="C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe -quiet"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "ccSetMgr"=dword:00000002
    "ccPwdSvc"=dword:00000003
    "ccEvtMgr"=dword:00000002

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0
    HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
    DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
    WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0



    -- Hosts

    80.69.74.15 auto.search.msn.com


    -- End of Deckard's System Scanner: finished at 2007-05-16 at 12:24:24
  • CoreyG87CoreyG87
    edited May 2007
    Microsoft Windows XP Home Edition (build 2600) SP 2.0
    Architecture: X86; Language: English

    CPU 0: Intel(R) Pentium(R) 4 CPU 1500MHz
    Percentage of Memory in Use: 48%
    Physical Memory (total/avail): 511.48 MiB / 263.08 MiB
    Pagefile Memory (total/avail): 865.79 MiB / 545.05 MiB
    Virtual Memory (total/avail): 2047.88 MiB / 1970.63 MiB

    A: is Removable (No Media)
    C: is Fixed (NTFS) - 37.27 GiB total, 5.32 GiB free.
    D: is Removable (No Media)
    F: is Fixed (NTFS) - 55.87 GiB total, 0.33 GiB free.
    G: is Fixed (FAT32) - 37.25 GiB total, 3.51 GiB free.


    -- Security Center

    AUOptions is scheduled to auto-install.
    Windows Internal Firewall is disabled.

    FW: ZoneAlarm Firewall v7.0.337.000 (Check Point, LTD.)
    AV: Avira AntiVir PersonalEdition Classic v 6.38.1.150
    (Avira GmbH)


    -- Environment Variables

    ALLUSERSPROFILE=C:\Documents and Settings\All Users.WINDOWS
    APPDATA=C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data
    CLASSPATH=.;C:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip
    CommonProgramFiles=C:\Program Files\Common Files
    COMPUTERNAME=PVHS-F9M2GRKM2K
    ComSpec=C:\WINDOWS\system32\cmd.exe
    FP_NO_HOST_CHECK=NO
    HOMEDRIVE=C:
    HOMEPATH=\Documents and Settings\Corey.PVHS-F9M2GRKM2K
    LOGONSERVER=\\PVHS-F9M2GRKM2K
    NUMBER_OF_PROCESSORS=1
    OS=Windows_NT
    Path=C:\Program Files\Mozilla Firefox;C:\Program Files\Mozilla Firefox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\WBEM;C:\Program Files\ATI Technologies\ATI Control Panel;"C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier";C:\Program Files\QuickTime\QTSystem\;C:\WINDOWS;C:\WINDOWS\COMMAND
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 15 Model 0 Stepping 10, GenuineIntel
    PROCESSOR_LEVEL=15
    PROCESSOR_REVISION=000a
    ProgramFiles=C:\Program Files
    PROMPT=$p$g
    QTJAVA=C:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip
    SESSIONNAME=Console
    SystemDrive=C:
    SystemRoot=C:\WINDOWS
    TEMP=C:\DOCUME~1\COREY~1.PVH\LOCALS~1\Temp
    TMP=C:\DOCUME~1\COREY~1.PVH\LOCALS~1\Temp
    tvdumpflags=8
    USERDOMAIN=PVHS-F9M2GRKM2K
    USERNAME=Corey
    USERPROFILE=C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K
    winbootdir=C:\WINDOWS
    windir=C:\WINDOWS


    -- User Profiles

    Corey.PVHS-F9M2GRKM2K (admin)
    Guest (guest)


