1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

HiJack This log for virus/spyware help

Discussion in 'Virus & Other Malware Removal' started by Fankle, Jul 23, 2006.

Thread Status:
Not open for further replies.
Advertisement
  1. Fankle

    Fankle Thread Starter

    Joined:
    Jan 6, 2005
    Messages:
    65
    Hello,
    I am posting my hijackthis log with hopes that someone out there can help me. I have not installed anything in the last two days, yet all of a sudden today my computer tried installing a driver for hardware which it didnt get through without a crash. Now I see winlogon.exe in my processes tab in task manager, which I do not ever remember seeing before, signaling a problem. No sooner had I gone suspicious about that, but Symantec antivirus started halting all sorts of things. Right now its got a Dialer.Kotu called srvfxg[1].exe and a trojan horse called srvyal[1].exe. It says quarantine was partiallt successful. I have run spy bot with nothing found, and windows defender has not found anything either. I've updated symantec about 5 mins ago, and it is still saying the same thing. I am running a legal copy of Windows XP Home SP2. I am running ZONELABS Firewall as well as windows firewall. If I can provide anymore information please let me know. This one has got me stumped. Thank you again.
    Here is the hijackthis log:

    Logfile of HijackThis v1.99.1
    Scan saved at 10:13:39 PM, on 7/23/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5346.0005)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
    C:\Program Files\Symantec AntiVirus\DefWatch.exe
    C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
    C:\WINDOWS\system32\TFNF5.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
    C:\PROGRA~1\SYMANT~1\VPTray.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\WINDOWS\system32\ezSP_Px.exe
    C:\WINDOWS\system32\00THotkey.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Documents and Settings\Tom Dunmore II\Desktop\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.toshiba.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    O1 - Hosts: localhost 127.0.0.1
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
    O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
    O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
    O4 - HKLM\..\Run: [EPSON Stylus C84 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE /P23 "EPSON Stylus C84 Series" /O6 "USB001" /M "Stylus C84"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
    O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: Shortcut to map.lnk = ?
    O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1125480989421
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1150256338303
    O20 - AppInit_DLLs: C:\WINDOWS\system32\wmfhotfix.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: winxpn32 - C:\WINDOWS\SYSTEM32\winxpn32.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
    O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe (file missing)
    O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
     
  2. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Download the trial version of Ewido Anti-spyware from HERE and save that file to your desktop. When the trial period expires, it becomes freeware with reduced functions but still worth keeping.


    • Once you have downloaded Ewido Anti-spyware, locate the icon on the desktop and double-click it to launch the set up program.
    • Once the setup is complete you will need run Ewido and update the definition files.
    • On the main screen select the icon "Update" then select the "Update now" link.
    • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
    • Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
    • Once in the Settings screen click on "Recommended actions" and then select "Quarantine"
    • Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"

    Close Ewido Anti-Spyware, DO NOT run a scan yet. We will do that later in Safe Mode.


    • Reboot your computer into Safe Mode now. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight Safe Mode then hit enter.
      IMPORTANT: Do not open any other windows or programs while Ewido is scanning as it may interfere with the scanning process:
    • Launch Ewido Anti-spyware by double-clicking the icon on your desktop.
    • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
    • Ewido will now begin the scanning process. Be patient this may take a little time.
      Once the scan is complete do the following:
    • If you have any infections you will prompted, then select "Apply all actions"
    • Next select the "Reports" icon at the top.
    • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
    • Close Ewido and reboot your system back into Normal Mode.


    Run ActiveScan online virus scan: here

    When the scan is finished, save the results from the scan!


    Come back here and post a new Hijack This log along with the logs from the Ewido and Panda scans.
     
  3. Fankle

    Fankle Thread Starter

    Joined:
    Jan 6, 2005
    Messages:
    65
    New information. Apparently I am suffering from a virus with the title win90b.tmp.exe. I only found out because it crashed, and it asked me whether to send a report to microsoft or not, I did of course. I'm running the panda scan now. This information helpful?
     
