PDA

View Full Version : Adware ruining my computer! Any assistance would be greatly appreciated!



thedollyllama
2007-07-18, 08:09
Hi all,

Just to let you know, I am relatively new to this whole malware removal concept, as I have never been infected before. A few days ago, I'll admit I downloaded a bad .exe file, did not scan it, and ended up with a load of advertisements, particularly for SpyDoctor and Myspace. My Symantec Antivirus keeps popping up virus alerts for Trojan Horses and Trojan.downloader, such as Ndrv.exe, adfcook[1], and more. I can provide all the names if needed. Symantec full system scan does not find any viruses, but these malevolent ads keep popping up :(

I am really grateful for any help anyone can offer, as all the admins on this site seem to be very helpful and nice :).

Here is my HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 10:05:12 PM, on 7/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\VPTray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Vista Start Menu\StartMenu.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\AIM6\aim6.exe
C:\Yod'm\Yodm3D.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\TEMP\win178.tmp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Harker\Local Settings\Temp\wzb66e\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [suScheduler] C:\Program Files\ThinkVantage\SystemUpdate\UCLauncher.exe /SCHEDULER
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "c:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TPKBDLED] C:\WINDOWS\system32\TpScrLk.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [KeyAccess] C:\WINDOWS\keyacc32.exe
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avp] C:\WINDOWS\TEMP\win178.tmp.exe
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\rupvoxcc.dll",forkonce
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\StartMenu.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [Yodm3D] C:\Yod'm\Yodm3D.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Ebc] "C:\WINDOWS\system32\SSEMBL~1\winspool.exe" -vt yazb
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,wbsys.dll KATRACK.DLL C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
O23 - Service: ThinkVantage System Update (UCLauncherService) - Unknown owner - C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

If I need to provide any additional information, please let me know. Again, thanks in advance for your help!

Markka
2007-07-18, 11:11
Hi and welcome to the forums. :)
I'm Markka and I will be helping you with your malware issues.

I'll check your HijackThis log. Right now I'm MRU Undergrad, everything that I post to you must be checked by
teachers of Malware Removal University.
Please be patient. :)

thedollyllama
2007-07-18, 18:13
thanks so much for the help. :)

Markka
2007-07-18, 19:08
Hello :)

We need to create a new folder for HijackThis this, because when HijackThis isn't in a permanent folder, then it doesn't create backups.

Click Start -> My computer -> Double-click on C-drive (local disk).
Right-click there and choose 'create a new folder' and give it a name HJT. Now go to here:
C:\Documents and Settings\Harker\Local Settings\Temp\wzb66e
and right-click on HijackThis.exe and choose 'copy'.
Then go to here: C:\HJT and 'paste' HijackThis.exe into the HJT folder.
___________________________

Rename HijackThis.exe to Scanner.exe by doing the following;

Navigate to here; C:\HJT
Right-click on the HijackThis.exe
Choose from the pull-down menu; "Rename"
And now Rename HijackThis.exe to Scanner.exe
When you're renamed HijackThis, then open it..
Take a fresh HijackThis log (Do a system scan and save a log file)
Post the fresh HijackThis log to here.

thedollyllama
2007-07-19, 07:10
Hello. Thanks again for all your time and help :)

Here's my new HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 9:09:01 PM, on 7/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\VPTray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Vista Start Menu\StartMenu.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\AIM6\aim6.exe
C:\Yod'm\Yodm3D.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\TEMP\win178.tmp.exe
C:\Documents and Settings\Harker\Local Settings\Temp\wzb66e\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\Scanner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {654B5945-426A-4221-BE00-3170A7B1BEAE} - C:\WINDOWS\system32\mlljk.dll
O2 - BHO: (no name) - {656943FE-D031-F9ED-1E67-FF8DBA258EBF} - C:\WINDOWS\system32\qphknif.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {938A8A03-A938-4019-B764-03FF8D167D79} - C:\WINDOWS\system32\oqxngxry.dll
O2 - BHO: (no name) - {941508F8-CCD9-44E0-AC29-4F1E141373F7} - C:\WINDOWS\system32\urqpnki.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [suScheduler] C:\Program Files\ThinkVantage\SystemUpdate\UCLauncher.exe /SCHEDULER
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "c:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TPKBDLED] C:\WINDOWS\system32\TpScrLk.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [KeyAccess] C:\WINDOWS\keyacc32.exe
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avp] C:\WINDOWS\TEMP\win178.tmp.exe
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\rupvoxcc.dll",forkonce
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\StartMenu.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [Yodm3D] C:\Yod'm\Yodm3D.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Ebc] "C:\WINDOWS\system32\SSEMBL~1\winspool.exe" -vt yazb
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,wbsys.dll KATRACK.DLL C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: mlljk - C:\WINDOWS\system32\mlljk.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: psfus - C:\WINDOWS\SYSTEM32\psqlpwd.dll
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O20 - Winlogon Notify: urqpnki - C:\WINDOWS\SYSTEM32\urqpnki.dll
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winjrs32 - C:\WINDOWS\SYSTEM32\winjrs32.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
O23 - Service: ThinkVantage System Update (UCLauncherService) - Unknown owner - C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