    -- Add/Remove Programs

    --> C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
    --> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
    --> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
    --> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
    --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
    --> C:\WINDOWS\UNRecode.exe /UNINSTALL
    --> Dummy
    --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    µTorrent --> "C:\Program Files\uTorrent\uninstall.exe"
    888.info --> C:\PROGRA~1\888info\UNWISE.EXE C:\PROGRA~1\888info\INSTALL.LOG
    Ad-Aware SE Personal --> MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}
    Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
    Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 6.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7646-000000000001}
    AIM 6.0 --> C:\Program Files\AIM6\uninst.exe
    AIM Toolbar --> C:\Program Files\AIM Toolbar\uninstall.exe
    Apple Software Update --> MsiExec.exe /I{A260B422-70E1-41E2-957D-F76FA21266D5}
    ASIO4ALL --> C:\Program Files\ASIO4ALL v2\uninstall.exe
    ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
    ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
    ATI DVD Decoder 2.2.0.0 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{45D228AA-4284-467A-9DB6-942B92BFF656} /l1033
    ATI HYDRAVISION --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{083F79E4-6FE9-46FB-A6C6-4F8862742947}\setup.exe"
    ATI Multimedia Center 8.6.0.0 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{B7DC0CAF-0D27-4ACE-8E34-8594C8D7C1DB} /l1033
    AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
    Avira AntiVir PersonalEdition Classic --> C:\Program Files\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
    Calc98 --> C:\Program Files\Calc98\setup.exe
    CDBurnerXP Pro 3 --> MsiExec.exe /I{896D642C-7125-44F0-AC49-A23ABF82209C}
    chelsea_01 screensaver --> C:\WINDOWS\chelsea_01.scr -U
    Collab --> C:\Program Files\Image-Line\Collab\uninstall.exe
    Create-Ringtone 4.8 --> "C:\Program Files\Create-Ringtone\unins000.exe"
    Cypress USB Mass Storage Driver Installation --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E0695EE-ED29-4D96-BD77-2A9A17EDF0D6}\Setup.exe" -l0x9 NotFirstInstall
    DAO --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{C88E49AA-41C5-4420-A08D-BE1B6C5A3A74}
    Deckadance --> C:\Program Files\Steinberg\Vstplugins\Deckadance\uninstall.exe
    DiscWizard for Windows --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1BC8E02-6B5B-4B4A-A75F-B27A16918C2B}\Setup.exe"
    DivX Pro Codec Adware --> C:\WINDOWS\unvise32.exe C:\Program Files\DivX\DivX Pro Codec Adware\UninstalDivXProCodecAdware.log
    DotComToolbarNL - Toolbar --> regsvr32 /u /s "c:\data.dll"
    DriverGuide Toolkit --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEA5EF64-B694-4B79-9A2C-0FF738906A1D}\setup.exe"
    Express Burn --> C:\Program Files\NCH Swift Sound\ExpressBurn\uninst.exe
    Express Rip --> C:\Program Files\NCH Swift Sound\ExpressRip\uninst.exe
    Finale 2005 Demo --> C:\WINDOWS\unvise32.exe C:\Program Files\Finale 2005 Demo\uninstal.log
    Finale NotePad 2005a --> C:\WINDOWS\unvise32.exe C:\Program Files\Finale NotePad 2005a\uninstal.log
    FL Studio 7 --> C:\Program Files\Image-Line\FL Studio 7\uninstall.exe
    Gaim (remove only) --> C:\Program Files\Gaim\gaim-uninst.exe
    Game Elements PC Recoil Pad --> C:\PROGRA~1\GAMEEL~1\UNWISE.EXE C:\PROGRA~1\GAMEEL~1\INSTALL.LOG
    GTK+ Runtime 2.6.9 rev a (remove only) --> C:\Program Files\Common Files\GTK\2.0\uninst.exe
    Hijackthis 1.99.1 --> "C:\Program Files\Hijackthis\unins000.exe"
    HijackThis 1.99.1 --> C:\Program Files\Hijackthis\HijackThis.exe /uninstall
    IL Download Manager --> C:\Program Files\Image-Line\Downloader\uninstall.exe
    IrfanView (remove only) --> C:\Program Files\IrfanView\iv_uninstall.exe
    iTunes --> MsiExec.exe /I{AB90749C-7422-4580-8A7A-66CC5E9E5F98}
    J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
    J2SE Runtime Environment 5.0 Update 8 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150080}
    Java 2 Runtime Environment, SE v1.4.2_01 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142010}
    Karen's Alarm Clock --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\Karen's Alarm Clock\ST6UNST.LOG"
    KODAK Picture Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51661BCF-F22A-11D4-82B4-00500494EF5C}\Setup.exe"
    Lexmark Supplies Monitor --> C:\WINDOWS\system32\LXSMUNIN.EXE
    Lexmark Z23-Z33 --> C:\WINDOWS\system32\spool\drivers\w32x86\3\lxaiUN5C.EXE -dLexmark Z23-Z33
    LG USB Drivers --> C:\PROGRA~1\LGDRIV~1\LGUSBD~1\UNWISE.EXE C:\PROGRA~1\LGDRIV~1\LGUSBD~1\INSTALL.LOG
    LimeWire --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{69654736-1026-4728-A78E-BA45DF993BAE}
