Infected
SDI
The Internet
Hi all... First post, glad to know theres help out there.
Been infected for about a week... tried many products to get rid of, eventually came accross this site. I read Trogans 'Please Read.. ' and have worked my way thru, seemed there was a lot to remove
However, when I started this morning, it took a full 3 mins to boot, and when it did, no sign of the taskbar and when i did an alt-ctl-del looked like many processed had failed to load. Rebooted and after another 3 min load, seemed to have come back good. Clicked Firefox, and an IE pop up appeared again... 'anypurpose loan' 'winampviruspro' 'diskcleaner' etc.. u know the score.
Also, my Firewall (ZoneAlarm) has stopped loading at startup, I have to load it manually (only recently got it as thought I'd broken my old Sygate one); should I reinstall it? I also have a version of Sygate (redownloaded, not installed)... which would u recomend?
Find below a HJT log taken this a.m., I also have one I took b4 I started Trogan's clean up if thats any use.
Cheers in advance.
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 11:00:43, on 01/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\CTPdeSrv.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Matt\Desktop\System tools\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Tiscali 10.0
O2 - BHO: (no name) - {182B90A3-F372-438A-800C-6814B4DE417B} - C:\WINDOWS\system32\urqqnlk.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - C:\WINDOWS\system32\jssoiaif.dll (file missing)
O2 - BHO: (no name) - {7A379133-EF1F-4C01-810E-86305FA99681} - C:\WINDOWS\system32\ddayv.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunServices: [Microsoft Update] vmware.exe
O4 - HKLM\..\RunServices: [RSPC Driver] ooei.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [SYSTEM] lsas.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Microsoft Update] vmware.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [RSPC Driver] ooei.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.2.1.87.cab
O16 - DPF: {3C403675-B43C-410B-BF56-D4D1FB68356C} (ActiveXPortal Control) - http://72.29.80.113/OCX/gwnet.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab27571.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O20 - Winlogon Notify: ddayv - C:\WINDOWS\system32\ddayv.dll
O20 - Winlogon Notify: urqqnlk - C:\WINDOWS\SYSTEM32\urqqnlk.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MySQL - Unknown owner - C:\mysql\bin\mysqld-nt.exe (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RapApp - Unknown owner - C:\Program Files\BlackICE\RapApp.exe (file missing)
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - Unknown owner - C:\WINDOWS\wanmpsvc.exe (file missing)
--
End of file - 10602 bytes
Been infected for about a week... tried many products to get rid of, eventually came accross this site. I read Trogans 'Please Read.. ' and have worked my way thru, seemed there was a lot to remove
However, when I started this morning, it took a full 3 mins to boot, and when it did, no sign of the taskbar and when i did an alt-ctl-del looked like many processed had failed to load. Rebooted and after another 3 min load, seemed to have come back good. Clicked Firefox, and an IE pop up appeared again... 'anypurpose loan' 'winampviruspro' 'diskcleaner' etc.. u know the score.
Also, my Firewall (ZoneAlarm) has stopped loading at startup, I have to load it manually (only recently got it as thought I'd broken my old Sygate one); should I reinstall it? I also have a version of Sygate (redownloaded, not installed)... which would u recomend?
Find below a HJT log taken this a.m., I also have one I took b4 I started Trogan's clean up if thats any use.
Cheers in advance.
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 11:00:43, on 01/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\CTPdeSrv.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Matt\Desktop\System tools\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Tiscali 10.0
O2 - BHO: (no name) - {182B90A3-F372-438A-800C-6814B4DE417B} - C:\WINDOWS\system32\urqqnlk.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - C:\WINDOWS\system32\jssoiaif.dll (file missing)
O2 - BHO: (no name) - {7A379133-EF1F-4C01-810E-86305FA99681} - C:\WINDOWS\system32\ddayv.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunServices: [Microsoft Update] vmware.exe
O4 - HKLM\..\RunServices: [RSPC Driver] ooei.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [SYSTEM] lsas.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Microsoft Update] vmware.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [RSPC Driver] ooei.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.2.1.87.cab
O16 - DPF: {3C403675-B43C-410B-BF56-D4D1FB68356C} (ActiveXPortal Control) - http://72.29.80.113/OCX/gwnet.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab27571.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O20 - Winlogon Notify: ddayv - C:\WINDOWS\system32\ddayv.dll
O20 - Winlogon Notify: urqqnlk - C:\WINDOWS\SYSTEM32\urqqnlk.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MySQL - Unknown owner - C:\mysql\bin\mysqld-nt.exe (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RapApp - Unknown owner - C:\Program Files\BlackICE\RapApp.exe (file missing)
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - Unknown owner - C:\WINDOWS\wanmpsvc.exe (file missing)
--
End of file - 10602 bytes
0
This discussion has been closed.