Markka
2007-07-19, 19:23
Hello :)

You did excellent job! :bigthumb:

Please download ATF-cleaner (http://www.atribune.org/ccount/click.php?id=1) and save it to your desktop.
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

If you use Firefox browser:

Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser:

Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.
_____________________________

1. Download this file - combofix.exe (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall!

Post:

- A fresh HijackThis log
- Contents of C:\ComboFix.txt

thedollyllama
2007-07-20, 05:20
Hi, and thanks for the help. :)

I executed the programs you asked me to.

One quick question: my Windows taskbar disappeared while combofix.exe was running; is this a problem? It is back now, but I was just wondering.

Combofix log:
"Harker" - 2007-07-19 17:45:19 - ComboFix 07-07-14.6 - Service Pack 2 NTFS


(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\gebcy.dll
C:\WINDOWS\system32\awtttrp.dll
C:\WINDOWS\system32\iifefda.dll
C:\WINDOWS\system32\rupvoxcc.dll
C:\WINDOWS\system32\bbapbbeu.dll
C:\WINDOWS\system32\dtlmchqd.dll
C:\WINDOWS\system32\ermcswpr.dll
C:\WINDOWS\system32\jmqbgkkl.dll
C:\WINDOWS\system32\mthtujej.dll
C:\WINDOWS\system32\oqxngxry.dll
C:\WINDOWS\system32\rmspphqq.dll
C:\WINDOWS\system32\xqupwdvi.dll
C:\WINDOWS\system32\awtttrp.dll
C:\WINDOWS\system32\iifefda.dll
C:\WINDOWS\system32\winjrs32.dll
C:\WINDOWS\system32\ycbeg.bak1
C:\WINDOWS\system32\ycbeg.ini
C:\WINDOWS\system32\kjllm.bak1
C:\WINDOWS\system32\kjllm.bak2
C:\WINDOWS\system32\kjllm.ini
C:\WINDOWS\system32\kjllm.ini2
C:\WINDOWS\system32\kjllm.tmp
C:\WINDOWS\system32\ccxovpur.ini
C:\WINDOWS\system32\kjllm.bak1
C:\WINDOWS\system32\kjllm.bak2
C:\WINDOWS\system32\kjllm.ini
C:\WINDOWS\system32\kjllm.ini2
C:\WINDOWS\system32\kjllm.tmp
C:\WINDOWS\system32\mlljk.dll
C:\WINDOWS\system32\urqpnki.dll
C:\WINDOWS\system32\urqpnki.dll


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files\Common Files\Yazzle1162OinAdmin.exe
C:\Program Files\Common Files\Yazzle1162OinUninstaller.exe
C:\Program Files\outerinfo
C:\Program Files\outerinfo\OiUninstaller.exe
C:\Program Files\outerinfo\outerinfo.ico
C:\Program Files\outerinfo\Terms.rtf
C:\WINDOWS\system32\avetqgio.exe
C:\WINDOWS\system32\gtyhfcvn.exe
C:\WINDOWS\system32\gyohdabn.exe
C:\WINDOWS\system32\hgmoabkn.exe
C:\WINDOWS\system32\hgvtlgnr.exe
C:\WINDOWS\system32\kdpwbrng.exe
C:\WINDOWS\system32\klcfjqxx.exe
C:\WINDOWS\system32\nhgsuoeu.exe
C:\WINDOWS\system32\qphknif.dll
C:\WINDOWS\system32\ssembl~1
C:\WINDOWS\system32\ssembl~1\winspool.exe
C:\WINDOWS\system32\vqrgcvjm.exe
C:\WINDOWS\system32\wnsapiicomsv32.exe


((((((((((((((((((((((((( Files Created from 2007-06-20 to 2007-07-20 )))))))))))))))))))))))))))))))