    LimeWire 4.12.6 --> "C:\Program Files\LimeWire\LimeWire 4.0.8\uninstall.exe"
    LiveUpdate 1.90 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
    Macromedia Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
    Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
    Microsoft Encarta Encyclopedia Standard 2005 --> MsiExec.exe /I{05410040-64A6-4248-A026-9745C1E9E159}
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.1 --> "C:\WINDOWS\$NtUninstallWdf01001$\spuninst\spuninst.exe"
    Microsoft Money 2005 --> c:\program files\microsoft money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
    Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
    Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
    Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
    Microsoft Office Professional 2007 --> MsiExec.exe /X{91120000-0014-0000-0000-0000000FF1CE}
    Microsoft Office Professional 2007 Trial --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROR /dll OSETUP.DLL
    Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
    Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
    Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
    Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
    Microsoft Picture It! Premium 10 --> "C:\Program Files\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=PREM
    Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Word 2002 --> MsiExec.exe /I{901B0409-6000-11D3-8CFE-0050048383C9}
    Microsoft Works --> MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
    Microsoft Works 2005 Setup Launcher --> C:\Program Files\Microsoft Works Suite 2005\Setup\Launcher.exe /ARP D:\
    Microsoft Works Suite Add-in for Microsoft Word --> MsiExec.exe /I{CB54ABA8-D67F-47AD-A76C-2631BADA9FE5}
    Microsoft XML Parser and SDK --> MsiExec.exe /I{3E908702-AF35-4611-9518-955DA24B7E07}
    Mozilla Firefox (2.0.0.2) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
    Mozilla Firefox (2.0.0.3) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSN Messenger 6.2 --> MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314600137}
    MySpaceIM --> C:\Program Files\MySpace\IM\Uninstall.exe
    Nero 7 --> MsiExec.exe /I{43FFE159-3199-4188-A1CD-629166AD1033}
    neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    ObjectDock --> C:\PROGRA~1\Stardock\OBJECT~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\INSTALL.LOG
    OpenMG Secure Module 4.6.01 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{3D79DB6E-73DA-46C9-B8FA-DAE52108246F} UNINSTALL
    Opera 9.20 --> MsiExec.exe /X{E5EC3E84-F3D6-4ECB-9486-69FCF11694B3}
    QuickTime --> MsiExec.exe /I{5E863175-E85D-44A6-8968-82507D34AE7F}
    Real Alternative 1.51 --> "C:\Program Files\Real Alternative\unins000.exe"
    SC-3300 --> C:\Program Files\InstallShield Installation Information\{CAEEBACC-072C-43DB-9B6E-9CCBA1738F81}\Setup.exe uninst
    Secure Delivery --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\kdx\kdx.inf,DefaultUninstall,5
    Security Update for Excel 2007 (KB934670) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {CD098537-8857-4065-B4B6-AC023CB2C48E}
    Security Update for Office 2007 (KB934062) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}
    Shockwave --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    SiS Audio Driver --> C:\Program Files\SiS7012\Uninst\uninst2k.exe PCI\VEN_1039&DEV_7012
    SonicStage 4.2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x9 UNINSTALL -removeonly
    SoundTap Uninstall --> C:\Program Files\NCH Swift Sound\SoundTap\uninst.exe
    Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
    Update for Office 2007 (KB932080) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
    Update for Office 2007 (KB933688) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {F6E692F1-63C2-4760-94C6-C689DCD053F1}
    Update for Office 2007 (KB934393) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15}
    Update for Outlook 2007 Junk Email Filter (KB934655) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {F7185592-E40D-476E-9BC4-38DF96EE176B}
    Update for Word 2007 (KB934173) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {C6A89125-5473-45E3-B413-ED8186437475}
    USB Storage Adapter FX (SM1) --> SM1UN.EXE SM1FX_AT
    V CAST Music --> MsiExec.exe /X{3249FD43-B24B-413F-B786-F8FEA32FA747}
    V CAST Music Essentials Manager --> C:\PROGRA~1\VERIZO~1\VCASTM~2\Setup.exe /remove /q0
    Viewpoint Manager (Remove Only) --> C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
    Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
    Windows Media Encoder 9 Series --> msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
    Windows Media Encoder 9 Series --> MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
    Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
    ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe


    -- End of Deckard's System Scanner: finished at 2007-05-16 at 12:24:24
  • Rahina-RescueRahina-Rescue Finland
    edited May 2007
    Part of the fix may require you to be in Safe Mode, which will not allow you to access the internet, or my instructions! I Suggest you print these Instructions out.

    Step #1

    Please open HiJackThis and scan. Check the boxes next to all the entries listed below

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
    O2 - BHO: NavErrRedir Class - {0026AD90-C86F-4269-97F3-DAB4897C6D06} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
    O9 - Extra button: (no name) - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.ht m (file missing) (HKCU)
    O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
    O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://drivecleaner.com/.freeware/in...eanerstart.cab
    O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} - http://akamai.downloadv3.com/binarie...1015_EN_XP.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/235e55b4...p/RdxIE601.cab
    O16 - DPF: {F72BC3F0-6C20-4793-9DDA-258589D8A907} - http://akamai.downloadv3.com/binarie...lv32_EN_XP.cab
    O16 - DPF: {FF0C042C-98E9-4C36-B2EC-E21FDFDCEF75} - http://download.redswoosh.net/Instal...sinstaller.cab

    Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis

    Step #2

    Reboot your computer in "SAFE MODE" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

    Scan with DrWeb-CureIt as follows:
    • Double-click on drweb-cureit.exe to start the program. An "Express Scan of your PC" notice will appear.
    • Under "Start the Express Scan Now", Click "OK" to start. This is a short scan that will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it.
    • Once the short scan has finished, Click Options > Change settings
    • Choose the "Scan tab" and UNcheck "Heuristic analysis"
    • Back at the main window, click "Select drives" (a red dot will show which drives have been chosen)
    • Then click the "Start/Stop Scanning" button (green arrow on the right) and the scan will start.
    • When done, a message will be displayed at the bottom advising if any viruses were found.
    • Click "Yes to all" if it asks if you want to cure/move the file.
    • When the scan has finished, look if you can see the icon next to the files found. If so, click it, then click the next icon right below and select "Move incurable".
      (This will move it to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if it can't be cured)
    • Next, in the Dr.Web CureIt menu on top, click file and choose save report list.
    • Save the DrWeb.csv report to your desktop.
    • Exit Dr.Web Cureit when done.
    • Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
    • After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)

    Step #3

    Download the latest version of Java Runtime Environment (JRE) 6

    Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
    Click the "Download" button to the right.
    Check the box that says: "Accept License Agreement".
    The page will refresh.

    Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
    Close any programs you may have running - especially your web browser.
    Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.

    Check any item with Java Runtime Environment (JRE or J2SE) in the name.
    Click the Remove or Change/Remove button.
    Repeat as many times as necessary to remove each Java versions.
    Reboot your computer once all Java components are removed.
    Then from your desktop double-click on the download to install the newest version.

