1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Help! Mysterious program keeps trying to access my program [HijackThis log included!

Discussion in 'Virus & Other Malware Removal' started by KarmaKitten, Jul 20, 2006.

Thread Status:
Not open for further replies.
Advertisement
  1. KarmaKitten

    KarmaKitten Thread Starter

    Joined:
    Jul 20, 2006
    Messages:
    14
    Yeah, So basically I'm here to explain the problem I've been having with my laptop. These crazy pop-ups that have WinAntiVirus Pro 2006 and keeps trying to install itself onto my laptop. I try to get rid of it by using Ad-aware and Spybot S&D - First, It says it's gone but it still pops up every now and then.

    Now, Lately, There's been a .exe's called "win478.tmp.exe" and "win204.tmp.exe" in my Temp folder that's been trying to reach a connection - but my firewall blocks the connection it's trying to make. My firewall program has this .exe's called "Microsoft Mediaload" and "Universa Application".

    I have no clue on what these .exe's do.. Then I tried looking up for newer spyware/malware programs and found hijack this. I did a scan and a log. So, I'm gonna try my luck here and see if you people can help me. Thanks!

    --------
    Logfile of HijackThis v1.99.1
    Scan saved at 2:37:34 PM, on 7/20/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\FireFly\WinDeBug.exe
    C:\Program Files\FireFly\Serpent.Exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
    C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Apoint\Apoint.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Dell\Media Experience\PCMService.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Visioneer OneTouch\OneTouchMon.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Winamp\winampa.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Dell Support\DSAgnt.exe
    C:\Program Files\Apoint\Apntex.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\EZ-DUB\EZ-DUB.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\TEMP\win17.tmp.exe
    C:\Documents and Settings\Christine Moua\Desktop\hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
    R3 - Default URLSearchHook is missing
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
    O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe /disabled
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [OneTouch Monitor] C:\Program Files\Visioneer OneTouch\OneTouchMon.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [McRegWiz] C:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [PPWebCap] C:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe
    O4 - HKCU\..\Run: [warez] "C:\Program Files\Warez P2P Client\warez.exe" -h
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
    O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O4 - Global Startup: EZ-DUB Finder.lnk = C:\Program Files\EZ-DUB\EZ-DUB.exe
    O8 - Extra context menu item: Copy to Semagic - C:\Program Files\Semagic\copy.htm
    O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Semagic - C:\Program Files\Semagic\link.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
    O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
    O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
    O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: FireFly - Unknown owner - C:\Program Files\FireFly\WinDeBug.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
    O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
     
  2. Sponsor

  3. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    108,892
    Hi and welcome to TSG,

    Download the trial version of Ewido Anti-spyware from HERE and save that file to your desktop. When the trial period expires it becomes freeware with reduced functions but still worth keeping.



    • Once you have downloaded Ewido Anti-spyware, locate the icon on the desktop and double-click it to launch the set up program.
    • Once the setup is complete you will need run Ewido and update the definition files.
    • On the main screen select the icon "Update" then select the "Update now" link.
    • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
    • Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
    • Once in the Settings screen click on "Recommended actions" and then select "Quarantine"
    • Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"

    Close Ewido Anti-spyware, Do NOT run a scan yet. We will do that later in safe mode.


    • Reboot your computer into Safe Mode now. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight Safe Mode then hit enter.
      IMPORTANT: Do not open any other windows or programs while Ewido is scanning as it may interfere with the scanning process:
    • Launch Ewido Anti-spyware by double-clicking the icon on your desktop.
    • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
    • Ewido will now begin the scanning process. Be patient this may take a little time.
      Once the scan is complete do the following:
    • If you have any infections you will prompted, then select "Apply all actions"
    • Next select the "Reports" icon at the top.
    • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
    • Close Ewido and reboot your system back into Normal Mode.


    Please go HERE to run Panda's ActiveScan
    • Once you are on the Panda site click the Scan your PC button
    • A new window will open...click the Check Now button
    • Enter your Country
    • Enter your State/Province
    • Enter your e-mail address and click send
    • Select either Home User or Company
    • Click the big Scan Now button
    • If it wants to install an ActiveX component allow it
    • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
    • When download is complete, click on My Computer to start the scan
    • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report


    Come back here and post a new HijackThis log along with the logs from the Ewido and Panda scans.
     
