GrumpyHermit
Thread Starter
- Joined
- May 23, 2004
- Messages
- 464
Log of Hijack This!
Logfile of HijackThis v1.99.1
Scan saved at 3:32:07 PM, on 7/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\LTMSG.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Firewall\ca.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Documents and Settings\Bob Evans\My Documents\Program Downloads\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Firewall\ca.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.accuradio.com
O15 - Trusted Zone: *.akamai.net
O15 - Trusted Zone: rainweb2.streamguys.com
O15 - Trusted Zone: *.yimg.com
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1093028462573
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1133357826917
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
====================================================
Webroot SpySweeper results:
********
2:21 PM: | Start of Session, Wednesday, July 12, 2006 |
2:21 PM: Spy Sweeper started
2:21 PM: Sweep initiated using definitions version 717
2:21 PM: Starting Memory Sweep
2:24 PM: Memory Sweep Complete, Elapsed Time: 00:03:27
2:24 PM: Starting Registry Sweep
2:25 PM: Registry Sweep Complete, Elapsed Time:00:00:09
2:25 PM: Starting Cookie Sweep
2:25 PM: Found Spy Cookie: websponsors cookie
2:25 PM: karen [email protected][2].txt (ID = 3665)
2:25 PM: Found Spy Cookie: go.com cookie
2:25 PM: karen [email protected][2].txt (ID = 2729)
2:25 PM: Found Spy Cookie: ask cookie
2:25 PM: karen [email protected][2].txt (ID = 2245)
2:25 PM: Found Spy Cookie: atwola cookie
2:25 PM: karen [email protected][1].txt (ID = 2255)
2:25 PM: Found Spy Cookie: bizrate cookie
2:25 PM: karen [email protected][2].txt (ID = 2308)
2:25 PM: Found Spy Cookie: columbiahouse cookie
2:25 PM: karen [email protected][1].txt (ID = 2443)
2:25 PM: Found Spy Cookie: coolsavings cookie
2:25 PM: karen [email protected][2].txt (ID = 2465)
2:25 PM: Found Spy Cookie: 360i cookie
2:25 PM: karen [email protected][2].txt (ID = 1962)
2:25 PM: Found Spy Cookie: dealtime cookie
2:25 PM: karen [email protected][1].txt (ID = 2505)
2:25 PM: karen [email protected][1].txt (ID = 2729)
2:25 PM: karen [email protected][2].txt (ID = 2728)
2:25 PM: Found Spy Cookie: ic-live cookie
2:25 PM: karen [email protected][1].txt (ID = 2821)
2:25 PM: Found Spy Cookie: sb01 cookie
2:25 PM: karen [email protected][2].txt (ID = 3288)
2:25 PM: Found Spy Cookie: metareward.com cookie
2:25 PM: karen [email protected][1].txt (ID = 2990)
2:25 PM: Found Spy Cookie: nextag cookie
2:25 PM: karen [email protected][2].txt (ID = 5014)
2:25 PM: Found Spy Cookie: one-time-offer cookie
2:25 PM: karen [email protected][1].txt (ID = 3095)
2:25 PM: Found Spy Cookie: pub cookie
2:25 PM: karen [email protected][1].txt (ID = 3205)
2:25 PM: Found Spy Cookie: realmedia cookie
2:25 PM: karen [email protected][2].txt (ID = 3235)
2:25 PM: karen [email protected][1].txt (ID = 2729)
2:25 PM: Found Spy Cookie: reunion cookie
2:25 PM: karen [email protected][2].txt (ID = 3255)
2:25 PM: karen [email protected][1].txt (ID = 2729)
2:25 PM: karen [email protected][1].txt (ID = 2729)
2:25 PM: Found Spy Cookie: pch cookie
2:25 PM: karen [email protected][2].txt (ID = 3124)
2:25 PM: karen [email protected][1].txt (ID = 2506)
2:25 PM: Found Spy Cookie: megago cookie
2:25 PM: karen [email protected][1].txt (ID = 2983)
2:25 PM: karen [email protected][1].txt (ID = 2729)
2:25 PM: Found Spy Cookie: clickxchange adware cookie
2:25 PM: karen [email protected][1].txt (ID = 2409)
2:25 PM: Found Spy Cookie: tendollars cookie
2:25 PM: karen [email protected][1].txt (ID = 6367)
2:25 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00
2:25 PM: Starting File Sweep
2:50 PM: Warning: Invalid file - not a PKZip file
2:50 PM: Warning: Invalid file - not a PKZip file
2:50 PM: Warning: Invalid Stream
2:50 PM: Warning: Invalid Stream
2:50 PM: File Sweep Complete, Elapsed Time: 00:25:33
2:50 PM: Full Sweep has completed. Elapsed time 00:29:17
2:50 PM: Traces Found: 28
2:52 PM: Removal process initiated
2:52 PM: Quarantining All Traces: 360i cookie
2:52 PM: Quarantining All Traces: ask cookie
2:52 PM: Quarantining All Traces: atwola cookie
2:52 PM: Quarantining All Traces: bizrate cookie
2:52 PM: Quarantining All Traces: clickxchange adware cookie
2:52 PM: Quarantining All Traces: columbiahouse cookie
2:52 PM: Quarantining All Traces: coolsavings cookie
2:52 PM: Quarantining All Traces: dealtime cookie
2:52 PM: Quarantining All Traces: go.com cookie
2:52 PM: Quarantining All Traces: ic-live cookie
2:52 PM: Quarantining All Traces: megago cookie
2:52 PM: Quarantining All Traces: metareward.com cookie
2:52 PM: Quarantining All Traces: nextag cookie
2:52 PM: Quarantining All Traces: one-time-offer cookie
2:52 PM: Quarantining All Traces: pch cookie
2:52 PM: Quarantining All Traces: pub cookie
2:52 PM: Quarantining All Traces: realmedia cookie
2:52 PM: Quarantining All Traces: reunion cookie
2:52 PM: Quarantining All Traces: sb01 cookie
2:52 PM: Quarantining All Traces: tendollars cookie
2:52 PM: Quarantining All Traces: websponsors cookie
2:52 PM: Removal process completed. Elapsed time 00:00:04
********
2:19 PM: | Start of Session, Wednesday, July 12, 2006 |
2:19 PM: Spy Sweeper started
2:20 PM: Your spyware definitions have been updated.