Comments
I am currently working on your log.
I will get back to you as soon as possible.
~zami~
Please follow my steps in the right order...
We'll start with this:
Please download VundoFix.exe to your desktop.
Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.
Next, please install HiJackThis v1.99.1 and send a fresh log, thanks.
I'm using Firefox.
EDIT: NVM.. after a number of tries it came thru... wierd
VundoFix did have to fix one thing after reboot as u suggested, but got no message after a second boot.
Find below the requested vundofix.txt, and below that the new HJT v1.99.1 log
VundoFix V6.3.18
Checking Java version...
Java version is 1.5.0.3
Old versions of java are exploitable and should be removed.
Scan started at 15:42:40 01/04/2007
Listing files found while scanning....
C:\WINDOWS\SYSTEM32\ddayv.dll
C:\WINDOWS\SYSTEM32\urqqnlk.dll
C:\WINDOWS\system32\vyadd.bak1
C:\WINDOWS\system32\vyadd.bak2
C:\WINDOWS\SYSTEM32\vyadd.ini
Beginning removal...
Attempting to delete C:\WINDOWS\SYSTEM32\ddayv.dll
C:\WINDOWS\SYSTEM32\ddayv.dll Has been deleted!
Attempting to delete C:\WINDOWS\SYSTEM32\urqqnlk.dll
C:\WINDOWS\SYSTEM32\urqqnlk.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\vyadd.bak1
C:\WINDOWS\system32\vyadd.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\system32\vyadd.bak2
C:\WINDOWS\system32\vyadd.bak2 Has been deleted!
Attempting to delete C:\WINDOWS\SYSTEM32\vyadd.ini
C:\WINDOWS\SYSTEM32\vyadd.ini Has been deleted!
Performing Repairs to the registry.
Done!
Beginning removal...
Attempting to delete C:\WINDOWS\SYSTEM32\urqqnlk.dll
C:\WINDOWS\SYSTEM32\urqqnlk.dll Has been deleted!
Performing Repairs to the registry.
Done!
Find below a new HJT log done with v1.99.1
Logfile of HijackThis v1.99.1
Scan saved at 17:51:37, on 01/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\CTPdeSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\Hijackthis\HijackThis.exe
C:\WINDOWS\system32\ZoneLabs\UpdClient.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Tiscali 10.0
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - C:\WINDOWS\system32\jssoiaif.dll (file missing)
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {AEB830A2-33CC-4E45-B88B-DA05305CA2B9} - C:\WINDOWS\system32\ddayv.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
O4 - HKLM\..\RunServices: [Microsoft Update] vmware.exe
O4 - HKLM\..\RunServices: [RSPC Driver] ooei.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.2.1.87.cab
O16 - DPF: {3C403675-B43C-410B-BF56-D4D1FB68356C} (ActiveXPortal Control) - http://72.29.80.113/OCX/gwnet.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab27571.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MySQL - Unknown owner - C:\mysql\bin\mysqld-nt.exe (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RapApp - Unknown owner - C:\Program Files\BlackICE\RapApp.exe (file missing)
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - Unknown owner - C:\WINDOWS\wanmpsvc.exe (file missing)
Download and run SDFix
Download SDFix and save it to your Desktop.
Double click SDFix.exe and choose Install to extract it to its own folder on the Desktop.
Please then reboot your computer in Safe Mode by doing the following :
Run by Matt - 03/04/2007 - 18:46:02.28
Microsoft Windows XP [Version 5.1.2600]
Running From: C:\Documents and Settings\Matt\Desktop\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Entries
Restoring Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
Below files will be copied to Backups folder then removed:
C:\WINDOWS\system32\TFTP3920 - Deleted
C:\WINDOWS\system32\TFTP676 - Deleted
ADS Check:
C:\WINDOWS\system32
No streams found.
Final Check:
Remaining Services:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Macromedia\\Fireworks MX\\Fireworks.exe"="C:\\Program Files\\Macromedia\\Fireworks MX\\Fireworks.exe:*:Enabled:Fireworks MX"
"C:\\Program Files\\LimeWire\\LimeWire 4.2.6\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire 4.2.6\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\NovaLogic\\Joint Operations Typhoon Rising\\Jointops.exe"="C:\\Program Files\\NovaLogic\\Joint Operations Typhoon Rising\\Jointops.exe:*:Enabled:Jointops"
"C:\\WINDOWS\\SYSTEM32\\dpvsetup.exe"="C:\\WINDOWS\\SYSTEM32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\SYSTEM32\\rundll32.exe"="C:\\WINDOWS\\SYSTEM32\\rundll32.exe:*:Enabled:Run a DLL as an App"
"E:\\iTunes\\iTunes.exe"="E:\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\NovaLogic\\Delta Force Black Hawk Down\\UPDATE.EXE"="C:\\Program Files\\NovaLogic\\Delta Force Black Hawk Down\\UPDATE.EXE:*:Enabled:UPDATE"
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"="C:\\Program Files\\GameSpy Arcade\\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\\Program Files\\The All-Seeing Eye\\eye.exe"="C:\\Program Files\\The All-Seeing Eye\\eye.exe:*:Enabled:The All-Seeing Eye"
"C:\\Program Files\\Total War\\Medieval - Total War\\Medieval_TW.exe"="C:\\Program Files\\Total War\\Medieval - Total War\\Medieval_TW.exe:*:Enabled:Medieval_TW"
"C:\\Program Files\\Roger Wilco\\rwbs\\rwbs.exe"="C:\\Program Files\\Roger Wilco\\rwbs\\rwbs.exe:*:Enabled:rwbs"
"C:\\WINDOWS\\SYSTEM32\\rtcshare.exe"="C:\\WINDOWS\\SYSTEM32\\rtcshare.exe:*:Enabled:RTC App Sharing"
"C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\\Program Files\\JOPinger\\JOPinger.exe"="C:\\Program Files\\JOPinger\\JOPinger.exe:*:Enabled:JOPinger"
"C:\\Program Files\\GigaByte\\VGA Utility Manager\\G-vga.exe"="C:\\Program Files\\GigaByte\\VGA Utility Manager\\G-vga.exe:*:Enabled:Menu"
"C:\\Documents and Settings\\Matt\\Desktop\\ventrilo_srv-2.2.0-Windows-i386\\ventrilo_srv.exe"="C:\\Documents and Settings\\Matt\\Desktop\\ventrilo_srv-2.2.0-Windows-i386\\ventrilo_srv.exe:*:Enabled:ventrilo_srv"
"C:\\NovaLogic\\Joint Operations Typhoon Rising\\Jointops.exe"="C:\\NovaLogic\\Joint Operations Typhoon Rising\\Jointops.exe:*:Enabled:Jointops"
"C:\\Program Files\\SpacialAudio\\SAM2\\SAM2.exe"="C:\\Program Files\\SpacialAudio\\SAM2\\SAM2.exe:*:Enabled:SAM2"
"C:\\Program Files\\SpacialAudio\\SAM2\\SAMReporter\\SAMReporter.exe"="C:\\Program Files\\SpacialAudio\\SAM2\\SAMReporter\\SAMReporter.exe:*:Enabled:SAMReporter"
"C:\\WINDOWS\\SYSTEM32\\mmc.exe"="C:\\WINDOWS\\SYSTEM32\\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\\NovaLogic\\Delta Force Black Hawk Down\\update.exe"="C:\\NovaLogic\\Delta Force Black Hawk Down\\update.exe:*:Enabled:update"
"C:\\NovaLogic\\Delta Force Black Hawk Down\\DFBHD.EXE"="C:\\NovaLogic\\Delta Force Black Hawk Down\\DFBHD.EXE:*:Enabled:DFBHD"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\Program Files\\Adobe\\Adobe Version Cue CS2\\bin\\VersionCueCS2.exe"="C:\\Program Files\\Adobe\\Adobe Version Cue CS2\\bin\\VersionCueCS2.exe:*:Enabled:Adobe Version Cue CS2"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Documents and Settings\\Matt\\Desktop\\WoWMovieDownloader-EnUS.exe"="C:\\Documents and Settings\\Matt\\Desktop\\WoWMovieDownloader-EnUS.exe:*:Disabled:Blizzard Downloader"
"C:\\Program Files\\eDonkey2000\\edonkey2000.exe"="C:\\Program Files\\eDonkey2000\\edonkey2000.exe:*:Disabled:edonkey2000"
"C:\\Icecast2 Win32\\Icecast2.exe"="C:\\Icecast2 Win32\\Icecast2.exe:*:Disabled:Icecast2win"
"C:\\Program Files\\NovaLogic\\Joint Operations Escalation Tech Beta\\jobeta.exe"="C:\\Program Files\\NovaLogic\\Joint Operations Escalation Tech Beta\\jobeta.exe:*:Disabled:jobeta"
"C:\\NovaLogic\\Joint Operations Escalation Tech Beta\\jobeta.exe"="C:\\NovaLogic\\Joint Operations Escalation Tech Beta\\jobeta.exe:*:Disabled:jobeta"
"C:\\Program Files\\Morpheus\\Morpheus.exe"="C:\\Program Files\\Morpheus\\Morpheus.exe:*:Disabled:Morpheus"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
Remaining Files:
Backups Folder: - C:\DOCUME~1\Matt\Desktop\SDFix\backups\backups.zip
Checking For Files with Hidden Attributes :
C:\Program Files\Common Files\aolshare\shell\uk\shellext.dll
C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll
C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll
C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll
C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll
C:\WINDOWS\SYSTEM32\avisynth.dll
C:\WINDOWS\SYSTEM32\AVSredirect.dll
C:\WINDOWS\SYSTEM32\cygwin1.dll
C:\WINDOWS\SYSTEM32\cygz.dll
C:\WINDOWS\SYSTEM32\i420vfw.dll
C:\WINDOWS\SYSTEM32\Smab.dll
C:\WINDOWS\SYSTEM32\yv12vfw.dll
C:\Program Files\eRightSoft\SUPER\Setup.exe
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP900\A0197377.exe
C:\WINDOWS\meta4.exe
C:\WINDOWS\MOTA113.exe
C:\WINDOWS\x2.64.exe
C:\WINDOWS\SYSTEM32\x.264.exe
C:\Documents and Settings\All Users\DRM\Cache\Indiv03.tmp
C:\Documents and Settings\Matt\Local Settings\Temp\BIT7.tmp
C:\Documents and Settings\Matt\logs\My Documents\~WRL2351.tmp
C:\WINDOWS\SYSTEM32\qstwa.tmp
Finished
Logfile of HijackThis v1.99.1
Scan saved at 19:15:02, on 03/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\CTPdeSrv.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Tiscali 10.0
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - C:\WINDOWS\system32\jssoiaif.dll (file missing)
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {AEB830A2-33CC-4E45-B88B-DA05305CA2B9} - C:\WINDOWS\system32\ddayv.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
O4 - HKLM\..\RunServices: [RSPC Driver] ooei.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.2.1.87.cab
O16 - DPF: {3C403675-B43C-410B-BF56-D4D1FB68356C} (ActiveXPortal Control) - http://72.29.80.113/OCX/gwnet.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab27571.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MySQL - Unknown owner - C:\mysql\bin\mysqld-nt.exe (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RapApp - Unknown owner - C:\Program Files\BlackICE\RapApp.exe (file missing)
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - Unknown owner - C:\WINDOWS\wanmpsvc.exe (file missing)
Please follow the instructions provided, you may want to print out these instructions and use them as a reference:
AVG Anti-Spyware only works on Windows 2000 and Windows XP (32-Bit)
First download AVG Anti-Spyware 7.5 from HERE and save that file to your desktop.
This is a 30 day trial of the program
- Once you have downloaded AVG Anti-Spyware 7.5, locate the icon on the desktop and double-click it to launch the set up program.
- Once the setup is complete you will need run AVG Anti-Spyware and update the definition files.
- On the main screen select the icon "Update" then select the "Update now" link.
- Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
- Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
- Under "Reports"
Close AVG Anti-Spyware, Do Not run a scan yet!* Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
* Select "Automatically generate report after every scan"
* Un-Select "Only if threats were found"
Use your up arrow key to highlight SafeMode then hit enter.
IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
Once the scan is complete do the following:
(make sure to remember where you saved that file, this is important).