2007-07-19 17:43 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-18 21:06 <DIR> d-------- C:\HJT
2007-07-14 08:36 <DIR> d-------- C:\WINDOWS\network diagnostic
2007-07-13 21:29 <DIR> d-------- C:\DOCUME~1\Harker\APPLIC~1\GetRightToGo
2007-07-13 20:36 <DIR> d-------- C:\Program Files\Lavasoft
2007-07-13 20:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
2007-07-12 21:48 <DIR> d-------- C:\Program Files\Uniblue
2007-07-12 21:48 <DIR> d-------- C:\DOCUME~1\Harker\APPLIC~1\Uniblue
2007-07-12 21:25 43 --a------ C:\DOCUME~1\Harker\RUNME.bat
2007-07-12 21:25 38,413 --a------ C:\DOCUME~1\Harker\keygen.exe
2007-07-12 21:25 12,516 --a------ C:\DOCUME~1\Harker\crack.exe
2007-07-12 21:25 0 --a------ C:\DOCUME~1\Harker\install.exe
2007-07-12 20:47 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
2007-07-12 20:42 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2007-07-12 20:40 16,384 --a------ C:\WINDOWS\system32\FileOps.exe
2007-07-09 22:09 <DIR> d-------- C:\Program Files\Red Kawa
2007-07-09 21:56 <DIR> d-------- C:\Program Files\PQDVD
2007-07-09 21:56 <DIR> d-------- C:\Program Files\Common Files\PQDVD
2007-07-08 08:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2007-07-08 08:35 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2007-06-30 20:48 <DIR> d-------- C:\Program Files\iTunes
2007-06-30 20:48 <DIR> d-------- C:\Program Files\iPod
2007-06-30 20:47 <DIR> d-------- C:\Program Files\Apple Software Update
2007-06-30 20:46 25,984 --a------ C:\WINDOWS\system32\drivers\usbaapl.sys
2007-06-30 20:46 <DIR> d-------- C:\Program Files\Common Files\Apple
2007-06-30 20:46 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
2007-06-28 18:12 <DIR> d-------- C:\Program Files\yWriter2
2007-06-28 18:10 <DIR> d-------- C:\Program Files\Yadu Digital
2007-06-27 19:31 <DIR> d-------- C:\Program Files\TGTSoft
2007-06-27 19:18 <DIR> d-------- C:\Program Files\Trillian
2007-06-26 18:46 <DIR> d-------- C:\DOCUME~1\Harker\APPLIC~1\Azureus
2007-06-26 18:46 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
2007-06-26 18:31 <DIR> d-------- C:\Program Files\Azureus
2007-06-26 18:18 <DIR> d-------- C:\Program Files\BitTorrent
2007-06-26 18:18 <DIR> d-------- C:\DOCUME~1\Harker\APPLIC~1\BitTorrent
2007-06-21 19:06 <DIR> d-------- C:\DOCUME~1\Harker\APPLIC~1\Inkscape