  4. KarmaKitten

    KarmaKitten Thread Starter

    Joined:
    Jul 20, 2006
    Messages:
    14
    ---------------------------------------------------------
    ewido anti-spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 6:01:22 PM 7/20/2006

    + Scan result:



    HKLM\SOFTWARE\Classes\CLSID\{6B925150-4E3E-4EC7-B642-57392A9394C1} -> Adware.ContextuAd : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B925150-4E3E-4EC7-B642-57392A9394C1} -> Adware.ContextuAd : Cleaned with backup (quarantined).
    HKU\S-1-5-21-709302638-493897530-2637264700-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6B925150-4E3E-4EC7-B642-57392A9394C1} -> Adware.ContextuAd : Cleaned with backup (quarantined).
    C:\WINDOWS\SYSTEM32\javamcore.dll -> Adware.MediaBack : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Local Settings\Temporary Internet Files\Content.IE5\MC49JWW5\anti4[1].exe -> Adware.Virtumonde : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Local Settings\Temporary Internet Files\Content.IE5\MC49JWW5\ff3[1] -> Adware.Virtumonde : Cleaned with backup (quarantined).
    C:\WINDOWS\SYSTEM32\ddccb.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
    C:\WINDOWS\SYSTEM32\ljjgffc.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
    C:\Program Files\FireFly\__delete_on_reboot__S_e_r_p_e_n_t_._E_x_e_ -> Backdoor.Delf.agq : Cleaned with backup (quarantined).
    C:\Program Files\FireFly\__delete_on_reboot__W_i_n_D_e_B_u_g_._e_x_e_ -> Backdoor.Delf.agq : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Local Settings\Temp\win204.tmp.exe -> Downloader.Small : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Local Settings\Temporary Internet Files\Content.IE5\4HA7WDM3\mulbin32[1].exe -> Downloader.Small : Cleaned with backup (quarantined).
    :mozilla.27:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.28:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.29:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.30:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.31:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.32:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.33:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.34:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.35:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.36:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.37:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.38:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.39:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.40:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.41:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.42:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.43:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.44:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.45:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.46:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.47:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.48:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.49:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.50:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.51:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.52:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.53:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.54:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.55:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.562:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.56:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.57:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.58:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.59:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.60:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.61:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.62:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.63:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.64:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.65:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.66:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.67:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.68:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.69:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.70:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.714:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.71:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.726:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.72:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.73:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.74:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.75:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.76:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.433:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
    :mozilla.640:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
    :mozilla.641:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
    :mozilla.555:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup (quarantined).
    :mozilla.556:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup (quarantined).
    :mozilla.804:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
    :mozilla.805:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
    :mozilla.806:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][1].txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
    :mozilla.424:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
    :mozilla.425:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
    :mozilla.426:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
    :mozilla.427:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
    :mozilla.428:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
    :mozilla.429:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
    :mozilla.430:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
    :mozilla.769:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
    :mozilla.770:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
    :mozilla.123:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
    :mozilla.124:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
    :mozilla.125:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
    :mozilla.126:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
    :mozilla.127:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
    :mozilla.128:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
    :mozilla.209:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
    :mozilla.566:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
    :mozilla.314:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
    :mozilla.315:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
    :mozilla.316:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
    :mozilla.317:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
    :mozilla.544:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
    :mozilla.253:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][1].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
    :mozilla.186:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
     