    In yuor next reply please Post Doctor Web Results & A Fresh Main.txt Logfile.

    Thanks.
  • CoreyG87CoreyG87
    edited May 2007
    Deckard's System Scanner v20070426.43
    Run by Corey on 2007-05-19 at 15:52:13
    Computer is in Normal Mode.



    -- HijackThis (run as Corey.exe)

    Logfile of HijackThis v1.99.1
    Scan saved at 3:52:23 PM, on 5/19/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 SP2 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PROGRA~1\Iomega\System32\AppServices.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\LXSUPMON.EXE
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Verizon Wireless\V CAST Music Essentials Manager\V CAST Music Monitor.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Desktop\dss.exe
    C:\PROGRA~1\HIJACK~1\Corey.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.uchase.com/directory.php?a=1006
    F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
    O1 - Hosts: 80.69.74.15 auto.search.msn.com
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
    O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [SpyHunter] C:\Program Files\SpyHunter\SpyHunter.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - Startup: V CAST Music Monitor.lnk = C:\Program Files\Verizon Wireless\V CAST Music Essentials Manager\V CAST Music Monitor.exe
    O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
    O11 - Options group: [INTERNATIONAL] International*
    O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
    O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
    O16 - DPF: {05317530-B882-449D-9421-18D94FA3ED34} (OSInfo Control) - http://www.sis.com/support/ocis/OSInfo.cab
    O16 - DPF: {16095503-786F-4097-AED6-5D567A26D760} (SiS_OCX Control) - http://www.sis.com/support/ocis/SiSAutodetectNT.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {3EB4F9EA-51A6-48DA-846A-0D69DCBA39EF} (DownloadManager Control) - http://download.akamaitools.com.edgesuite.net/dlmanager/live/code/DownloadManager.ocx
    O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_EN_XP.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1171617539357
    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.napster.com/client/isetup.cab
    O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://download.cdn.winsoftware.com/files/installers/cab/WinAntiVirusPro2006FreeInstall.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
    O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX/kdx.cab
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


    -- Files created between 2007-04-19 and 2007-05-19

    2090-04-16 12:58:01 0 d
    C:\Program Files\Trend Micro
    2090-04-16 12:14:06 0 d
    C:\WINDOWS\system32\NtmsData
    2007-05-19 15:35:08 0 d
    C:\Program Files\Common Files\Java
    2007-05-17 14:48:57 0 d
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\DoctorWeb
    2007-04-26 10:59:57 0 d
    C:\Program Files\Aspell
    2007-04-20 02:07:50 0 d
    C:\Program Files\VBA2
    2007-04-20 01:36:59 0 d
    C:\Program Files\VBA