  4. Fankle

    Fankle Thread Starter

    Joined:
    Jan 6, 2005
    Messages:
    65
    ---------------------------------------------------------
    ewido anti-spyware - Scan Report
    ---------------------------------------------------------
    + Created at: 10:38:25 AM 7/24/2006
    + Scan result:
    C:\Program Files\Image-Line\FL Studio 6\talio.dll -> Downloader.Small : Cleaned with backup (quarantined).
    :mozilla.134:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
    :mozilla.135:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.136:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.137:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.138:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.139:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.140:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.141:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.142:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.143:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.144:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.145:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.146:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.147:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.148:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.149:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.150:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.151:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.152:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.153:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.154:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.155:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.156:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.157:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.158:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.159:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.160:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.161:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.162:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.163:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.184:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.209:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.21:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.22:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.23:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.243:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
    :mozilla.164:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
    :mozilla.165:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup (quarantined).
    :mozilla.166:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup (quarantined).
    :mozilla.198:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
    :mozilla.185:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
    :mozilla.186:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
    :mozilla.187:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
    :mozilla.188:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
    :mozilla.189:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
    :mozilla.310:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
    :mozilla.311:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
    :mozilla.312:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
    :mozilla.313:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
    :mozilla.169:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
    :mozilla.170:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
    :mozilla.10:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
    :mozilla.11:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
    :mozilla.12:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
    :mozilla.13:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
    :mozilla.14:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
    :mozilla.15:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
    :mozilla.16:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
    :mozilla.17:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
    :mozilla.18:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
    :mozilla.8:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
    :mozilla.61:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
    :mozilla.147:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
    :mozilla.173:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
    :mozilla.174:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
    :mozilla.175:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
    :mozilla.176:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
    :mozilla.229:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
    :mozilla.226:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
    :mozilla.227:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
    :mozilla.228:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
    :mozilla.190:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned with backup (quarantined).
    :mozilla.213:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
    :mozilla.214:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
    :mozilla.215:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
    :mozilla.216:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
    :mozilla.217:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
    :mozilla.218:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
    :mozilla.42:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
    :mozilla.43:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
    :mozilla.24:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
    :mozilla.26:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
    :mozilla.27:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
    :mozilla.28:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
    :mozilla.29:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
    :mozilla.20:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
    :mozilla.178:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    :mozilla.219:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
    :mozilla.243:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
    :mozilla.193:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
    :mozilla.194:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
    :mozilla.195:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
    :mozilla.259:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
    :mozilla.260:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
    :mozilla.261:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
    :mozilla.262:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
    :mozilla.201:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
    :mozilla.92:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
    :mozilla.93:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
    :mozilla.71:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
    :mozilla.182:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined).
    :mozilla.250:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
    :mozilla.30:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
    :mozilla.265:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
    :mozilla.208:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
    :mozilla.25:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
    :mozilla.26:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
    :mozilla.27:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
    :mozilla.28:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
    :mozilla.181:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
    :mozilla.268:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
    :mozilla.269:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
    :mozilla.270:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
    :mozilla.271:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
    :mozilla.66:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.67:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
     
  5. Fankle

    Fankle Thread Starter

    Joined:
    Jan 6, 2005
    Messages:
    65
    :mozilla.68:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.69:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.70:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.71:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.72:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.73:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.73:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.74:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.74:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.75:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.75:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.76:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.76:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.77:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.77:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.78:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.78:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.79:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.79:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.80:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.80:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.81:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.81:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.82:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.83:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.84:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.85:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.86:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.87:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.88:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.89:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
    :mozilla.45:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
    :mozilla.34:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
    :mozilla.35:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
    :mozilla.36:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
    :mozilla.37:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
    :mozilla.39:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
    :mozilla.41:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
    :mozilla.125:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
    :mozilla.127:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
    :mozilla.251:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup (quarantined).
    :mozilla.10:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.11:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.12:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.13:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.14:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.15:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.16:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.17:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.18:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.19:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.20:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.21:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.22:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.23:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.24:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.252:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.253:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.25:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.6:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.7:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.8:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.9:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
    :mozilla.230:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
    :mozilla.231:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
    :mozilla.283:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
    :mozilla.284:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
    :mozilla.222:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
    :mozilla.223:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
    :mozilla.290:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
    :mozilla.291:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
    :mozilla.292:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    :mozilla.293:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    :mozilla.294:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    :mozilla.92:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    :mozilla.93:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    :mozilla.94:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    :mozilla.95:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    :mozilla.96:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    :mozilla.97:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    :mozilla.98:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
    :mozilla.255:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Trafic : Cleaned with backup (quarantined).
    :mozilla.295:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Trafic : Cleaned with backup (quarantined).
    :mozilla.36:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
    :mozilla.59:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
    :mozilla.60:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
    :mozilla.62:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
    :mozilla.63:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
    :mozilla.167:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
    :mozilla.99:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
    :mozilla.107:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.108:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.109:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.110:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.111:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.113:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.114:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.115:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.118:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.318:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.319:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.320:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.321:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.322:C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
    :mozilla.120:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
    :mozilla.121:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
    :mozilla.122:C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
    C:\Program Files\Trillian\Crack.exe -> Trojan.Agent.jh : Cleaned with backup (quarantined).
    C:\WINDOWS\Temp\win14.tmp.exe -> Trojan.Pakes : Cleaned with backup (quarantined).
    C:\WINDOWS\Temp\win9.tmp.exe -> Trojan.Pakes : Cleaned with backup (quarantined).
    ::Report end

    I had to post in two parts because I apparently went over the character limit.
     