2:21 PM: | End of Session, Wednesday, July 12, 2006 |
====================================================
Panda ActiveScan results:
Incident Status Location
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Bob Evans\Application Data\Mozilla\Firefox\Profiles\default.di4\cookies.txt[.statcounter.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Bob Evans\Application Data\Mozilla\Firefox\Profiles\default.di4\cookies.txt[.realmedia.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Bob Evans\Application Data\Mozilla\Firefox\Profiles\default.di4\cookies.txt[.go.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Bob Evans\Application Data\Mozilla\Firefox\Profiles\default.di4\cookies.txt[.atwola.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Bob Evans\Application Data\Mozilla\Firefox\Profiles\default.di4\cookies.txt[.apmebf.com/]
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Bob Evans\Application Data\Mozilla\Firefox\Profiles\default.di4\cookies.txt[.bravenet.com/]
Spyware:Cookie/NewMedia Not disinfected C:\Documents and Settings\Bob Evans\Application Data\Mozilla\Firefox\Profiles\default.di4\cookies.txt[.anm.co.uk/]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Bob Evans\Desktop\Unused Desktop Shortcuts\VundoFix\VundoFix\process.exe
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Karen King\Cookies\karen [email protected][2].txt
===============================================
I did an Ewido scan and got some stuff out too, but forgot to save a report of that one, sorry.
Any Help appreciated.
Logfile of HijackThis v1.99.1
Scan saved at 3:32:07 PM, on 7/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\LTMSG.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Firewall\ca.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Documents and Settings\Bob Evans\My Documents\Program Downloads\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Firewall\ca.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.accuradio.com
O15 - Trusted Zone: *.akamai.net
O15 - Trusted Zone: rainweb2.streamguys.com
O15 - Trusted Zone: *.yimg.com
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1093028462573
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1133357826917
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
====================================================
Webroot SpySweeper results:
********
2:21 PM: | Start of Session, Wednesday, July 12, 2006 |
2:21 PM: Spy Sweeper started
2:21 PM: Sweep initiated using definitions version 717
2:21 PM: Starting Memory Sweep
2:24 PM: Memory Sweep Complete, Elapsed Time: 00:03:27
2:24 PM: Starting Registry Sweep
2:25 PM: Registry Sweep Complete, Elapsed Time:00:00:09
2:25 PM: Starting Cookie Sweep
2:25 PM: Found Spy Cookie: websponsors cookie
2:25 PM: karen [email protected][2].txt (ID = 3665)
2:25 PM: Found Spy Cookie: go.com cookie
2:25 PM: karen [email protected][2].txt (ID = 2729)
2:25 PM: Found Spy Cookie: ask cookie
2:25 PM: karen [email protected][2].txt (ID = 2245)
2:25 PM: Found Spy Cookie: atwola cookie
2:25 PM: karen [email protected][1].txt (ID = 2255)
2:25 PM: Found Spy Cookie: bizrate cookie
2:25 PM: karen [email protected][2].txt (ID = 2308)
2:25 PM: Found Spy Cookie: columbiahouse cookie
2:25 PM: karen [email protected][1].txt (ID = 2443)
2:25 PM: Found Spy Cookie: coolsavings cookie
2:25 PM: karen [email protected][2].txt (ID = 2465)
2:25 PM: Found Spy Cookie: 360i cookie
2:25 PM: karen [email protected][2].txt (ID = 1962)
2:25 PM: Found Spy Cookie: dealtime cookie
2:25 PM: karen [email protected][1].txt (ID = 2505)
2:25 PM: karen [email protected][1].txt (ID = 2729)
2:25 PM: karen [email protected][2].txt (ID = 2728)
2:25 PM: Found Spy Cookie: ic-live cookie
2:25 PM: karen [email protected][1].txt (ID = 2821)
2:25 PM: Found Spy Cookie: sb01 cookie
2:25 PM: karen [email protected][2].txt (ID = 3288)
2:25 PM: Found Spy Cookie: metareward.com cookie
2:25 PM: karen [email protected][1].txt (ID = 2990)
2:25 PM: Found Spy Cookie: nextag cookie
2:25 PM: karen [email protected][2].txt (ID = 5014)
2:25 PM: Found Spy Cookie: one-time-offer cookie
2:25 PM: karen [email protected][1].txt (ID = 3095)