  5. KarmaKitten

    KarmaKitten Thread Starter

    Joined:
    Jul 20, 2006
    Messages:
    14
    :mozilla.187:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
    :mozilla.188:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
    :mozilla.189:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
    :mozilla.190:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
    :mozilla.191:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
    :mozilla.192:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
    :mozilla.195:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Local Settings\Temp\Cookies\christine [email protected][1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
    :mozilla.404:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][2].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][2].txt -> TrackingCookie.Cpvfeed : Cleaned with backup (quarantined).
    :mozilla.202:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
    :mozilla.678:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
    :mozilla.679:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
    :mozilla.680:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
    :mozilla.646:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
    :mozilla.647:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
    :mozilla.648:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
    :mozilla.531:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    :mozilla.532:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    :mozilla.534:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    :mozilla.535:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    :mozilla.539:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    :mozilla.133:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
    :mozilla.136:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
    :mozilla.137:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
    :mozilla.138:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
    :mozilla.139:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
    :mozilla.140:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
    :mozilla.141:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
    :mozilla.569:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
    :mozilla.570:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
    :mozilla.571:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
    :mozilla.572:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
    :mozilla.573:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
    :mozilla.694:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup (quarantined).
    :mozilla.808:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
    :mozilla.809:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
    :mozilla.810:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
    :mozilla.811:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
    :mozilla.812:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
    :mozilla.346:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
    :mozilla.347:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
    :mozilla.816:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
    :mozilla.817:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
    :mozilla.818:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
    :mozilla.718:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
    :mozilla.719:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][2].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
    :mozilla.521:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
    :mozilla.522:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
    :mozilla.523:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
    :mozilla.524:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
    :mozilla.486:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
    :mozilla.487:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
    :mozilla.488:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
    :mozilla.489:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][1].txt -> TrackingCookie.Realcastmedia : Cleaned with backup (quarantined).
    :mozilla.415:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
    :mozilla.416:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
    :mozilla.417:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
    :mozilla.418:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
    :mozilla.419:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
    :mozilla.420:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
    :mozilla.421:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
    :mozilla.422:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][2].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
    :mozilla.732:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
    :mozilla.77:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
    :mozilla.78:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
    :mozilla.79:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
    :mozilla.80:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
    :mozilla.81:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
    :mozilla.82:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
    :mozilla.83:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
    :mozilla.84:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
    :mozilla.85:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
    :mozilla.86:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
    :mozilla.87:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
    :mozilla.88:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
    :mozilla.89:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
    :mozilla.525:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
    :mozilla.526:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
    :mozilla.527:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
    :mozilla.528:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
    :mozilla.10:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\l4yjl1yy.Default User\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.11:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\l4yjl1yy.Default User\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.12:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\l4yjl1yy.Default User\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.7:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\l4yjl1yy.Default User\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
     
  6. KarmaKitten

    KarmaKitten Thread Starter

    Joined:
    Jul 20, 2006
    Messages:
    14
    :mozilla.8:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\l4yjl1yy.Default User\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.9:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\l4yjl1yy.Default User\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.201:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
    :mozilla.203:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
    :mozilla.204:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
    :mozilla.205:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
    :mozilla.206:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][2].txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
    :mozilla.741:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup (quarantined).
    :mozilla.260:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.263:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.264:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.265:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.266:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.269:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.270:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.271:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.272:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.273:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.274:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.275:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.276:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.277:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.278:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.279:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.280:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.281:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.282:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.283:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.284:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.285:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.286:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.287:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.288:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.289:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.290:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.291:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.292:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.293:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.294:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.295:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.296:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.297:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.298:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.299:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.300:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.301:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.302:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.303:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.304:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.305:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.306:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.307:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.308:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.309:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.310:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.311:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.312:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.313:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.540:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
    :mozilla.541:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
    :mozilla.542:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
    :mozilla.543:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][2].txt -> TrackingCookie.Tracking101 : Cleaned with backup (quarantined).
    :mozilla.129:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
    :mozilla.130:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
    :mozilla.348:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    :mozilla.349:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    :mozilla.350:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    :mozilla.351:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    :mozilla.352:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    :mozilla.353:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    :mozilla.354:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    :mozilla.355:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    :mozilla.356:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    :mozilla.254:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
    :mozilla.255:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
    :mozilla.256:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
    :mozilla.159:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.160:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.161:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.162:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.163:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.164:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.165:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.166:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.167:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.168:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.169:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.170:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.171:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.172:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.173:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.174:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.175:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.176:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.177:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.178:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Local Settings\Temp\Cookies\christine [email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.12:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\77pcydqw.dd\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
    :mozilla.12:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\izucv9ma.Default User1\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
    :mozilla.12:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\vjbnz5e9.11\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
    :mozilla.13:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\77pcydqw.dd\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
    :mozilla.13:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\izucv9ma.Default User1\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
    :mozilla.13:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\vjbnz5e9.11\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
    :mozilla.14:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\vjbnz5e9.11\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
    :mozilla.15:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\vjbnz5e9.11\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
    :mozilla.16:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\vjbnz5e9.11\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
    :mozilla.21:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\l4yjl1yy.Default User\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
    :mozilla.22:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\l4yjl1yy.Default User\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
    :mozilla.394:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
    :mozilla.395:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
    :mozilla.396:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
    :mozilla.397:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
    :mozilla.398:C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Desktop\Frame.Shots.v2.0.Cracked-UnderPl\Frame.Shots.v2.0.Cracked-UnderPl\crack.rar/crack.exe -> Trojan.Crypt.e : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Local Settings\Temporary Internet Files\Content.IE5\4HA7WDM3\bgates[2].exe -> Trojan.Dialer.pz : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Local Settings\Temporary Internet Files\Content.IE5\4HA7WDM3\srvjwy[1].exe -> Trojan.Pakes : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Local Settings\Temporary Internet Files\Content.IE5\MC49JWW5\srvqay[1].exe -> Trojan.Pakes : Cleaned with backup (quarantined).
    C:\Documents and Settings\Christine Moua\Local Settings\Temporary Internet Files\Content.IE5\YARMABJ5\srvcni[1].exe -> Trojan.Pakes : Cleaned with backup (quarantined).
    C:\WINDOWS\Temp\win17.tmp.exe -> Trojan.Pakes : Cleaned with backup (quarantined).
    C:\WINDOWS\Temp\win478.tmp.exe -> Trojan.Pakes : Cleaned with backup (quarantined).


    ::Report end
     
  7. KarmaKitten

    KarmaKitten Thread Starter

    Joined:
    Jul 20, 2006
    Messages:
    14
    ACTIVESCAN Panda


    Incident Status Location

    Adware:Adware/SuperSpider Not disinfected C:\WINDOWS\system32\winjrs32.dll
    Hacktool:rootkit/zaqt.a Not disinfected hkey_local_machine\system\currentcontrolset\services\DP1112
    Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt[ad.yieldmanager.com/]
    Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt[.casalemedia.com/]
    Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt[.advertising.com/]
    Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt[.atdmt.com/]
    Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt[.advertising.com/]
    Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt[.statcounter.com/]
    Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt[.atwola.com/]
    Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt[.realmedia.com/]
    Spyware:Cookie/Peel Not disinfected C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt[.peel.com/]
    Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt[.go.com/]
    Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt[.maxserving.com/]
    Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt[.bravenet.com/]
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt[.belnk.com/]
    Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt[.did-it.com/]
    Spyware:Cookie/FortuneCity Not disinfected C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt[.fortunecity.com/]
    Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt[landing.domainsponsor.com/]
    Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Christine Moua\Application Data\Mozilla\Firefox\Profiles\bu154i8o.default\cookies.txt[searchportal.information.com/]
    Adware:Adware/CWS.Searchmeup Not disinfected C:\Documents and Settings\Christine Moua\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-8fba448-793caa77.zip[GetAccess.class]
    Adware:Adware/CWS.Searchmeup Not disinfected C:\Documents and Settings\Christine Moua\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-8fba448-793caa77.zip[Installer.class]
    Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Christine Moua\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-8fba448-793caa77.zip[NewSecurityClassLoader.class]
    Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Christine Moua\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-8fba448-793caa77.zip[NewURLClassLoader.class]
    Adware:Adware/IST.ISTBar Not disinfected C:\Documents and Settings\Christine Moua\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-31f00108-1572e63f.zip[javainstaller/InstallerApplet.class]
    Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][2].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][1].txt
    Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][2].txt
    Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][2].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][1].txt
    Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][1].txt
    Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][1].txt
    Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Christine Moua\Cookies\christine [email protected][1].txt
    Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Christine Moua\Local Settings\Temp\Cookies\christine [email protected][1].txt
    Adware:Adware/SuperSpider Not disinfected C:\Documents and Settings\Christine Moua\Local Settings\Temp\mst1FF.tmp
    Adware:Adware/SuperSpider Not disinfected C:\Documents and Settings\Christine Moua\Local Settings\Temp\mst22A.tmp
    Virus:Trj/Downloader.AQP Not disinfected C:\Documents and Settings\Christine Moua\Local Settings\Temp\mxdd.exe[jdbdev.exe]
    Adware:Adware/MediaBack Not disinfected C:\Documents and Settings\Christine Moua\Local Settings\Temp\mxdd.exe[javamcore.dll]
    Virus:Trj/Clicker.QR Not disinfected C:\Documents and Settings\Christine Moua\Local Settings\Temp\mxdd.exe[ojsql.exe]
     
  8. KarmaKitten

    KarmaKitten Thread Starter

    Joined:
    Jul 20, 2006
    Messages:
    14
    HJT

    Logfile of HijackThis v1.99.1
    Scan saved at 7:13:34 PM, on 7/20/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
    C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\Program Files\Apoint\Apoint.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
    C:\Program Files\Apoint\Apntex.exe
    C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    C:\Program Files\Dell\Media Experience\PCMService.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    c:\program files\mcafee.com\agent\mcagent.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Visioneer OneTouch\OneTouchMon.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\ewido anti-spyware 4.0\ewido.exe
    C:\Program Files\Dell Support\DSAgnt.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\EZ-DUB\EZ-DUB.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Christine Moua\Desktop\hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
    R3 - Default URLSearchHook is missing
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
    O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe /disabled
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [OneTouch Monitor] C:\Program Files\Visioneer OneTouch\OneTouchMon.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [McRegWiz] C:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [PPWebCap] C:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe
    O4 - HKCU\..\Run: [warez] "C:\Program Files\Warez P2P Client\warez.exe" -h
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
    O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O4 - Global Startup: EZ-DUB Finder.lnk = C:\Program Files\EZ-DUB\EZ-DUB.exe
    O8 - Extra context menu item: Copy to Semagic - C:\Program Files\Semagic\copy.htm
    O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Semagic - C:\Program Files\Semagic\link.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
    O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
    O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: FireFly - Unknown owner - C:\Program Files\FireFly\WinDeBug.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
    O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
     
  9. KarmaKitten

    KarmaKitten Thread Starter

    Joined:
    Jul 20, 2006
    Messages:
    14
    WOW. Sorry! I didn't think all this dookie would be on my little laptop. >_> @_# Please help! Thanks!
     
  10. KarmaKitten

    KarmaKitten Thread Starter

    Joined:
    Jul 20, 2006
    Messages:
    14
    :/ Really? No one willing to analyze my logs? :( I'm lost here! -_-
     
  11. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    108,892
    Please download VundoFix.exe to your desktop.
    • Double-click VundoFix.exe to run it.
    • Put a check next to Run VundoFix as a task.
    • You will receive a message saying vundofix will close and re-open in a minute or less. Click OK
    • When VundoFix re-opens, click the Scan for Vundo button.
    • Once it's done scanning, click the Remove Vundo button.
    • You will receive a prompt asking if you want to remove the files, click YES
    • Once you click yes, your desktop will go blank as it starts removing Vundo.
    • When completed, it will prompt that it will shutdown your computer, click OK.
    • Turn your computer back on.
    • Please post the contents of C:\vundofix.txt and a new HijackThis log.
     
  12. KarmaKitten

    KarmaKitten Thread Starter

    Joined:
    Jul 20, 2006
    Messages:
    14
    ok - ran vundofix and heres the new hjt logfile.

    Logfile of HijackThis v1.99.1
    Scan saved at 12:53:13 PM, on 7/21/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
    C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\Program Files\Apoint\Apoint.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    C:\Program Files\Dell\Media Experience\PCMService.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Apoint\Apntex.exe
    C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Visioneer OneTouch\OneTouchMon.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Dell Support\DSAgnt.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\EZ-DUB\EZ-DUB.exe
    C:\Documents and Settings\Christine Moua\Desktop\hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
    R3 - Default URLSearchHook is missing
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
    O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe /disabled
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [OneTouch Monitor] C:\Program Files\Visioneer OneTouch\OneTouchMon.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [McRegWiz] C:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [PPWebCap] C:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe
    O4 - HKCU\..\Run: [warez] "C:\Program Files\Warez P2P Client\warez.exe" -h
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
    O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O4 - Global Startup: EZ-DUB Finder.lnk = C:\Program Files\EZ-DUB\EZ-DUB.exe
    O8 - Extra context menu item: Copy to Semagic - C:\Program Files\Semagic\copy.htm
    O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Semagic - C:\Program Files\Semagic\link.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
    O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
    O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: FireFly - Unknown owner - C:\Program Files\FireFly\WinDeBug.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
    O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
     
  13. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    108,892
     
  14. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    108,892
    Click Start - Run - and type in:

    services.msc

    Click OK.