In normal mode:
With all other windows closed, start your HijackThis and Click "Do a System Scan Only"
Click in the check-box to the left of each of the following entries, if found:
O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - C:\WINDOWS\system32\jssoiaif.dll (file missing)
O2 - BHO: (no name) - {AEB830A2-33CC-4E45-B88B-DA05305CA2B9} - C:\WINDOWS\system32\ddayv.dll (file missing)
O4 - HKLM\..\RunServices: [RSPC Driver] ooei.exe
Select Fix Checked
In your next reply, please include the following logs: AVG A-S log and a Fresh HijackThis. Thanks.
I'll put HJT log in next one.
AVG Anti-Spyware - Scan Report
+ Created at: 19:46:17 04/04/2007
+ Scan result:
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP972\A0210174.dll -> Adware.Coreak : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP972\A0210173.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP975\A0210708.dll -> Dialer.BT.c : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP891\A0194060.exe -> Downloader.Agent.auv : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP972\A0210175.dll -> Downloader.Agent.br : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP972\A0210177.dll -> Downloader.Agent.br : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP972\A0210176.dll -> Downloader.Agent.bt : Cleaned with backup (quarantined).
C:\Documents and Settings\Polly\Application Data\Messenger Plus! 3\Setup.dat/sponsor.exe -> Downloader.Swizzor.ag : Cleaned with backup (quarantined).
C:\Program Files\Messenger Plus! 3(2)\Setup.dat/sponsor.exe -> Downloader.Swizzor.ag : Cleaned with backup (quarantined).
C:\Program Files\Messenger Plus! 3(3)\Setup.dat/sponsor.exe -> Downloader.Swizzor.ag : Cleaned with backup (quarantined).
C:\Program Files\LimeWire\LimeWire 4.2.6\root\(EViLiSO) avid studio toolkit iSO [Techno.Remix].zip/Setup.exe -> Logger.Winflyer : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP961\A0209697.exe -> Logger.Winflyer : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP962\A0209707.exe -> Logger.Winflyer : Cleaned with backup (quarantined).
:mozilla.402:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.403:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.404:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.405:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.406:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.407:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.408:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.409:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.410:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.411:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.412:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.413:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.414:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.415:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.416:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.417:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.418:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.419:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.420:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.421:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.422:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.423:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.424:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.425:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.426:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.427:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.428:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.429:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.430:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.431:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.432:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.433:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.434:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.435:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.436:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.437:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.438:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.439:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.440:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.441:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.442:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.443:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.444:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.445:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.446:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.510:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.631:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.666:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.88:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.89:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.90:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.91:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.92:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.93:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.94:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.95:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.226:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.227:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.228:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.229:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.230:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.231:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.232:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.156:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.157:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.158:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.180:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Adengage : Cleaned.
:mozilla.137:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.138:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.139:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.140:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.817:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.818:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.20:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.21:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.22:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.23:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.24:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.25:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.26:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.17:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.18:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.470:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.471:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.100:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.98:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.99:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.125:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Adviva : Cleaned.
:mozilla.127:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Adviva : Cleaned.
:mozilla.129:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Adviva : Cleaned.
:mozilla.130:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Adviva : Cleaned.
:mozilla.6:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.84:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.184:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Polly\Cookies\polly@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.505:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.506:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.873:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.131:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.290:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.90:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned.
:mozilla.769:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.749:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.750:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.751:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.770:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Cnn : Cleaned.
:mozilla.292:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.293:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.298:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.126:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.73:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.74:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.79:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
C:\Documents and Settings\Matt\Cookies\matt@connextra[3].txt -> TrackingCookie.Connextra : Cleaned.
C:\Documents and Settings\Polly\Cookies\polly@connextra[2].txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.527:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.528:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.529:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.530:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\Matt\Cookies\matt@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.10:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.548:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.27:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.28:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.29:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.35:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.36:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.46:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.47:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.48:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.49:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.50:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.51:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.193:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Fortunecity : Cleaned.
:mozilla.203:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.397:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.886:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.887:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.888:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.889:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.890:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.891:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.892:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.893:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.178:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.204:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.205:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.206:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.588:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.280:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.281:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.73:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.76:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.394:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Information : Cleaned.
:mozilla.591:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Intelli-direct : Cleaned.
:mozilla.821:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Live : Cleaned.
:mozilla.822:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Live : Cleaned.
:mozilla.823:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Live : Cleaned.