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-20 00:56:53 -------- d-----w C:\Program Files\Symantec AntiVirus
2007-07-20 00:39:07 -------- d-----w C:\DOCUME~1\Harker\APPLIC~1\AdobeUM
2007-07-15 18:11:51 5,427 ----a-w C:\WINDOWS\system32\EGATHDRV.SYS
2007-07-14 03:35:22 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-07-13 15:44:40 88,408 ----a-w C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
2007-07-13 03:50:23 -------- d-----w C:\DOCUME~1\Harker\APPLIC~1\uTorrent
2007-07-10 05:29:47 -------- d-----w C:\Program Files\Wallpaper Master
2007-07-08 19:41:52 -------- d-----w C:\DOCUME~1\Harker\APPLIC~1\Apple Computer
2007-07-01 22:13:51 -------- d-----w C:\DOCUME~1\Harker\APPLIC~1\Viewpoint
2007-06-29 03:33:58 -------- d-----w C:\Program Files\Acoustica Mixcraft 3
2007-06-18 22:02:03 -------- d-----w C:\Program Files\MSECache
2007-06-18 01:37:51 664 ----a-w C:\WINDOWS\system32\d3d9caps.dat
2007-06-18 00:00:43 -------- d-----w C:\Program Files\QuickTime
2007-06-09 22:46:02 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-06-08 04:15:19 -------- d-----w C:\Program Files\Pacific Tech
2007-06-05 21:07:34 -------- d-----w C:\Program Files\AIM6
2007-06-05 21:04:26 -------- d-----w C:\Program Files\Viewpoint
2007-06-04 22:18:48 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-06-04 22:17:02 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-06-04 22:14:56 6,272 ----a-w C:\WINDOWS\system32\drivers\AWRTPD.sys
2007-05-30 19:57:23 -------- d-----w C:\Program Files\TryMedia
2007-05-30 19:57:10 -------- d-----w C:\Program Files\GameHouse
2007-05-26 19:34:34 42,672 ----a-w C:\WINDOWS\system32\wbsys.dll
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-05-11 20:23:31 6,518 ----a-w C:\WINDOWS\mozver.dat
2007-04-25 14:21:15 144,896 ------w C:\WINDOWS\system32\schannel.dll
2007-04-18 03:12:15 628 ---ha-w C:\Program Files\Resource0512
2007-02-03 15:43:59 8,204,836 ----a-w C:\Program Files\iPodConvSuitReg.exe
2005-07-15 20:23:52 47 ----a-w C:\Program Files\setup.lid
2005-07-15 20:23:52 334 ----a-w C:\Program Files\layout.bin
2005-07-15 20:23:52 24,776,419 ----a-w C:\Program Files\data1.cab
2005-07-15 20:23:18 95 ----a-w C:\Program Files\DATA.TAG
2005-07-15 20:23:18 78 ----a-w C:\Program Files\SETUP.INI
2005-07-15 20:23:18 409,925 ----a-w C:\Program Files\_sys1.cab
2005-07-15 20:23:18 114,308 ----a-w C:\Program Files\_user1.cab
2005-04-15 19:41:40 90,161 ----a-w C:\Program Files\setup.ins
1997-06-07 00:27:50 59,904 ----a-w C:\Program Files\SETUP.EXE
1997-06-02 19:44:00 317,092 ----a-w C:\Program Files\_INST32I.EX_
1997-06-02 19:20:36 280,152 ----a-w C:\Program Files\_INST16.EX_
1997-06-02 19:17:58 8,192 ----a-w C:\Program Files\_ISDEL.EXE
1997-06-02 19:17:40 11,264 ----a-w C:\Program Files\_SETUP.DLL
1997-05-30 19:31:50 4,557 ----a-w C:\Program Files\lang.dat
1997-05-06 22:15:20 417 ----a-w C:\Program Files\os.dat


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-12-18 05:16 59032 --a------ C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
2005-05-31 01:04 853672 --------- C:\PROGRA~1\SPYBOT~1\SDHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
2005-08-01 05:10 110652 --a------ C:\WINDOWS\System32\DLA\DLASHX_W.DLL

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2005-11-10 13:22 184423 --------- C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
2007-01-20 00:55 2403392 -ra------ c:\program files\google\googletoolbar4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2006-02-14 14:17]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-02-14 14:16]
"TPKMAPHELPER"="C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe" [2005-10-28 19:04]
"TpShocks"="TpShocks.exe" [2005-11-07 11:14 C:\WINDOWS\system32\TpShocks.exe]
"TP4EX"="tp4ex.exe" [2005-10-17 01:11 C:\WINDOWS\system32\TP4EX.exe]
"EZEJMNAP"="C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2006-02-24 02:22]
"TPHOTKEY"="C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe" [2006-05-10 15:03]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2005-05-06 14:06]
"suScheduler"="C:\Program Files\ThinkVantage\SystemUpdate\UCLauncher.exe" [2005-08-01 17:32]
"LPManager"="C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe" [2006-01-25 01:03]
"ISUSPM Startup"="c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 16:50]
"ISUSScheduler"="c:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 16:50]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2005-10-28 11:08]
"DiskeeperSystray"="C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2005-11-29 10:55]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-05-17 22:07]
"ACTray"="C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe" [2006-04-17 13:09]
"ACWLIcon"="C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2006-04-17 12:59]
"PWRMGRTR"="C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2005-12-07 01:12]
"BLOG"="C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2005-12-07 01:12]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-02-10 16:27]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2004-12-10 18:02]
"vptray"="C:\PROGRA~1\SYMANT~2\VPTray.exe" [2004-12-30 14:19]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-06-08 15:35]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 13:03]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-09 01:18]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 08:11]
"AwaySch"="C:\Program Files\Lenovo\AwayTask\AwaySch.EXE" [2006-04-13 02:05]
"cssauth"="C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" [2006-05-12 20:15]
"TVT Scheduler Proxy"="C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2006-05-12 20:09]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 00:56 C:\WINDOWS\system32\bthprops.cpl]
"PSQLLauncher"="C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" [2006-04-25 19:03]
"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-01 14:22]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-06-28 09:14]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00]
"VistaStartMenu"="C:\Program Files\Vista Start Menu\StartMenu.exe" [2006-01-16 05:33]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 09:24]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-02-05 12:49]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 17:45]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [2007-04-27 14:17]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-03-27 15:22]
"Yodm3D"="C:\Yod'm\Yodm3D.exe" [2007-04-21 21:26]
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" []
"Ebc"="C:\WINDOWS\system32\SSEMBL~1\winspool.exe" []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ACNotify]
ACNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AwayNotify]
C:\Program Files\Lenovo\AwayTask\AwayNotify.dll --------- 2006-04-13 02:05 49152 C:\Program Files\Lenovo\AwayTask\AwayNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
psqlpwd.dll --a------ 2006-04-25 19:20 40448 C:\WINDOWS\system32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
notifyf2.dll --a------ 2005-07-05 23:45 28672 C:\WINDOWS\system32\notifyf2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
tphklock.dll --a------ 2005-11-30 20:16 24576 C:\WINDOWS\system32\tphklock.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\wbsrv.dll --a------ 2007-03-05 17:36 140976 C:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,wbsys.dll KATRACK.DLL C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages scecli psqlpwd