    In the services window find FireFly.
    Right click and choose "Properties". On the "General" tab under "Service Status" click the "Stop" button to stop the service. Beside "Start-up Type" in the dropdown menu select "Disabled". Click Apply then OK. Exit the Services utility.

    Note: You may get an error here when trying to access the properties of the service. If you do get an error, just select the service and look there in the top left of the main service window and click "Stop" to stop the service. If that gives an error or it is already stopped, just skip this step and proceed with the rest.


    Click Here and download Killbox and save it to your desktop but don’t run it yet.


    Rescan with HijackThis, close all browser windows except HijackThis, put a check mark beside these entries and click fix checked.


    R3 - Default URLSearchHook is missing

    O23 - Service: FireFly - Unknown owner - C:\Program Files\FireFly\WinDeBug.exe


    Then boot to safe mode:


    How to restart to safe mode


    Double-click on Killbox.exe to run it.
    • Put a tick by Standard File Kill.
    • In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time:

      C:\Program Files\FireFly

      C:\Program Files\Save

      C:\Program Files\Air Assault 3D\NNSUNA3_88.exe

      c:\windows\system32\rk.bin

      C:\Documents and Settings\alifcarr\Start Menu\Programs\WhenU

      c:\DriverLoad

    • Click on the button that has the red circle with the X in the middle after you enter each file.
    • It will ask for confirmation to delete the file.
    • Click Yes.
    • Continue with that procedure until you have pasted all of these in the "Paste Full Path of File to Delete" box.
    • Killbox may tell you that one or more files do not exist.
    • If that happens, just continue on with all the files. Be sure you don't miss any.
    • Next in Killbox go to Tools > Delete Temp Files
    • In the window that pops up, put a check by ALL the options there except these three:
      • XP Prefetch
      • Recent
      • History
    • Now click the Delete Selected Temp Files button.
    • Exit the Killbox.


    Boot back to Windows normally and post another HijackThis log please.


    You also need to replace your Sun java with newest version. There are more vulnerabilities in the older versions that can be exploited.

    Go to Add/Remove programs and uninstall this:

    Java 2 Runtime Environment, SE v1.4.2


    Now go here and install the latest version of Java.
     
  15. KarmaKitten

    KarmaKitten Thread Starter

    Joined:
    Jul 20, 2006
    Messages:
    14
    Lol. I forgot! Here it is.


    VundoFix V5.1.4

    Checking Java version...

    Java version is 1.4.2.3

    Scan started at 12:35:51 PM 7/21/2006

    Listing files found while scanning....


    VundoFix V5.1.4

    Running as SYSTEM
    from c:\windows\system32\VundoFix.exe

    Checking Java version...

    Java version is 1.4.2.3

    Scan started at 12:37:20 PM 7/21/2006

    Listing files found while scanning....

    C:\WINDOWS\system32\Drivers\DP.sys

    VundoFix V5.1.4

    Running as SYSTEM
    from c:\windows\system32\VundoFix.exe

    Checking Java version...

    Java version is 1.4.2.3

    Scan started at 12:40:01 PM 7/21/2006

    Listing files found while scanning....

    C:\WINDOWS\system32\Drivers\DP.sys

    Beginning removal...

    The process smss.exe was successfully stopped

    The process winlogon.exe was successfully stopped

    The process explorer.exe was successfully stopped

    The process iexplore.exe was successfully stopped

    The process rundll32.exe was successfully stopped

    Attempting to delete C:\WINDOWS\system32\Drivers\DP.sys
    C:\WINDOWS\system32\Drivers\DP.sys Has been deleted!

    Performing Repairs to the registry.
    Done!
     
  16. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    108,892
    That's fine. Please carry on with the rest.
     
  17. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/484860