I need help removing spyw

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

cureforpain

Thread Starter
Joined
Dec 24, 2005
Messages
3
Logfile of HijackThis v1.99.1
Scan saved at 10:04:17 PM, on 12/23/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\1XConfig.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\CMMan\CMMan.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\wmconnect\wmtray.exe
C:\WINDOWS\system32\PackethSvc.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\LxrSII1s.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\PROGRA~1\Grisoft\AVG7\avgwb.dat
C:\DOCUME~1\Katie\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [ZCfgSvc.exe] C:\WINDOWS\system32\ZCfgSvc.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [irassync] C:\WINDOWS\system32\irasyncd.exe
O4 - HKCU\..\Run: [CMMan] "C:\Program Files\CMMan\CMMan.exe"
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wal-Mart Connect Tray Icon.lnk = C:\Program Files\wmconnect\wmtray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2A32AD38-D965-4EAB-B083-29F340D2E18B}: NameServer = 24.92.226.52
O17 - HKLM\System\CS2\Services\Tcpip\..\{0C826328-211B-4C27-8339-85F79BF9621B}: NameServer = 205.188.146.145
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {6793D547-38DD-4325-B35A-F1817EDFA567} - C:\Program Files\CMMan\mfhlp.dll
O20 - AppInit_DLLs: dneaebcl.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\system32\LgNotify.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Lexar Secure II (LxrSII1s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrSII1s.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\system32\PackethSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: Windows Overlay Components - Unknown owner - C:\WINDOWS\japwxrz.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

This is my hijackthis log... Can someone tell me what I need to do...? My internet is acting funny... :confused:
 

Cheeseball81

Retired Moderator
Joined
Mar 3, 2004
Messages
84,315
Welcome to TSG :)

Click here to download the trial version of Ewido Security Suite:
http://www.ewido.net/en/download/

· Install Ewido.
· During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
· Launch ewido.
· It will prompt you to update click the OK button and it will go to the main screen.
· On the left side of the main screen click update.
· Click on Start and let it update.
· DO NOT run a scan yet.

Restart your computer into Safe Mode now.
(Start tapping the F8 key at Startup, before the Windows logo screen).
Perform the following steps in Safe Mode:

* Run Ewido:
Click on scanner
Click Complete System Scan and the scan will begin.
During the scan it will prompt you to clean files, click OK.
When the scan is finished, look at the bottom of the screen and click the Save report button.
Save the report to your desktop.

Reboot.

Post a new Hijack This log and the results of the Ewido scan.
 

cureforpain

Thread Starter
Joined
Dec 24, 2005
Messages
3
Thank you for your help. I did as you suggested and this is the report. (It's in 2 because it won't let me submit all of it due to length.)

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 2:08:44 AM, 12/24/2005
+ Report-Checksum: B0C62499

+ Scan result:

:mozilla.12:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.137:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.163:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.166:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.167:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.168:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.169:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.170:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.171:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.182:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.183:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.184:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.185:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.211:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.232:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.233:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.234:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.235:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.236:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.237:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.238:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.239:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.240:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.241:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.242:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.247:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.248:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.257:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.258:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
 

cureforpain

Thread Starter
Joined
Dec 24, 2005
Messages
3
:mozilla.259:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.260:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.261:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.263:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.264:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.265:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.266:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.267:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.268:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.269:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.270:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.275:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.276:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.277:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.278:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.279:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.280:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.281:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.290:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.301:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.314:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.315:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
:mozilla.316:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
:mozilla.317:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
:mozilla.318:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
:mozilla.319:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
:mozilla.320:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
:mozilla.321:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
:mozilla.322:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
:mozilla.323:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.324:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.360:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.390:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.391:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.392:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.405:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.406:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.413:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.428:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.429:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.430:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.432:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.433:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.435:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.436:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.437:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.461:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.462:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.463:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.464:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.466:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
:mozilla.484:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.486:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
:mozilla.487:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.488:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.489:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.490:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.491:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.492:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.497:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
:mozilla.503:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.504:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.508:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.509:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.510:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.553:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.555:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.557:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
:mozilla.637:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Spylog : Cleaned with backup
:mozilla.641:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Hypertracker : Cleaned with backup
:mozilla.672:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.673:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.674:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.690:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
:mozilla.691:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
:mozilla.694:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Casinodelrio : Cleaned with backup
:mozilla.729:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Comclick : Cleaned with backup
:mozilla.730:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Comclick : Cleaned with backup
:mozilla.731:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Comclick : Cleaned with backup
:mozilla.732:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Comclick : Cleaned with backup
:mozilla.751:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.752:C:\Documents and Settings\Katie\Application Data\Mozilla\Firefox\Profiles\e2khmhim.default\cookies.txt -> Spyware.Cookie.Paycounter : Cleaned with backup
C:\Documents and Settings\Katie\Cookies\[email protected][2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Katie\Cookies\[email protected][1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Katie\Cookies\[email protected][1].txt -> Spyware.Cookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Katie\Cookies\[email protected][2].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Katie\Cookies\[email protected][2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Katie\Cookies\[email protected][1].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Katie\Cookies\[email protected][2].txt -> Spyware.Cookie.Centrport : Cleaned with backup
C:\Documents and Settings\Katie\Cookies\[email protected][1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Katie\Cookies\[email protected][1].txt -> Spyware.Cookie.Ru4 : Cleaned with backup
C:\Documents and Settings\Katie\Cookies\[email protected][2].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Katie\Cookies\[email protected][1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Katie\Cookies\[email protected][1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Katie\Cookies\[email protected][1].txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Katie\Cookies\[email protected][2].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Katie\Cookies\[email protected][2].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\Katie\Cookies\[email protected][1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Katie\Local Settings\Temp\btnetw3.exe -> Not-A-Virus.Hoax.Win32.SpyWare.b : Cleaned with backup
C:\Program Files\CMMan\CMMan.exe -> Adware.CASClient : Cleaned with backup
C:\WINDOWS\system32\b2search.exe -> Adware.EZula : Cleaned with backup
C:\WINDOWS\system32\rastmon.dll -> Spyware.SafeSurfing : Cleaned with backup




Here is the HighJackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 2:49:50 AM, on 12/24/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\1XConfig.exe
C:\WINDOWS\system32\PackethSvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\LxrSII1s.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\Katie\LOCALS~1\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [ZCfgSvc.exe] C:\WINDOWS\system32\ZCfgSvc.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [irassync] C:\WINDOWS\system32\irasyncd.exe
O4 - HKCU\..\Run: [CMMan] "C:\Program Files\CMMan\CMMan.exe"
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wal-Mart Connect Tray Icon.lnk = C:\Program Files\wmconnect\wmtray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2A32AD38-D965-4EAB-B083-29F340D2E18B}: NameServer = 24.92.226.52
O17 - HKLM\System\CS2\Services\Tcpip\..\{0C826328-211B-4C27-8339-85F79BF9621B}: NameServer = 205.188.146.145
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {6793D547-38DD-4325-B35A-F1817EDFA567} - C:\Program Files\CMMan\mfhlp.dll
O20 - AppInit_DLLs: dneaebcl.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\system32\LgNotify.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Lexar Secure II (LxrSII1s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrSII1s.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\system32\PackethSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: Windows Overlay Components - Unknown owner - C:\WINDOWS\japwxrz.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
 

dvk01

Derek
Retired Moderator Retired Malware Specialist
Joined
Dec 14, 2002
Messages
56,452
I see that you don't have Hijackthis in a permanent folder. This needs to be done before we "fix" any entries in Hijackthis.
Please download Mosaic1's Move_hijackthis.zip from Here

Choose "Open" from the dialog box.
When the zip opens, you'll see a file named Move hijackthis.vbs in the folder.
Double click on Move hijackthis.vbs to run it.

If you get a warning about a malicious script please ignore that and allow this to run, it is not harmful.

When the script has finished running, it will start Hijackthis from its new location:
C:\Program Files\Hijackthis\hijackthis.exe
the next time you want to run it either go to C:\Program Files\Hijackthis
[or]
Click Start >Run and type hijackthis and press "enter".
 

dvk01

Derek
Retired Moderator Retired Malware Specialist
Joined
Dec 14, 2002
Messages
56,452
after you have moved HJT as described above

Download pocket killbox from http://www.thespykiller.co.uk/files/killbox.exe & put it on the desktop where you can find it easily


Now look in add/remove programs in control panel for casino manager & if there remove it

go to start/run and type services.msc press OK
when the screen opens scroll down to Windows Overlay Components right click and select properties and then on that page press stop service and then set the start up type to disabled, press ok a few times to get back to windows

be very careful to get the right one as there are several similar named ones there

now open HJT press config/misc tools and select delete an NT service

paste this into the box & press OK

Windows Overlay Components


Run hijackthis, put a tick in the box beside these entries listed below and ONLY these entries, double check to make sure, then make sure all browser & email windows are closed and press fix checked


O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [irassync] C:\WINDOWS\system32\irasyncd.exe
O4 - HKCU\..\Run: [CMMan] "C:\Program Files\CMMan\CMMan.exe"

O18 - Filter: text/html - {6793D547-38DD-4325-B35A-F1817EDFA567} - C:\Program Files\CMMan\mfhlp.dll
O20 - AppInit_DLLs: dneaebcl.dll
O23 - Service: Windows Overlay Components - Unknown owner - C:\WINDOWS\japwxrz.exe (file missing)

now Start killbox, go to options on the top bar and make sure remove directories is enabled and remove duplicates is UNCHECKED paste the first file listed below into the full pathname and file to delete box

The file name will appear in the window and if the file exists it will appear in blue under that window then select delete on reboot , press the red X button, say yes to the prompt and NO to reboot now then repeat for each file in turn

[Note: Killbox makes backups of all deleted files & folders in a folder called C:\!killbox ] If Killbox tells you any files are missing don't worry but make a note and let us know in your next reply

C:\WINDOWS\japwxrz.exe
C:\WINDOWS\system32\irasyncd.exe
C:\Program Files\CMMan\CMMan.exe
C:\Program Files\CMMan\mfhlp.dll
C:\WINDOWS\system32\dneaebcl.dll

Then on killbox top bar press tools/delete temp files, in the pop up box in the NT section select temp & temp internet & cookies only and in the 9x section select c:\windows\temp & c:\temp then on the drop down user account box, select your account, then repeat for every user account on the computer

then reboot and when it has rebooted posta fresh HJT log please
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Top