:mozilla.828:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.829:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.830:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Polly\Cookies\polly@ayb.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Polly\Cookies\polly@b30168.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Polly\Cookies\polly@d17903.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Polly\Cookies\polly@images.lop[2].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Polly\Cookies\polly@l13967.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Polly\Cookies\polly@n3567.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Polly\Cookies\polly@o24542.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Polly\Cookies\polly@sk235lkg.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Polly\Cookies\polly@v20887.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Polly\Cookies\polly@w12050.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Polly\Cookies\polly@x14939.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Polly\Cookies\polly@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.20:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.21:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Matt\Cookies\matt@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.636:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Navrcholu : Cleaned.
:mozilla.79:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.80:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.82:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.658:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.659:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.660:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.675:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.251:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.148:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.149:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.150:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.464:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.465:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.466:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.467:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.678:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned.
:mozilla.679:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned.
:mozilla.85:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.19:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.22:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.682:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.683:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.684:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Matt\Cookies\matt@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.164:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Real : Cleaned.
:mozilla.165:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Real : Cleaned.
C:\Documents and Settings\Polly\Cookies\polly@realguide.real[1].txt -> TrackingCookie.Real : Cleaned.
C:\Documents and Settings\Polly\Cookies\polly@www.real[1].txt -> TrackingCookie.Real : Cleaned.
:mozilla.171:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.685:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.383:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.384:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.388:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.389:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.161:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.395:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.300:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.301:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.302:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.303:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.304:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.305:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.306:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.307:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.308:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.309:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.310:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.311:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.312:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.101:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.102:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.103:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.104:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.105:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.136:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.137:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.138:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.139:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.140:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.141:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.142:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.531:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.532:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.533:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.534:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.535:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.536:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.537:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.538:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.539:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.540:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.541:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.542:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.805:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.806:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.460:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.461:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.462:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.463:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.705:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.706:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.707:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.708:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.709:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.160:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.277:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.278:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.279:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.721:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Toplist : Cleaned.
:mozilla.42:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.43:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Matt\Cookies\matt@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.135:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.136:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.729:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.110:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.733:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.788:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.118:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.143:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.109:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.156:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.157:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.158:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.159:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.54:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.55:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.56:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.57:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.221:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.222:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.223:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.224:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.225:C:\Documents and Settings\Matt\Application Data\Mozilla\Firefox\Profiles\cb51enf9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.34:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.35:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.36:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.108:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.109:C:\Documents and Settings\Polly\Application Data\Mozilla\Firefox\Profiles\miidx55x.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
::Report end
Logfile of HijackThis v1.99.1
Scan saved at 20:01:13, on 04/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\CTPdeSrv.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Tiscali 10.0
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.2.1.87.cab
O16 - DPF: {3C403675-B43C-410B-BF56-D4D1FB68356C} (ActiveXPortal Control) - http://72.29.80.113/OCX/gwnet.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab27571.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MySQL - Unknown owner - C:\mysql\bin\mysqld-nt.exe (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RapApp - Unknown owner - C:\Program Files\BlackICE\RapApp.exe (file missing)
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - Unknown owner - C:\WINDOWS\wanmpsvc.exe (file missing)
Just one fix:
With all other windows closed, start your HijackThis and Click "Do a System Scan Only"
Click in the check-box to the left of each of the following entries, if found:
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
Select Fix Checked.
How's the system running now?
System stills seems a little slow to boot, but runs slicker than it has for years. Was a PC and internet novice when I got it three years ago.. took me a while to get a firewall back then, and I paid the price. And still seem to be learning the hard way, haha.
Cheers again, and thank god I found this site.. I'll be sending any1 I know with problems thiis way
Oh.. one last thing... can i delet the RapApp file, seems to be associated with Blackice which I had temporarily on my computer when my former employers insisted I had it b4 they'd let me access work stuff remotly.
Sure.
Your Welcome, I'm glad I could help,
Let us know if you have any more questions or problems anytime
You can delete all of the tools that I had you download for us to use.
I'd recommend keeping AVG Anti-Spyware, as it's an excellent program that will compliment your antivirus protection.
~Zami~
My tag was SDI, wasn't in a clan. Played on Euro... coops mostly on Alpha Squad, HmS, RSU... whoever was hosting a fun map
I moved over to guild wars now, but looking for a new FPS to get involved in.. tried ArmA, but comp keeps bluescreening ^^
If you need this topic reopened, please request this by sending the moderating team
a PM, with the address of the thread. This applies only to the original topic starter.
Everyone else please begin a New Topic.