2:25 PM: Found Spy Cookie: pub cookie
2:25 PM: karen [email protected][1].txt (ID = 3205)
2:25 PM: Found Spy Cookie: realmedia cookie
2:25 PM: karen [email protected][2].txt (ID = 3235)
2:25 PM: karen [email protected][1].txt (ID = 2729)
2:25 PM: Found Spy Cookie: reunion cookie
2:25 PM: karen [email protected][2].txt (ID = 3255)
2:25 PM: karen [email protected][1].txt (ID = 2729)
2:25 PM: karen [email protected][1].txt (ID = 2729)
2:25 PM: Found Spy Cookie: pch cookie
2:25 PM: karen [email protected][2].txt (ID = 3124)
2:25 PM: karen [email protected][1].txt (ID = 2506)
2:25 PM: Found Spy Cookie: megago cookie
2:25 PM: karen [email protected][1].txt (ID = 2983)
2:25 PM: karen [email protected][1].txt (ID = 2729)
2:25 PM: Found Spy Cookie: clickxchange adware cookie
2:25 PM: karen [email protected][1].txt (ID = 2409)
2:25 PM: Found Spy Cookie: tendollars cookie
2:25 PM: karen [email protected][1].txt (ID = 6367)
2:25 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00
2:25 PM: Starting File Sweep
2:50 PM: Warning: Invalid file - not a PKZip file
2:50 PM: Warning: Invalid file - not a PKZip file
2:50 PM: Warning: Invalid Stream
2:50 PM: Warning: Invalid Stream
2:50 PM: File Sweep Complete, Elapsed Time: 00:25:33
2:50 PM: Full Sweep has completed. Elapsed time 00:29:17
2:50 PM: Traces Found: 28
2:52 PM: Removal process initiated
2:52 PM: Quarantining All Traces: 360i cookie
2:52 PM: Quarantining All Traces: ask cookie
2:52 PM: Quarantining All Traces: atwola cookie
2:52 PM: Quarantining All Traces: bizrate cookie
2:52 PM: Quarantining All Traces: clickxchange adware cookie
2:52 PM: Quarantining All Traces: columbiahouse cookie
2:52 PM: Quarantining All Traces: coolsavings cookie
2:52 PM: Quarantining All Traces: dealtime cookie
2:52 PM: Quarantining All Traces: go.com cookie
2:52 PM: Quarantining All Traces: ic-live cookie
2:52 PM: Quarantining All Traces: megago cookie
2:52 PM: Quarantining All Traces: metareward.com cookie
2:52 PM: Quarantining All Traces: nextag cookie
2:52 PM: Quarantining All Traces: one-time-offer cookie
2:52 PM: Quarantining All Traces: pch cookie
2:52 PM: Quarantining All Traces: pub cookie
2:52 PM: Quarantining All Traces: realmedia cookie
2:52 PM: Quarantining All Traces: reunion cookie
2:52 PM: Quarantining All Traces: sb01 cookie
2:52 PM: Quarantining All Traces: tendollars cookie
2:52 PM: Quarantining All Traces: websponsors cookie
2:52 PM: Removal process completed. Elapsed time 00:00:04
********
2:19 PM: | Start of Session, Wednesday, July 12, 2006 |
2:19 PM: Spy Sweeper started
2:20 PM: Your spyware definitions have been updated.
2:21 PM: | End of Session, Wednesday, July 12, 2006 |
====================================================
Panda ActiveScan results:
Incident Status Location
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Bob Evans\Application Data\Mozilla\Firefox\Profiles\default.di4\cookies.txt[.statcounter.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Bob Evans\Application Data\Mozilla\Firefox\Profiles\default.di4\cookies.txt[.realmedia.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Bob Evans\Application Data\Mozilla\Firefox\Profiles\default.di4\cookies.txt[.go.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Bob Evans\Application Data\Mozilla\Firefox\Profiles\default.di4\cookies.txt[.atwola.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Bob Evans\Application Data\Mozilla\Firefox\Profiles\default.di4\cookies.txt[.apmebf.com/]
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Bob Evans\Application Data\Mozilla\Firefox\Profiles\default.di4\cookies.txt[.bravenet.com/]
Spyware:Cookie/NewMedia Not disinfected C:\Documents and Settings\Bob Evans\Application Data\Mozilla\Firefox\Profiles\default.di4\cookies.txt[.anm.co.uk/]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Bob Evans\Desktop\Unused Desktop Shortcuts\VundoFix\VundoFix\process.exe
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Karen King\Cookies\karen [email protected][2].txt
===============================================
I did an Ewido scan and got some stuff out too, but forgot to save a report of that one, sorry.
Any Help appreciated.