  6. Fankle

    Fankle Thread Starter

    Joined:
    Jan 6, 2005
    Messages:
    65
    This is the panda scan log.


    Incident Status Location

    Adware:adware/winprotect Not disinfected c:\windows\help\SPAlert.chm
    Adware:adware/cws Not disinfected c:\documents and settings\all users\favorites\Online Pharmacy
    Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt[.bravenet.com/]
    Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt[.go.com/]
    Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt[.atwola.com/]
    Spyware:Cookie/360i Not disinfected C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt[.ct.360i.com/]
    Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt[.did-it.com/]
    Spyware:Cookie/Entrepreneur Not disinfected C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt[.entrepreneur.com/]
    Spyware:Cookie/FortuneCity Not disinfected C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt[.fortunecity.com/]
    Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt[.maxserving.com/]
    Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt[.realmedia.com/]
    Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt[.xiti.com/]
    Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt[searchportal.information.com/]
    Spyware:Cookie/Buzztone Not disinfected C:\Documents and Settings\Tom Dunmore II\Application Data\Mozilla\Firefox\Profiles\6qee6xk2.default\cookies.txt[www.buzztone.com/]
    Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt[.atwola.com/]
    Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt[.maxserving.com/]
    Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Tom Dunmore II\Application Data\Netscape\NSB\Profiles\f33kri8w.default\cookies.txt[.realmedia.com/]
     
  7. Fankle

    Fankle Thread Starter

    Joined:
    Jan 6, 2005
    Messages:
    65
    Here is the new HIJackThis Log:
    Logfile of HijackThis v1.99.1
    Scan saved at 11:43:07 AM, on 7/24/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5346.0005)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
    C:\Program Files\Symantec AntiVirus\DefWatch.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
    C:\WINDOWS\system32\TFNF5.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\PROGRA~1\SYMANT~1\VPTray.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\WINDOWS\system32\ezSP_Px.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
    C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\WINDOWS\system32\00THotkey.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
    C:\Program Files\ewido anti-spyware 4.0\ewido.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Tom Dunmore II\Desktop\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.toshiba.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    O1 - Hosts: localhost 127.0.0.1
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
    O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
    O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
    O4 - HKLM\..\Run: [EPSON Stylus C84 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE /P23 "EPSON Stylus C84 Series" /O6 "USB001" /M "Stylus C84"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
    O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
    O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: Shortcut to map.lnk = ?
    O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1125480989421
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1150256338303
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O20 - AppInit_DLLs: C:\WINDOWS\system32\wmfhotfix.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: winxpn32 - C:\WINDOWS\SYSTEM32\winxpn32.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
    O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe (file missing)
    O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
     
  8. Fankle

    Fankle Thread Starter

    Joined:
    Jan 6, 2005
    Messages:
    65
    Can someone check out line O20 - Winlogon Notify: winxpn32 - C:\WINDOWS\SYSTEM32\winxpn32.dll? Is this the culprit, its the only one so far that doesn't have a microsoft title.
     
  9. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Rescan with Hijack This.
    Close all browser windows except Hijack This.
    Put a check mark beside these entries and click "Fix Checked".

    O20 - Winlogon Notify: winxpn32 - C:\WINDOWS\SYSTEM32\winxpn32.dll

    Close Hijack This.

    Please download the Killbox by Option^Explicit.

    Note: In the event you already have Killbox, this is a new version that I need you to download.
    • Save it to your desktop.
    • Please double-click Killbox.exe to run it.
    • Select:
      • Delete on Reboot
      • then Click on the All Files button.
    • Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):


      C:\WINDOWS\SYSTEM32\winxpn32.dll

    • Return to Killbox, go to the File menu, and choose Paste from Clipboard.
    • Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).

    If your computer does not restart automatically, please restart it manually.

    If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run Killbox, click here to download and run missingfilesetup.exe. Then try Killbox again.

    Post a new Hijack This log.
     
  10. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/485794

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice