Solved: Slow web surfing and PC slow in general

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

wmacmanus

Thread Starter
Joined
Jul 29, 2006
Messages
24
Hi,
My PC has slowed to a crawl in the past few weeks. About six months ago I got highspeed cable connection and it was very fast, not now tough. :confused:

I read through a bunch of threads and know it all starts with the HJT log, so here it is. Thanks in advance for your efforts.

Regards,
wmac

Logfile of HijackThis v1.99.1
Scan saved at 9:09:14 PM, on 7/29/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\spoolsv.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\Windows\Explorer.EXE
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee\MSC\mctskshd.exe
C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Windows\system32\nvsvc32.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\devldr32.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe
C:\Program Files\HijackThis\hijackthis\HijackThis.exe
C:\Windows\system32\taskmgr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/flash/index.cfm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/flash/index.cfm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptsn.dll
O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - (no file)
O2 - BHO: AIMSite Class - {D70E6A20-7060-4829-B3D7-B6624A1DE7C6} - C:\Program Files\AIM Toolbar\aimhelper.dll (file missing)
O3 - Toolbar: FingerSystem IE Memo - {8D13872E-6174-49C1-B8D2-793F90CCAFAC} - C:\Program Files\Finger System Inc\Fingersystem Ipen Driver\FGIeMemo.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\SiteAdv.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Microsoft WinSound] mkyxcghm.exe
O4 - HKLM\..\Run: [GGZcJAf] C:\documents and settings\heidi macmanus\local settings\temp\GGZcJAf.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunServices: [Microsoft WinUpdate] qjabssbvox.exe
O4 - HKLM\..\RunServices: [Windows Messenger] msmsgs.exe
O4 - HKLM\..\RunServices: [Microsoft WinSound] mkyxcghm.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\Windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [Microsoft WinSound] mkyxcghm.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\ADOBE\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab
O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/games/clients/y/xt0_x.cab
O16 - DPF: Yahoo! Checkers - http://download.games.yahoo.com/games/clients/y/kt4_x.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt3_x.cab
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://site.ebrary.com.library.esc.edu/support/plugins/ebraryRdr.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sdcCommon/download/tgctlcm.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/17362e5515f8649b7819/netzip/RdxIE601.cab
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Extern/RoadRunner/PestScan/pestscan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {6F74F92E-8DD8-4DDE-8FB8-CBB882A68048} (Microsoft Office XP Professional Step by Step Interactive) - file://C:\Program Files\Microsoft Interactive Training\O10C\mitm0026.cab
O16 - DPF: {A30FBBDC-FA29-4606-8565-14AADCCA6708} (Rite Aid One Hour Photo Online Control) - https://photos.riteaid.com/control/RiteAidOneHourPhotoOnline.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} -
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {D06A22B4-6087-4D3D-B7AF-82B113E9ABD4} (CPostLaunch Object) - http://www2.verizon.net/update/msnwebinstall/includes/vzWebIns.CAB
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/shpo/default/shapo.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} -
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O20 - Winlogon Notify: WgaLogon - C:\Windows\SYSTEM32\WgaLogon.dll
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe
O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: WinPPPoverEthernet - Unknown owner - C:\Program Files\Verizon Online\WinPoET\WrOS.EXE (file missing)
 
Joined
Sep 7, 2004
Messages
49,014
Go to the link below and download the trial version of SpySweeper:

SpySweeper http://www.webroot.com/consumer/products/spysweeper/index.html?acode=af1&rc=4129&ac=tsg

* Click the Free Trial link under "SpySweeper" to download the program.
* Install it. Once the program is installed, it will open.
* It will prompt you to update to the latest definitions, click Yes.
* Once the definitions are installed, click Options on the left side.
* Click the Sweep Options tab.
* Under What to Sweep please put a check next to the following:
o Sweep Memory
o Sweep Registry
o Sweep Cookies
o Sweep All User Accounts
o Enable Direct Disk Sweeping
o Sweep Contents of Compressed Files
o Sweep for Rootkits

o Please UNCHECK Do not Sweep System Restore Folder.

* Click Sweep Now on the left side.
* Click the Start button.
* When it's done scanning, click the Next button.
* Make sure everything has a check next to it, then click the Next button.
* It will remove all of the items found.
* Click Session Log in the upper right corner, copy everything in that window.
* Click the Summary tab and click Finish.
* Paste the contents of the session log you copied into your next reply.
Also post a new Hijack This log.
 

wmacmanus

Thread Starter
Joined
Jul 29, 2006
Messages
24
Hi MFDnSC,
The Spy Sweeper log is longer than 30000 characters so it will not let me post it in one piece. I will break it into two posts and reference each piece as 'Spy Sweeper log 060730 part 1' and 'Spy Sweeper log 060730 part 2'. Third I will post the HJT log. Thanks.

Regards,
wmac
 

wmacmanus

Thread Starter
Joined
Jul 29, 2006
Messages
24
Spy Sweeper log 060730 part 1:

12:42 PM: Removal process completed. Elapsed time 00:00:39
12:42 PM: Quarantining All Traces: ysbweb cookie
12:42 PM: Quarantining All Traces: sidefind cookie
12:42 PM: Quarantining All Traces: toprebates.com cookie
12:42 PM: Quarantining All Traces: xxxtoolbar cookie
12:42 PM: Quarantining All Traces: adserver cookie
12:42 PM: Quarantining All Traces: valuead cookie
12:42 PM: Quarantining All Traces: coremetrics cookie
12:42 PM: Quarantining All Traces: trafficmp cookie
12:42 PM: Quarantining All Traces: tradedoubler cookie
12:42 PM: Quarantining All Traces: clicktracks cookie
12:42 PM: Quarantining All Traces: statcounter cookie
12:42 PM: Quarantining All Traces: mediaplex cookie
12:42 PM: Quarantining All Traces: linksynergy cookie
12:42 PM: Quarantining All Traces: centrport net cookie
12:42 PM: Quarantining All Traces: zedo cookie
12:42 PM: Quarantining All Traces: bluestreak cookie
12:42 PM: Quarantining All Traces: falkag cookie
12:42 PM: Quarantining All Traces: advertising cookie
12:42 PM: Quarantining All Traces: pointroll cookie
12:42 PM: Quarantining All Traces: addynamix cookie
12:42 PM: Quarantining All Traces: 247realmedia cookie
12:42 PM: Quarantining All Traces: webtrendslive cookie
12:42 PM: Quarantining All Traces: atlas dmt cookie
12:42 PM: Quarantining All Traces: xren_cj cookie
12:42 PM: Quarantining All Traces: xiti cookie
12:42 PM: Quarantining All Traces: claxonmedia cookie
12:42 PM: Quarantining All Traces: wirefly cookie
12:42 PM: Quarantining All Traces: screensavers.com cookie
12:42 PM: Quarantining All Traces: redzip cookie
12:42 PM: Quarantining All Traces: freepassbucks cookie
12:42 PM: Quarantining All Traces: burstbeacon cookie
12:42 PM: Quarantining All Traces: webpower cookie
12:42 PM: Quarantining All Traces: videodome cookie
12:42 PM: Quarantining All Traces: uproar cookie
12:42 PM: Quarantining All Traces: reliablestats cookie
12:42 PM: Quarantining All Traces: dealtime cookie
12:42 PM: Quarantining All Traces: serving-sys cookie
12:42 PM: Quarantining All Traces: web-stat cookie
12:42 PM: Quarantining All Traces: adjuggler cookie
12:42 PM: Quarantining All Traces: directtrack cookie
12:42 PM: Quarantining All Traces: questionmarket cookie
12:42 PM: Quarantining All Traces: partypoker cookie
12:42 PM: Quarantining All Traces: outster cookie
12:42 PM: Quarantining All Traces: offeroptimizer cookie
12:42 PM: Quarantining All Traces: nextag cookie
12:42 PM: Quarantining All Traces: realmedia cookie
12:42 PM: Quarantining All Traces: aptimus cookie
12:42 PM: Quarantining All Traces: mygeek cookie
12:42 PM: Quarantining All Traces: military cookie
12:42 PM: Quarantining All Traces: adrevolver cookie
12:42 PM: Quarantining All Traces: webtrends cookie
12:42 PM: Quarantining All Traces: kmpads cookie
12:42 PM: Quarantining All Traces: kinghost cookie
12:42 PM: Quarantining All Traces: sb01 cookie
12:42 PM: Quarantining All Traces: inqwire cookie
12:42 PM: Quarantining All Traces: infospace cookie
12:42 PM: Quarantining All Traces: imlive.com cookie
12:42 PM: Quarantining All Traces: ic-live cookie
12:42 PM: Quarantining All Traces: hypertracker.com cookie
12:42 PM: Quarantining All Traces: homestore cookie
12:42 PM: Quarantining All Traces: clickandtrack cookie
12:42 PM: Quarantining All Traces: starware.com cookie
12:42 PM: Quarantining All Traces: goldenpalace cookie
12:42 PM: Quarantining All Traces: wegcash cookie
12:42 PM: Quarantining All Traces: fastclick cookie
12:42 PM: Quarantining All Traces: ru4 cookie
12:42 PM: Quarantining All Traces: did-it cookie
12:42 PM: Quarantining All Traces: overture cookie
12:42 PM: Quarantining All Traces: clickzs cookie
12:42 PM: Quarantining All Traces: paypopup cookie
12:42 PM: Quarantining All Traces: exitexchange cookie
12:42 PM: Quarantining All Traces: coolsavings cookie
12:42 PM: Quarantining All Traces: classmates cookie
12:42 PM: Quarantining All Traces: ccbill cookie
12:42 PM: Quarantining All Traces: cassava cookie
12:42 PM: Quarantining All Traces: enhance cookie
12:42 PM: Quarantining All Traces: burstnet cookie
12:42 PM: Quarantining All Traces: bizrate cookie
12:42 PM: Quarantining All Traces: bannerspace cookie
12:42 PM: Quarantining All Traces: azjmp cookie
12:42 PM: Quarantining All Traces: atwola cookie
12:42 PM: Quarantining All Traces: belnk cookie
12:42 PM: Quarantining All Traces: ask cookie
12:42 PM: Quarantining All Traces: askmen cookie
12:42 PM: Quarantining All Traces: casalemedia cookie
12:42 PM: Quarantining All Traces: tacoda cookie
12:42 PM: Quarantining All Traces: reunion cookie
12:42 PM: Quarantining All Traces: primaryads cookie
12:42 PM: Quarantining All Traces: adultrevenueservice cookie
12:42 PM: Quarantining All Traces: adultfriendfinder cookie
12:42 PM: Quarantining All Traces: cc214142 cookie
12:42 PM: Quarantining All Traces: specificclick.com cookie
12:42 PM: Quarantining All Traces: hotbar cookie
12:42 PM: Quarantining All Traces: hbmediapro cookie
12:42 PM: Quarantining All Traces: adlegend cookie
12:42 PM: Quarantining All Traces: adknowledge cookie
12:42 PM: Quarantining All Traces: adecn cookie
12:42 PM: Quarantining All Traces: yieldmanager cookie
12:42 PM: Quarantining All Traces: about cookie
12:42 PM: Quarantining All Traces: go.com cookie
12:42 PM: Quarantining All Traces: websponsors cookie
12:42 PM: Quarantining All Traces: tribalfusion cookie
12:42 PM: Quarantining All Traces: 888 cookie
12:42 PM: Quarantining All Traces: 2o7.net cookie
12:42 PM: Quarantining All Traces: ist powerscan
12:42 PM: Quarantining All Traces: wildmedia
12:41 PM: Removal process initiated
 

wmacmanus

Thread Starter
Joined
Jul 29, 2006
Messages
24
Spy Sweeper log 060730 part 2:

12:35 PM: Traces Found: 205
12:35 PM: Full Sweep has completed. Elapsed time 00:32:16
12:35 PM: File Sweep Complete, Elapsed Time: 00:28:38
12:28 PM: Warning: Failed to access drive E:
12:28 PM: Warning: Failed to access drive D:
12:27 PM: Warning: Failed to open file "c:\windows\temp\sqlite_kegyez1nfhzzxvv". The operation completed successfully
12:27 PM: Warning: Failed to open file "c:\windows\temp\sqlite_lge37vcwv1nmmhv". The operation completed successfully
12:27 PM: C:\Power Scan\Power Scan.lnk (ID = 72676)
12:27 PM: Found Adware: ist powerscan
12:07 PM: Starting File Sweep
12:07 PM: Warning: Failed to access drive A:
12:07 PM: Cookie Sweep Complete, Elapsed Time: 00:00:12
12:07 PM: c:\documents and settings\localservice\cookies\[email protected][2].txt (ID = 3756)
12:07 PM: Found Spy Cookie: ysbweb cookie
12:07 PM: c:\documents and settings\localservice\cookies\[email protected][1].txt (ID = 3740)
12:07 PM: c:\documents and settings\localservice\cookies\[email protected][2].txt (ID = 3374)
12:07 PM: Found Spy Cookie: sidefind cookie
12:07 PM: c:\documents and settings\localservice\cookies\[email protected][2].txt (ID = 3561)
12:07 PM: Found Spy Cookie: toprebates.com cookie
12:07 PM: c:\documents and settings\localservice\cookies\[email protected][1].txt (ID = 3740)
12:07 PM: Found Spy Cookie: xxxtoolbar cookie
12:07 PM: c:\documents and settings\wyatt macmanus\cookies\[email protected][1].txt (ID = 3447)
12:07 PM: c:\documents and settings\wyatt macmanus\cookies\[email protected][1].txt (ID = 2284)
12:07 PM: c:\documents and settings\wyatt macmanus\cookies\[email protected][2].txt (ID = 3665)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 3762)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 2142)
12:07 PM: Found Spy Cookie: adserver cookie
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 2337)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 2335)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 3627)
12:07 PM: Found Spy Cookie: valuead cookie
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 2472)
12:07 PM: Found Spy Cookie: coremetrics cookie
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 3589)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 3581)
12:07 PM: Found Spy Cookie: trafficmp cookie
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 3575)
12:07 PM: Found Spy Cookie: tradedoubler cookie
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 6444)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 3667)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 2407)
12:07 PM: Found Spy Cookie: clicktracks cookie
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 3447)
12:07 PM: Found Spy Cookie: statcounter cookie
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 3343)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 3235)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 3217)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 3106)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 3105)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 3087)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 5014)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 1958)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 1958)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 6442)
12:07 PM: Found Spy Cookie: mediaplex cookie
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][3].txt (ID = 2089)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 2089)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 3669)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 2926)
12:07 PM: Found Spy Cookie: linksynergy cookie
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 2909)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 2728)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 2651)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 1958)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 3269)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 3106)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 3106)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 2374)
12:07 PM: Found Spy Cookie: centrport net cookie
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 2354)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 3763)
12:07 PM: Found Spy Cookie: zedo cookie
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 2336)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 2314)
12:07 PM: Found Spy Cookie: bluestreak cookie
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 2292)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 2255)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 2253)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 2245)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 2355)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 2650)
12:07 PM: Found Spy Cookie: falkag cookie
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 2175)
12:07 PM: Found Spy Cookie: advertising cookie
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 3148)
12:07 PM: Found Spy Cookie: pointroll cookie
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 2062)
12:07 PM: Found Spy Cookie: addynamix cookie
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 2088)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 3400)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 2768)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 2072)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 3751)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 1957)
12:07 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 1953)
12:07 PM: Found Spy Cookie: 247realmedia cookie
12:07 PM: c:\documents and settings\the real boss\cookies\[email protected][2].txt (ID = 3667)
12:07 PM: Found Spy Cookie: webtrendslive cookie
12:07 PM: c:\documents and settings\the real boss\cookies\[email protected][1].txt (ID = 1958)
12:07 PM: c:\documents and settings\the real boss\cookies\[email protected][1].txt (ID = 1958)
12:07 PM: c:\documents and settings\the real boss\cookies\[email protected][2].txt (ID = 3669)
12:07 PM: c:\documents and settings\the real boss\cookies\[email protected][2].txt (ID = 2253)
12:07 PM: Found Spy Cookie: atlas dmt cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 3749)
12:07 PM: c:\documents and settings\guest\cookies\[email protected]_cj[2].txt (ID = 3723)
12:07 PM: Found Spy Cookie: xren_cj cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 3717)
12:07 PM: Found Spy Cookie: xiti cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2389)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2388)
12:07 PM: Found Spy Cookie: claxonmedia cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 3694)
12:07 PM: Found Spy Cookie: wirefly cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 3298)
12:07 PM: Found Spy Cookie: screensavers.com cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 3256)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 3250)
12:07 PM: Found Spy Cookie: redzip cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2702)
12:07 PM: Found Spy Cookie: freepassbucks cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2729)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2337)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2335)
12:07 PM: Found Spy Cookie: burstbeacon cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 3660)
12:07 PM: Found Spy Cookie: webpower cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2038)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2413)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 3638)
12:07 PM: Found Spy Cookie: videodome cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 3612)
12:07 PM: Found Spy Cookie: uproar cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 3442)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 1958)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 6444)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 3254)
12:07 PM: Found Spy Cookie: reliablestats cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2506)
12:07 PM: Found Spy Cookie: dealtime cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 3343)
12:07 PM: Found Spy Cookie: serving-sys cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 3649)
12:07 PM: Found Spy Cookie: web-stat cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2729)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2729)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2309)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2071)
12:07 PM: Found Spy Cookie: adjuggler cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 3255)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 1958)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2528)
12:07 PM: Found Spy Cookie: directtrack cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 3217)
12:07 PM: Found Spy Cookie: questionmarket cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 3682)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 1958)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2038)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2844)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 3111)
12:07 PM: Found Spy Cookie: partypoker cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 1958)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2038)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 3103)
12:07 PM: Found Spy Cookie: outster cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 3087)
12:07 PM: Found Spy Cookie: offeroptimizer cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 5014)
12:07 PM: Found Spy Cookie: nextag cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 3236)
12:07 PM: Found Spy Cookie: realmedia cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2235)
12:07 PM: Found Spy Cookie: aptimus cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 3041)
12:07 PM: Found Spy Cookie: mygeek cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 1958)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 1958)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2996)
12:07 PM: Found Spy Cookie: military cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2089)
12:07 PM: Found Spy Cookie: adrevolver cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 3669)
12:07 PM: Found Spy Cookie: webtrends cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2038)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2909)
12:07 PM: Found Spy Cookie: kmpads cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2903)
12:07 PM: Found Spy Cookie: kinghost cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 3288)
12:07 PM: Found Spy Cookie: sb01 cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2867)
12:07 PM: Found Spy Cookie: inqwire cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2865)
12:07 PM: Found Spy Cookie: infospace cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2843)
12:07 PM: Found Spy Cookie: imlive.com cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2821)
12:07 PM: Found Spy Cookie: ic-live cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2817)
12:07 PM: Found Spy Cookie: hypertracker.com cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2793)
12:07 PM: Found Spy Cookie: homestore cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2038)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2397)
12:07 PM: Found Spy Cookie: clickandtrack cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 3442)
12:07 PM: Found Spy Cookie: starware.com cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2728)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2728)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2734)
12:07 PM: Found Spy Cookie: goldenpalace cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 3682)
12:07 PM: Found Spy Cookie: wegcash cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2651)
12:07 PM: Found Spy Cookie: fastclick cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2038)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2633)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2038)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 1958)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 1958)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 3269)
12:07 PM: Found Spy Cookie: ru4 cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 1958)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2293)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2729)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2523)
12:07 PM: Found Spy Cookie: did-it cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 3106)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 3106)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 3106)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 3106)
12:07 PM: Found Spy Cookie: overture cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2413)
12:07 PM: Found Spy Cookie: clickzs cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 3120)
12:07 PM: Found Spy Cookie: paypopup cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2634)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2634)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2634)
12:07 PM: Found Spy Cookie: exitexchange cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2465)
12:07 PM: Found Spy Cookie: coolsavings cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 1958)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2384)
12:07 PM: Found Spy Cookie: classmates cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 1958)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2038)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2369)
12:07 PM: Found Spy Cookie: ccbill cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 1958)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2362)
12:07 PM: Found Spy Cookie: cassava cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2354)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2038)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2614)
12:07 PM: Found Spy Cookie: enhance cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2336)
12:07 PM: Found Spy Cookie: burstnet cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 1958)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2308)
12:07 PM: Found Spy Cookie: bizrate cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2038)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2292)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2038)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2284)
12:07 PM: Found Spy Cookie: bannerspace cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2270)
12:07 PM: Found Spy Cookie: azjmp cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2255)
12:07 PM: Found Spy Cookie: atwola cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2293)
12:07 PM: Found Spy Cookie: belnk cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2245)
12:07 PM: Found Spy Cookie: ask cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2247)
12:07 PM: Found Spy Cookie: askmen cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2355)
12:07 PM: Found Spy Cookie: casalemedia cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 6445)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 6445)
12:07 PM: Found Spy Cookie: tacoda cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 3256)
12:07 PM: Found Spy Cookie: reunion cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 3190)
12:07 PM: Found Spy Cookie: primaryads cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2167)
12:07 PM: Found Spy Cookie: adultrevenueservice cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2165)
12:07 PM: Found Spy Cookie: adultfriendfinder cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2367)
12:07 PM: Found Spy Cookie: cc214142 cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 3400)
12:07 PM: Found Spy Cookie: specificclick.com cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 4207)
12:07 PM: Found Spy Cookie: hotbar cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2768)
12:07 PM: Found Spy Cookie: hbmediapro cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2074)
12:07 PM: Found Spy Cookie: adlegend cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2072)
12:07 PM: Found Spy Cookie: adknowledge cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2063)
12:07 PM: Found Spy Cookie: adecn cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 1958)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 3751)
12:07 PM: Found Spy Cookie: yieldmanager cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2037)
12:07 PM: Found Spy Cookie: about cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2729)
12:07 PM: Found Spy Cookie: go.com cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 3665)
12:07 PM: Found Spy Cookie: websponsors cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 3590)
12:07 PM: Found Spy Cookie: tribalfusion cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][2].txt (ID = 2019)
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 2019)
12:07 PM: Found Spy Cookie: 888 cookie
12:07 PM: c:\documents and settings\guest\cookies\[email protected][1].txt (ID = 1957)
12:07 PM: Found Spy Cookie: 2o7.net cookie
12:07 PM: Starting Cookie Sweep
12:06 PM: Registry Sweep Complete, Elapsed Time:00:00:39
12:06 PM: HKLM\software\classes\interface\{851f86c9-d3cc-4574-93f5-40e2d65159e4}\ (ID = 146709)
12:06 PM: HKCR\interface\{851f86c9-d3cc-4574-93f5-40e2d65159e4}\ (ID = 146695)
12:06 PM: Found Adware: wildmedia
12:06 PM: Starting Registry Sweep
12:06 PM: Memory Sweep Complete, Elapsed Time: 00:02:26
12:03 PM: Starting Memory Sweep
12:03 PM: Sweep initiated using definitions version 691
12:03 PM: Spy Sweeper 5.0.5.1286 started
12:03 PM: | Start of Session, Sunday, July 30, 2006 |
********
12:03 PM: | End of Session, Sunday, July 30, 2006 |
11:57 AM: BHO Shield: found: -- BHO installation allowed at user request
Keylogger Shield: On
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites Shield: Off
Hosts File Shield: On
Spy Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
11:56 AM: Shield States
11:56 AM: Spyware Definitions: 691
11:55 AM: Spy Sweeper 5.0.5.1286 started
11:55 AM: Spy Sweeper 5.0.5.1286 started
11:55 AM: | Start of Session, Sunday, July 30, 2006 |
********
 

wmacmanus

Thread Starter
Joined
Jul 29, 2006
Messages
24
HJT log 060730 - complete:

Logfile of HijackThis v1.99.1
Scan saved at 12:45:42 PM, on 7/30/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\spoolsv.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\Windows\Explorer.EXE
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\PROGRA~1\McAfee\MSC\mctskshd.exe
C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Windows\system32\devldr32.exe
C:\Windows\system32\nvsvc32.exe
C:\Windows\System32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Windows\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\HijackThis\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/flash/index.cfm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/flash/index.cfm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptsn.dll
O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - (no file)
O2 - BHO: AIMSite Class - {D70E6A20-7060-4829-B3D7-B6624A1DE7C6} - C:\Program Files\AIM Toolbar\aimhelper.dll (file missing)
O3 - Toolbar: FingerSystem IE Memo - {8D13872E-6174-49C1-B8D2-793F90CCAFAC} - C:\Program Files\Finger System Inc\Fingersystem Ipen Driver\FGIeMemo.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\SiteAdv.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Microsoft WinSound] mkyxcghm.exe
O4 - HKLM\..\Run: [GGZcJAf] C:\documents and settings\heidi macmanus\local settings\temp\GGZcJAf.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\RunServices: [Microsoft WinUpdate] qjabssbvox.exe
O4 - HKLM\..\RunServices: [Windows Messenger] msmsgs.exe
O4 - HKLM\..\RunServices: [Microsoft WinSound] mkyxcghm.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\Windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [Microsoft WinSound] mkyxcghm.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [SpybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\ADOBE\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab
O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/games/clients/y/xt0_x.cab
O16 - DPF: Yahoo! Checkers - http://download.games.yahoo.com/games/clients/y/kt4_x.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt3_x.cab
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://site.ebrary.com.library.esc.edu/support/plugins/ebraryRdr.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sdcCommon/download/tgctlcm.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/17362e5515f8649b7819/netzip/RdxIE601.cab
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Extern/RoadRunner/PestScan/pestscan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {6F74F92E-8DD8-4DDE-8FB8-CBB882A68048} (Microsoft Office XP Professional Step by Step Interactive) - file://C:\Program Files\Microsoft Interactive Training\O10C\mitm0026.cab
O16 - DPF: {A30FBBDC-FA29-4606-8565-14AADCCA6708} (Rite Aid One Hour Photo Online Control) - https://photos.riteaid.com/control/RiteAidOneHourPhotoOnline.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} -
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {D06A22B4-6087-4D3D-B7AF-82B113E9ABD4} (CPostLaunch Object) - http://www2.verizon.net/update/msnwebinstall/includes/vzWebIns.CAB
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/shpo/default/shapo.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} -
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O20 - Winlogon Notify: WgaLogon - C:\Windows\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\Windows\SYSTEM32\WRLogonNTF.dll
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe
O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: WinPPPoverEthernet - Unknown owner - C:\Program Files\Verizon Online\WinPoET\WrOS.EXE (file missing)

**********************************************************************************************************************************

Thanks Again!
 
Joined
Sep 7, 2004
Messages
49,014
You may want to print this or save it to notepad as we will go to safe mode.

Fix these with HJT – mark them, close IE, click fix checked

O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - (no file)

O4 - HKLM\..\Run: [Microsoft WinSound] mkyxcghm.exe

O4 - HKLM\..\Run: [GGZcJAf] C:\documents and settings\heidi macmanus\local settings\temp\GGZcJAf.exe

O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 –u

O4 - HKLM\..\RunServices: [Microsoft WinUpdate] qjabssbvox.exe

O4 - HKLM\..\RunServices: [Windows Messenger] msmsgs.exe

O4 - HKLM\..\RunServices: [Microsoft WinSound] mkyxcghm.exe

O4 - HKCU\..\Run: [Microsoft WinSound] mkyxcghm.exe


O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/17362e55...p/RdxIE601.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} -

DownLoad http://www.downloads.subratam.org/KillBox.zip

Restart your computer into safe mode now. (Tapping F8 at the first black screen) Perform the following steps in safe mode:

Double-click on Killbox.exe to run it. Now put a tick by Standard File Kill. In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time then click on the button that has the red circle with the X in the middle after you enter each file. It will ask for confimation to delete the file. Click Yes. Continue with that same procedure until you have copied and pasted all of these in the "Paste Full Path of File to Delete" box.


C:\documents and settings\heidi macmanus\local settings\temp\GGZcJAf.exe
C:\Windows\System32\qjabssbvox.exe
C:\Windows\System32\ smsgs.exe
C:\Windows\System32\mkyxcghm.exe


Note: It is possible that Killbox will tell you that one or more files do not exist. If that happens, just continue on with all the files. Be sure you don't miss any.

START – RUN – type in %temp% - OK - Edit – Select all – File – Delete

Delete everything in the C:\Windows\Temp folder or C:\WINNT\temp

Not all temp files will delete and that is normal
Empty the recycle bin
Boot and post a new log from normal NOT safe mode

Please give feedback on what worked/didn’t work and the current status of your system
 

wmacmanus

Thread Starter
Joined
Jul 29, 2006
Messages
24
For all the files you listed for Killbox, each of them I recieved the message that the file does not exist.

When deleting the temp files, as you said, not all deleted; the three that did not were: 1. "sqlite_relHIOpC3xRkQNY", 2. "sqlite_UlvXXo67WtWKSsB", and 3. "sqlite_zGN3g24dHIbfLvq".

A fourth gave the message that it could not be deleted but when I tried it individually it did, this one was called "sqlite_0HUMfhBEYcF3wxb".

As far as status, I think you mean is it still slow. Yes, it is still very slow, with no noticable improvement. I hope that I did everthing listed in your directions correctly, I think I did.

HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 6:53:15 PM, on 7/30/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\spoolsv.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
C:\Windows\Explorer.EXE
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\PROGRA~1\McAfee\MSC\mctskshd.exe
C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Windows\system32\nvsvc32.exe
C:\Windows\System32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Windows\system32\devldr32.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Windows\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Windows\System32\svchost.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\HijackThis\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/flash/index.cfm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/flash/index.cfm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptsn.dll
O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - (no file)
O2 - BHO: AIMSite Class - {D70E6A20-7060-4829-B3D7-B6624A1DE7C6} - C:\Program Files\AIM Toolbar\aimhelper.dll (file missing)
O3 - Toolbar: FingerSystem IE Memo - {8D13872E-6174-49C1-B8D2-793F90CCAFAC} - C:\Program Files\Finger System Inc\Fingersystem Ipen Driver\FGIeMemo.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\SiteAdv.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\Windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [SpybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\ADOBE\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab
O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/games/clients/y/xt0_x.cab
O16 - DPF: Yahoo! Checkers - http://download.games.yahoo.com/games/clients/y/kt4_x.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt3_x.cab
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://site.ebrary.com.library.esc.edu/support/plugins/ebraryRdr.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sdcCommon/download/tgctlcm.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Extern/RoadRunner/PestScan/pestscan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} -
O16 - DPF: {6F74F92E-8DD8-4DDE-8FB8-CBB882A68048} (Microsoft Office XP Professional Step by Step Interactive) - file://C:\Program Files\Microsoft Interactive Training\O10C\mitm0026.cab
O16 - DPF: {A30FBBDC-FA29-4606-8565-14AADCCA6708} (Rite Aid One Hour Photo Online Control) - https://photos.riteaid.com/control/RiteAidOneHourPhotoOnline.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} -
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {D06A22B4-6087-4D3D-B7AF-82B113E9ABD4} (CPostLaunch Object) - http://www2.verizon.net/update/msnwebinstall/includes/vzWebIns.CAB
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/shpo/default/shapo.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} -
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O20 - Winlogon Notify: WgaLogon - C:\Windows\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\Windows\SYSTEM32\WRLogonNTF.dll
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe
O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: WinPPPoverEthernet - Unknown owner - C:\Program Files\Verizon Online\WinPoET\WrOS.EXE (file missing)
 

wmacmanus

Thread Starter
Joined
Jul 29, 2006
Messages
24
Hi MFDnSC,
Actually I do notice that there is some improvement in terms of speed on the internet. It isn't close to what it was when I first got my cable connection but there definetely is improvement.

Regards,
wmac
 

wmacmanus

Thread Starter
Joined
Jul 29, 2006
Messages
24
Activescan:


Incident Status Location

Adware:adware/exact.bargainbuddy Not disinfected Windows Registry
Adware:adware/dyfuca Not disinfected Windows Registry
Adware:adware/ist.istbar Not disinfected Windows Registry
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\All Users\Documents\My Documents\eFax Messenger 4.0\Mozilla\Firefox\Profiles\juptl8zc.default\cookies.txt[server.iad.liveperson.net/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\All Users\Documents\My Documents\eFax Messenger 4.0\Mozilla\Firefox\Profiles\juptl8zc.default\cookies.txt[.2o7.net/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\All Users\Documents\My Documents\eFax Messenger 4.0\Mozilla\Firefox\Profiles\juptl8zc.default\cookies.txt[.advertising.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\All Users\Documents\My Documents\eFax Messenger 4.0\Mozilla\Firefox\Profiles\juptl8zc.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\All Users\Documents\My Documents\eFax Messenger 4.0\Mozilla\Firefox\Profiles\juptl8zc.default\cookies.txt[.doubleclick.net/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\All Users\Documents\My Documents\eFax Messenger 4.0\Mozilla\Firefox\Profiles\juptl8zc.default\cookies.txt[statse.webtrendslive.com/]
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\All Users\Documents\My Documents\eFax Messenger 4.0\Mozilla\Firefox\Profiles\juptl8zc.default\cookies.txt[.statcounter.com/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\All Users\Documents\My Documents\eFax Messenger 4.0\Mozilla\Firefox\Profiles\juptl8zc.default\cookies.txt[server.iad.liveperson.net/hc/75988523]
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\All Users\Documents\My Documents\eFax Messenger 4.0\Mozilla\Firefox\Profiles\juptl8zc.default\cookies.txt[.did-it.com/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\All Users\Documents\My Documents\eFax Messenger 4.0\Mozilla\Firefox\Profiles\juptl8zc.default\cookies.txt[statse.webtrendslive.com/S113857]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\All Users\Documents\My Documents\eFax Messenger 4.0\Mozilla\Firefox\Profiles\juptl8zc.default\cookies.txt[statse.webtrendslive.com/S115270]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\All Users\Documents\My Documents\eFax Messenger 4.0\Mozilla\Firefox\Profiles\juptl8zc.default\cookies.txt[statse.webtrendslive.com/dcsi8dupuerp17vzhd59b2lwc_8u5u]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\xppflfoo.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\xppflfoo.default\cookies.txt[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\xppflfoo.default\cookies.txt[.casalemedia.com/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Guest\Cookies\[email protected][1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
Spyware:Cookie/Entrepreneur Not disinfected C:\Documents and Settings\Guest\Cookies\[email protected][1].txt
Spyware:Cookie/Errorguard Not disinfected C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Guest\Cookies\[email protected][1].txt
Spyware:Cookie/Itrack Not disinfected C:\Documents and Settings\Guest\Cookies\[email protected][1].txt
Spyware:Cookie/Media-motor Not disinfected C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Guest\Cookies\[email protected][1].txt
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Kids.VPRMATRIX\Cookies\[email protected][1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Kids.VPRMATRIX\Cookies\[email protected][2].txt
Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Kids.VPRMATRIX\Cookies\[email protected][1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Kids.VPRMATRIX\Cookies\[email protected][2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Kids.VPRMATRIX\Cookies\[email protected][1].txt
Spyware:Cookie/Entrepreneur Not disinfected C:\Documents and Settings\Kids.VPRMATRIX\Cookies\[email protected][2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Kids.VPRMATRIX\Cookies\[email protected][2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Kids.VPRMATRIX\Cookies\[email protected][2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Kids.VPRMATRIX\Cookies\[email protected][1].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Kids.VPRMATRIX\Cookies\[email protected][1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Kids.VPRMATRIX\Cookies\[email protected][2].txt
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Kids.VPRMATRIX\Cookies\[email protected][2].txt
 

wmacmanus

Thread Starter
Joined
Jul 29, 2006
Messages
24
HJT log after Activescan:

Logfile of HijackThis v1.99.1
Scan saved at 12:11:14 AM, on 7/31/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\spoolsv.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
C:\Windows\Explorer.EXE
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\PROGRA~1\McAfee\MSC\mctskshd.exe
C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Windows\system32\nvsvc32.exe
C:\Windows\System32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Windows\system32\devldr32.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Windows\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\SiteAdvisor\SiteAdv.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\HijackThis\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/flash/index.cfm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/flash/index.cfm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptsn.dll
O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - (no file)
O2 - BHO: AIMSite Class - {D70E6A20-7060-4829-B3D7-B6624A1DE7C6} - C:\Program Files\AIM Toolbar\aimhelper.dll (file missing)
O3 - Toolbar: FingerSystem IE Memo - {8D13872E-6174-49C1-B8D2-793F90CCAFAC} - C:\Program Files\Finger System Inc\Fingersystem Ipen Driver\FGIeMemo.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\SiteAdv.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\Windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [SpybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\ADOBE\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab
O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/games/clients/y/xt0_x.cab
O16 - DPF: Yahoo! Checkers - http://download.games.yahoo.com/games/clients/y/kt4_x.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt3_x.cab
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://site.ebrary.com.library.esc.edu/support/plugins/ebraryRdr.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sdcCommon/download/tgctlcm.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Extern/RoadRunner/PestScan/pestscan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} -
O16 - DPF: {6F74F92E-8DD8-4DDE-8FB8-CBB882A68048} (Microsoft Office XP Professional Step by Step Interactive) - file://C:\Program Files\Microsoft Interactive Training\O10C\mitm0026.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A30FBBDC-FA29-4606-8565-14AADCCA6708} (Rite Aid One Hour Photo Online Control) - https://photos.riteaid.com/control/RiteAidOneHourPhotoOnline.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} -
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {D06A22B4-6087-4D3D-B7AF-82B113E9ABD4} (CPostLaunch Object) - http://www2.verizon.net/update/msnwebinstall/includes/vzWebIns.CAB
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/shpo/default/shapo.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} -
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O20 - Winlogon Notify: WgaLogon - C:\Windows\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\Windows\SYSTEM32\WRLogonNTF.dll
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe
O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: WinPPPoverEthernet - Unknown owner - C:\Program Files\Verizon Online\WinPoET\WrOS.EXE (file missing)
 
Joined
Sep 7, 2004
Messages
49,014
DownLoad EasyCleaner http://www.majorgeeks.com/download414.html

Use the clear files and Unnecessary files buttons – I do not recommend
using the Duplicates files button
as many dupes are there on purpose.

Not all files will delete – that is normal.

In the unnecessary button I check the top 4 entries
=================
Run spysweeper again
 

wmacmanus

Thread Starter
Joined
Jul 29, 2006
Messages
24
I completed the EasyCleaner, but did the registry too before I realized it wasn't listed in your instructions. Hope it isn't a set back to seeing something in the SpySweeper or HJT log, or something worse.

SpySweeper log 060731 part 1:

12:21 AM: Removal process completed. Elapsed time 00:00:35
12:21 AM: Quarantining All Traces: tribalfusion cookie
12:21 AM: Quarantining All Traces: tradedoubler cookie
12:21 AM: Quarantining All Traces: realmedia cookie
12:21 AM: Quarantining All Traces: fastclick cookie
12:21 AM: Quarantining All Traces: casalemedia cookie
12:21 AM: Quarantining All Traces: atlas dmt cookie
12:21 AM: Quarantining All Traces: advertising cookie
12:21 AM: Quarantining All Traces: ieplugin
12:20 AM: Removal process initiated
12:20 AM: Traces Found: 8
12:20 AM: Full Sweep has completed. Elapsed time 00:35:08
12:20 AM: File Sweep Complete, Elapsed Time: 00:29:31
12:18 AM: Warning: Failed to access drive E:
12:18 AM: Warning: Failed to access drive D:
12:16 AM: Warning: Failed to open file "c:\windows\temp\sqlite_f0sjhrn54qq802o". The operation completed successfully
12:15 AM: Warning: Failed to open file "c:\windows\temp\sqlite_ypvxgqe53q3f1fx". The operation completed successfully
12:15 AM: Warning: Failed to open file "c:\windows\temp\sqlite_0xqz5yqrd2ba6cu". The operation completed successfully
11:50 PM: Starting File Sweep
11:50 PM: Warning: Failed to access drive A:
11:50 PM: Cookie Sweep Complete, Elapsed Time: 00:00:02
11:50 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 3589)
11:50 PM: Found Spy Cookie: tribalfusion cookie
11:50 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 3575)
11:50 PM: Found Spy Cookie: tradedoubler cookie
11:50 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 3235)
11:50 PM: Found Spy Cookie: realmedia cookie
11:50 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 2651)
11:50 PM: Found Spy Cookie: fastclick cookie
11:50 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 2354)
11:50 PM: Found Spy Cookie: casalemedia cookie
11:50 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][2].txt (ID = 2253)
11:50 PM: Found Spy Cookie: atlas dmt cookie
11:50 PM: c:\documents and settings\kids.vprmatrix\cookies\[email protected][1].txt (ID = 2175)
11:50 PM: Found Spy Cookie: advertising cookie
11:50 PM: Starting Cookie Sweep
11:50 PM: Registry Sweep Complete, Elapsed Time:00:01:00
11:50 PM: HKU\S-1-5-21-515967899-2147208695-725345543-1004\software\microsoft\search assistant\ || defaultsearchurl (ID = 841067)
11:50 PM: Found Adware: ieplugin
11:49 PM: Starting Registry Sweep
11:49 PM: Memory Sweep Complete, Elapsed Time: 00:04:15
11:45 PM: Starting Memory Sweep
11:45 PM: Sweep initiated using definitions version 730
11:45 PM: Spy Sweeper 5.0.5.1286 started
11:45 PM: | Start of Session, Monday, July 31, 2006 |
********
11:45 PM: | End of Session, Monday, July 31, 2006 |
11:43 PM: Your spyware definitions have been updated.
Operation: File Access
Target:
Source: C:\PROGRA~1\MCAFEE\VIRUSS~1\MCSHIELD.EXE
11:43 PM: Tamper Detection
Keylogger Shield: On
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites Shield: Off
Hosts File Shield: On
Spy Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
11:42 PM: Shield States
11:42 PM: Spyware Definitions: 691
11:42 PM: Spy Sweeper 5.0.5.1286 started
10:01 PM: There is a problem reaching the server. The cause may be in your connection, or on the server. Please try again later.
10:00 PM: Automated check for program update in progress.
Keylogger Shield: On
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites Shield: Off
Hosts File Shield: On
Spy Communication Shield: On
9:59 PM: Warning: The handle is invalid
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
9:59 PM: Shield States
9:59 PM: Spyware Definitions: 691
9:59 PM: Spy Sweeper 5.0.5.1286 started
Operation: File Access
Target:
Source: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
8:54 PM: Tamper Detection
Keylogger Shield: On
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites Shield: Off
Hosts File Shield: On
Spy Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
6:51 PM: Shield States
6:51 PM: Spyware Definitions: 691
6:51 PM: Spy Sweeper 5.0.5.1286 started
Operation: Terminate
Target: C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SPYSWEEPERUI.EXE
Source: C:\WINDOWS\SYSTEM32\CSRSS.EXE
6:49 PM: Tamper Detection
Operation: Terminate
Target: C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SPYSWEEPERUI.EXE
Source: C:\WINDOWS\SYSTEM32\CSRSS.EXE
6:49 PM: Tamper Detection
Keylogger Shield: On
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites Shield: Off
Hosts File Shield: On
Spy Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
6:16 PM: Shield States
6:16 PM: Spyware Definitions: 691
6:16 PM: Spy Sweeper 5.0.5.1286 started
12:03 PM: | End of Session, Sunday, July 30, 2006 |
11:57 AM: BHO Shield: found: -- BHO installation allowed at user request
Keylogger Shield: On
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites Shield: Off
Hosts File Shield: On
Spy Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
11:56 AM: Shield States
11:56 AM: Spyware Definitions: 691
11:55 AM: Spy Sweeper 5.0.5.1286 started
11:55 AM: Spy Sweeper 5.0.5.1286 started
11:55 AM: | Start of Session, Sunday, July 30, 2006 |
********
 

wmacmanus

Thread Starter
Joined
Jul 29, 2006
Messages
24
SpySweeper log 060731 part 2:

Operation: Terminate
Target: C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SPYSWEEPERUI.EXE
Source: C:\WINDOWS\SYSTEM32\CSRSS.EXE
5:55 PM: Tamper Detection
12:42 PM: Removal process completed. Elapsed time 00:00:39
12:42 PM: Quarantining All Traces: ysbweb cookie
12:42 PM: Quarantining All Traces: sidefind cookie
12:42 PM: Quarantining All Traces: toprebates.com cookie
12:42 PM: Quarantining All Traces: xxxtoolbar cookie
12:42 PM: Quarantining All Traces: adserver cookie
12:42 PM: Quarantining All Traces: valuead cookie
12:42 PM: Quarantining All Traces: coremetrics cookie
12:42 PM: Quarantining All Traces: trafficmp cookie
12:42 PM: Quarantining All Traces: tradedoubler cookie
12:42 PM: Quarantining All Traces: clicktracks cookie
12:42 PM: Quarantining All Traces: statcounter cookie
12:42 PM: Quarantining All Traces: mediaplex cookie
12:42 PM: Quarantining All Traces: linksynergy cookie
12:42 PM: Quarantining All Traces: centrport net cookie
12:42 PM: Quarantining All Traces: zedo cookie
12:42 PM: Quarantining All Traces: bluestreak cookie
12:42 PM: Quarantining All Traces: falkag cookie
12:42 PM: Quarantining All Traces: advertising cookie
12:42 PM: Quarantining All Traces: pointroll cookie
12:42 PM: Quarantining All Traces: addynamix cookie
12:42 PM: Quarantining All Traces: 247realmedia cookie
12:42 PM: Quarantining All Traces: webtrendslive cookie
12:42 PM: Quarantining All Traces: atlas dmt cookie
12:42 PM: Quarantining All Traces: xren_cj cookie
12:42 PM: Quarantining All Traces: xiti cookie
12:42 PM: Quarantining All Traces: claxonmedia cookie
12:42 PM: Quarantining All Traces: wirefly cookie
12:42 PM: Quarantining All Traces: screensavers.com cookie
12:42 PM: Quarantining All Traces: redzip cookie
12:42 PM: Quarantining All Traces: freepassbucks cookie
12:42 PM: Quarantining All Traces: burstbeacon cookie
12:42 PM: Quarantining All Traces: webpower cookie
12:42 PM: Quarantining All Traces: videodome cookie
12:42 PM: Quarantining All Traces: uproar cookie
12:42 PM: Quarantining All Traces: reliablestats cookie
12:42 PM: Quarantining All Traces: dealtime cookie
12:42 PM: Quarantining All Traces: serving-sys cookie
12:42 PM: Quarantining All Traces: web-stat cookie
12:42 PM: Quarantining All Traces: adjuggler cookie
12:42 PM: Quarantining All Traces: directtrack cookie
12:42 PM: Quarantining All Traces: questionmarket cookie
12:42 PM: Quarantining All Traces: partypoker cookie
12:42 PM: Quarantining All Traces: outster cookie
12:42 PM: Quarantining All Traces: offeroptimizer cookie
12:42 PM: Quarantining All Traces: nextag cookie
12:42 PM: Quarantining All Traces: realmedia cookie
12:42 PM: Quarantining All Traces: aptimus cookie
12:42 PM: Quarantining All Traces: mygeek cookie
12:42 PM: Quarantining All Traces: military cookie
12:42 PM: Quarantining All Traces: adrevolver cookie
12:42 PM: Quarantining All Traces: webtrends cookie
12:42 PM: Quarantining All Traces: kmpads cookie
12:42 PM: Quarantining All Traces: kinghost cookie
12:42 PM: Quarantining All Traces: sb01 cookie
12:42 PM: Quarantining All Traces: inqwire cookie
12:42 PM: Quarantining All Traces: infospace cookie
12:42 PM: Quarantining All Traces: imlive.com cookie
12:42 PM: Quarantining All Traces: ic-live cookie
12:42 PM: Quarantining All Traces: hypertracker.com cookie
12:42 PM: Quarantining All Traces: homestore cookie
12:42 PM: Quarantining All Traces: clickandtrack cookie
12:42 PM: Quarantining All Traces: starware.com cookie
12:42 PM: Quarantining All Traces: goldenpalace cookie
12:42 PM: Quarantining All Traces: wegcash cookie
12:42 PM: Quarantining All Traces: fastclick cookie
12:42 PM: Quarantining All Traces: ru4 cookie
12:42 PM: Quarantining All Traces: did-it cookie
12:42 PM: Quarantining All Traces: overture cookie
12:42 PM: Quarantining All Traces: clickzs cookie
12:42 PM: Quarantining All Traces: paypopup cookie
12:42 PM: Quarantining All Traces: exitexchange cookie
12:42 PM: Quarantining All Traces: coolsavings cookie
12:42 PM: Quarantining All Traces: classmates cookie
12:42 PM: Quarantining All Traces: ccbill cookie
12:42 PM: Quarantining All Traces: cassava cookie
12:42 PM: Quarantining All Traces: enhance cookie
12:42 PM: Quarantining All Traces: burstnet cookie
12:42 PM: Quarantining All Traces: bizrate cookie
12:42 PM: Quarantining All Traces: bannerspace cookie
12:42 PM: Quarantining All Traces: azjmp cookie
12:42 PM: Quarantining All Traces: atwola cookie
12:42 PM: Quarantining All Traces: belnk cookie
12:42 PM: Quarantining All Traces: ask cookie
12:42 PM: Quarantining All Traces: askmen cookie
12:42 PM: Quarantining All Traces: casalemedia cookie
12:42 PM: Quarantining All Traces: tacoda cookie
12:42 PM: Quarantining All Traces: reunion cookie
12:42 PM: Quarantining All Traces: primaryads cookie
12:42 PM: Quarantining All Traces: adultrevenueservice cookie
12:42 PM: Quarantining All Traces: adultfriendfinder cookie
12:42 PM: Quarantining All Traces: cc214142 cookie
12:42 PM: Quarantining All Traces: specificclick.com cookie
12:42 PM: Quarantining All Traces: hotbar cookie
12:42 PM: Quarantining All Traces: hbmediapro cookie
12:42 PM: Quarantining All Traces: adlegend cookie
12:42 PM: Quarantining All Traces: adknowledge cookie
12:42 PM: Quarantining All Traces: adecn cookie
12:42 PM: Quarantining All Traces: yieldmanager cookie
12:42 PM: Quarantining All Traces: about cookie
12:42 PM: Quarantining All Traces: go.com cookie
12:42 PM: Quarantining All Traces: websponsors cookie
12:42 PM: Quarantining All Traces: tribalfusion cookie
12:42 PM: Quarantining All Traces: 888 cookie
12:42 PM: Quarantining All Traces: 2o7.net cookie
12:42 PM: Quarantining All Traces: ist powerscan
12:42 PM: Quarantining All Traces: wildmedia
12:41 PM: Removal process initiated
12:35 PM: Traces Found: 205
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top