    -- Find3M Report

    2090-04-16 00:42:08 0 d
    C:\Program Files\Yahoo!
    2007-05-19 15:36:23 0 d
    C:\Program Files\Java
    2007-05-18 11:15:57 0 d
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\.gaim
    2007-05-18 01:41:07 0 d
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\uTorrent
    2007-04-21 13:42:45 3362 --a
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\wklnhst.dat
    2007-04-14 23:39:57 0 d
    C:\Program Files\Opera
    2007-04-12 14:04:08 0 d
    C:\Program Files\iTunes
    2007-04-12 14:03:49 0 d
    C:\Program Files\iPod
    2007-04-12 13:58:58 0 d
    C:\Program Files\QuickTime
    2007-04-12 13:53:29 0 d
    C:\Program Files\Apple Software Update
    2007-04-04 03:24:18 0 d
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Ahead
    2007-04-04 03:11:29 0 d
    C:\Program Files\Common Files\Ahead
    2007-04-04 03:06:01 0 d
    C:\Program Files\Nero
    2007-04-03 23:57:13 0 d
    C:\Program Files\NCH Swift Sound
    2007-04-03 23:57:11 0 d
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\NCH Swift Sound
    2007-04-03 21:18:38 0 d
    C:\Program Files\CDBurnerXP Pro 3
    2007-04-03 21:16:51 0 d
    C:\Program Files\cdb
    2007-03-23 08:26:36 4212 ---h
    C:\WINDOWS\system32\zllictbl.dat
    2007-03-23 08:21:07 0 d
    C:\Program Files\SpywareBlaster
    2007-03-23 08:09:10 0 d
    C:\Program Files\MyWay
    2007-03-23 04:25:33 0 d
    C:\Program Files\TBONAS
    2007-03-23 03:54:18 0 d
    C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Lavasoft
    2007-03-23 03:54:11 0 d
    C:\Program Files\Lavasoft
    2007-03-23 03:53:48 0 d
    C:\Program Files\Common Files\Wise Installation Wizard
    2007-03-23 02:25:04 4 --a
    C:\WINDOWS\winsverr.dat
    2007-02-21 20:13:09 28672 --a
    C:\WINDOWS\gscr.dll
    2007-02-21 20:13:09 1514620 --a
    C:\WINDOWS\chelsea_01.exe <CHELSE~1.EXE> <Not Verified; Macromedia, Inc.; Shockwave Flash>
    2007-02-21 20:13:07 135534 --a
    C:\WINDOWS\chelsea_01.scr <Not Verified; Wanpatan Software Lab; Bitbull>
  • CoreyG87CoreyG87
    edited May 2007
    -- Registry Dump

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
    {53707962-6F74-2D53-2644-206D7942484F} C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "LXSUPMON"="C:\\WINDOWS\\system32\\LXSUPMON.EXE RUN"
    "IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"
    "ZoneAlarm Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
    "avgnt"="\"C:\\Program Files\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
    "SpyHunter"="C:\\Program Files\\SpyHunter\\SpyHunter.exe"
    "NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "MySpaceIM"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"
    "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "SsAAD.exe"="C:\\PROGRA~1\\Sony\\SONICS~1\\SsAAD.exe"
    "Aim6"="\"C:\\Program Files\\AIM6\\aim6.exe\" /d locale=en-US ee://aol/imApp"
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "ctfmon.exe"="C:\\WINDOWS\\System32\\ctfmon.exe"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableRegistryTools"=dword:00000000
    "DisableTaskMgr"=dword:00000000

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
    Source REG_SZ http://www.hoobastank.com/v5/images/album_covers_hoobastank.gif

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
    Authentication Packages REG_MULTI_SZ msv1_0\0\0
    Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
    Notification Packages REG_MULTI_SZ scecli\0\0


    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^GStartup.lnk]
    "path"="C:\\Documents and Settings\\All Users.WINDOWS\\Start Menu\\Programs\\Startup\\GStartup.lnk"
    "backup"="C:\\WINDOWS\\pss\\GStartup.lnkCommon Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\COMMON~1\\GMT\\GMT.exe /startup"
    "item"="GStartup"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^LimeWire 3.8.10.lnk]
    "path"="C:\\Documents and Settings\\All Users.WINDOWS\\Start Menu\\Programs\\Startup\\LimeWire 3.8.10.lnk"
    "backup"="C:\\WINDOWS\\pss\\LimeWire 3.8.10.lnkCommon Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\LimeWire\\LIMEWI~1.5\\LimeWire.exe -startup"
    "item"="LimeWire 3.8.10"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^LimeWire 4.0.5.lnk]
    "path"="C:\\Documents and Settings\\All Users.WINDOWS\\Start Menu\\Programs\\Startup\\LimeWire 4.0.5.lnk"
    "backup"="C:\\WINDOWS\\pss\\LimeWire 4.0.5.lnkCommon Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\LimeWire\\LIMEWI~1.5\\LimeWire.exe -startup"
    "item"="LimeWire 4.0.5"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Corey.PVHS-F9M2GRKM2K^Start Menu^Programs^Startup^PowerReg Scheduler V3.exe]
    "path"="C:\\Documents and Settings\\Corey.PVHS-F9M2GRKM2K\\Start Menu\\Programs\\Startup\\PowerReg Scheduler V3.exe"
    "backup"="C:\\WINDOWS\\pss\\PowerReg Scheduler V3.exeStartup"
    "location"="Startup"
    "command"="C:\\Documents and Settings\\Corey.PVHS-F9M2GRKM2K\\Start Menu\\Programs\\Startup\\PowerReg Scheduler V3.exe"
    "item"="PowerReg Scheduler V3"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\180ax]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="180ax"
    "hkey"="HKLM"
    "command"="c:\\windows\\180ax.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\absxmb]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="absxmb"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\absxmb.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJCFD]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="CFD"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\BroadJump\\Client Foundation\\CFD.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BullsEye Network]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="bargains"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\BullsEye Network\\bin\\bargains.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CashBack]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="cashback"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\CashBack\\bin\\cashback.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="ccApp"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CMESys]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="CMESys"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Common Files\\CMEII\\CMESys.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CookiePatrol]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="CookiePatrol"
    "hkey"="HKLM"
    "command"="C:\\PROGRA~1\\PESTPA~1\\CookiePatrol.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DIGStream]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="digstream"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\DIGStream\\digstream.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Drag'n'Drop_Autolaunch]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Autolaunch"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Iomega HotBurn\\Autolaunch.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\easywww]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="easywww2"
    "hkey"="HKLM"
    "command"="C:\\windows\\easywww2.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Instant Access]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="rundll32"
    "hkey"="HKCU"
    "command"="rundll32.exe p2esocks_1015.dll,InstantAccess"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="point32"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Microsoft IntelliPoint\\point32.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kdx]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="KHost"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\kdx\\KHost.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LimeShop]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="LimeShop\""
    "hkey"="HKLM"
    "command"="C:\\Program Files\\LimeShop\\LimeShoprun.exe /cp:p \"C:\\Program Files\\LimeShop\\System\\Code\" Main lp: \"C:\\Program Files\\LimeShop\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]
    "key"="SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Windows"
    "item"="?????? ??????????"
    "hkey"="HKCU"
    "command"="?????? ??????????"
    "inimapping"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\loads.exe]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="medload"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\medload.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXSUPMON]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="LXSUPMON"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\System32\\LXSUPMON.EXE RUN"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="MsnMsgr"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyDailyHoroscope]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="MYDAIL~1"
    "hkey"="HKCU"
    "command"="C:\\PROGRA~1\\MYDAIL~1\\MYDAIL~1.EXE"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NaviSearch]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="nls"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\NaviSearch\\bin\\nls.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="NEWDOT~1"
    "hkey"="HKLM"
    "command"="rundll32 C:\\PROGRA~1\\NEWDOT~1\\NEWDOT~1.DLL,NewDotNetStartup -s"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PestPatrol Control Center]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="PPControl"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\PestPatrol\\PPControl.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPMemCheck]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="PPMemCheck"
    "hkey"="HKLM"
    "command"="C:\\PROGRA~1\\PESTPA~1\\PPMemCheck.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickFinder Scheduler]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="QFSCHD110"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\WordPerfect Office 11\\Programs\\QFSCHD110.EXE\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="qttask"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Red Swoosh EDN Client]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="RSEDNClient"
    "hkey"="HKCU"
    "command"="C:\\Program Files\\RSNet\\RSEDNClient.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\redirect]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="redirect9a"
    "hkey"="HKLM"
    "command"="C:\\windows\\redirect9a.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run]
    "key"="SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Windows"
    "item"="?????? ??????????"
    "hkey"="HKCU"
    "command"="?????? ??????????"
    "inimapping"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SAHAgent]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="SahAgent"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\System32\\SahAgent.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SM1BG]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="SM1BG"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\SM1BG.EXE"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="jusched"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\Java\\j2re1.4.2_01\\bin\\jusched.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="realsched"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\type32]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="type32"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Microsoft IntelliType Pro\\type32.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updater]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="wupdater"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\Common files\\updater\\wupdater.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USRpdA]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="3cpipe-USRpdA"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\SYSTEM32\\USRmlnkA.exe RunServices \\Device\\3cpipe-USRpdA"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Weather]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Weather"
    "hkey"="HKCU"
    "command"="C:\\Program Files\\AWS\\WeatherBug\\Weather.exe 1"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\webHancer Agent]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="whAgent"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\webHancer\\Programs\\whAgent.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\webHancer Survey Companion]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="whSurvey"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\webHancer\\Programs\\whSurvey.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WildTangent CDA]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="cdaEngine0400"
    "hkey"="HKLM"
    "command"="RUNDLL32.exe \"C:\\Program Files\\WildTangent\\Apps\\CDA\\cdaEngine0400.dll\",cdaEngineMain"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="winampa"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Winamp3\\winampa.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="ypager"
    "hkey"="HKCU"
    "command"="C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe -quiet"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "ccSetMgr"=dword:00000002
    "ccPwdSvc"=dword:00000003
    "ccEvtMgr"=dword:00000002

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0
    HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
    DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
    WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0



    -- End of Deckard's System Scanner: finished at 2007-05-19 at 15:53:21
  • CoreyG87CoreyG87
    edited May 2007
    DRWEB

    SmileyCentralSetup2.0.3.5.exe;C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\Application Data\Opera\Opera;Trojan.MulDrop.1326;Deleted.;
    888info.exe;C:\Documents and Settings\Corey.PVHS-F9M2GRKM2K\My Documents;Adware.Casclient;Incurable.Moved.;
    1.36 MB.exe\data002;C:\Documents and Settings\Temp.PVHS-COREY\Local Settings\Temp\1.36 MB.exe;Adware.BSpy;;
    1.36 MB.exe\data005;C:\Documents and Settings\Temp.PVHS-COREY\Local Settings\Temp\1.36 MB.exe;Adware.SideFind;;
    1.36 MB.exe\data009;C:\Documents and Settings\Temp.PVHS-COREY\Local Settings\Temp\1.36 MB.exe;Adware.IGetNet;;
    1.36 MB.exe;C:\Documents and Settings\Temp.PVHS-COREY\Local Settings\Temp;Archive contains infected objects;Moved.;
    NLNP41.exe;C:\Documents and Settings\Temp.PVHS-COREY\Local Settings\Temp;Adware.IGetNet;Incurable.Moved.;
    A0065442.exe;C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP176;Tool.SrvRunner;Incurable.Moved.;
    A0071991.exe;C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP181;Trojan.MulDrop.1326;Deleted.;
    A0071992.exe\data002;C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP181\A0071992.exe;Adware.BSpy;;
    A0071992.exe\data005;C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP181\A0071992.exe;Adware.SideFind;;
    A0071992.exe\data009;C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP181\A0071992.exe;Adware.IGetNet;;
    A0071992.exe;C:\System Volume Information\_restore{3BA59BBB-4D39-41E5-8E26-085E7BB2C7A8}\RP181;Archive contains infected objects;Moved.;
    guizsudjzn.exe;C:\WINDOWS;Trojan.Click.2109;Deleted.;
    setup_silent_17304.exe;C:\WINDOWS;Adware.MDH;Incurable.Moved.;
    actskn45.ocx;C:\WINDOWS\system32;Trojan.Isbar.439;Deleted.;
    A0000584.EXE;G:\System Volume Information\_restore{CD0EB40B-67A3-4703-8B33-9C518FDF6902}\RP8;Adware.Aws;Incurable.Moved.;
  • Rahina-RescueRahina-Rescue Finland
    edited May 2007
    Hi there, Could you please post a Fresh Main.txt Logfile.

    Thanks.
Sign In or Register to comment.