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c5b01ef0-5575-11db-bb25-806d6172696f}]
AutoRun\command- D:\launch.bat


Contents of the 'Scheduled Tasks' folder
2007-07-14 15:29:03 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
2007-07-13 08:44:01 C:\WINDOWS\tasks\MP Scheduled Scan.job
2007-07-20 01:58:16 C:\WINDOWS\tasks\PMTask.job

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-19 18:57:43
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-07-19 19:00:12 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-07-19 18:59

--- E O F ---

thedollyllama
2007-07-20, 05:22
fresh HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 7:15:57 PM, on 7/19/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\VPTray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Vista Start Menu\StartMenu.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Yod'm\Yodm3D.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\Scanner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [suScheduler] C:\Program Files\ThinkVantage\SystemUpdate\UCLauncher.exe /SCHEDULER
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "c:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\StartMenu.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [Yodm3D] C:\Yod'm\Yodm3D.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Ebc] "C:\WINDOWS\system32\SSEMBL~1\winspool.exe" -vt yazb
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,wbsys.dll KATRACK.DLL C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: psfus - C:\WINDOWS\SYSTEM32\psqlpwd.dll
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe (file missing)
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
O23 - Service: ThinkVantage System Update (UCLauncherService) - Unknown owner - C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

Markka
2007-07-20, 20:57
Hello :)


One quick question: my Windows taskbar disappeared while combofix.exe was running; is this a problem? It is back now, but I was just wondering.
Yes, this is normal.
___________________
We need to disable your Windows Defender Real-time Protection as it may interfere with the fixes that we need to make.

Open Windows Defender.
Click on Tools, General Settings.
Scroll down and uncheck Turn on real-time protection (recommended).
After you uncheck this, click on the Save button and close Windows Defender.

After all of the fixes are complete it is very important that you enable Real-time Protection again.
________________________

Please download AVG Anti-Spyware to your Desktop or to your usual Download Folder.
http://www.ewido.net/en/download/
Install AVG Anti-Spyware by double clicking the installer.
Follow the prompts. Make sure that Launch AVG Anti-Spyware is checked.
On the main screen under Your Computer's security.
Click on Change state next to Resident shield. It should now change to inactive.
Click on Change state next to Automatic updates. It should now change to inactive.
Next to Last Update, click on Update now. (You will need an active internet connection to perform this)
Wait until you see the Update succesfull message.
Right-click the AVG Anti-Spyware Tray Icon and uncheck Start with Windows.
Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
If you are having problems with the updater, you can use this link to manually update ewido.
AVG Anti-Spyware manual updates (http://www.ewido.net/en/download/updates/).
Download the Full database to your Desktop or to your usual Download Folder and install it by double clicking the file. Make sure that AVG Anti-Spyware is closed before installing the update.
________________________

Open HijackThis, Click Do a system scan only, checkmark this. Then close all other windows except HijackThis and press fix checked.

O4 - HKCU\..\Run: [Ebc] "C:\WINDOWS\system32\SSEMBL~1\winspool.exe" -vt yazb
___________________________
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

If you use Firefox browser:

Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser:

Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.
______________________

Please then reboot your computer in Safe Mode by doing the following:
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.
________________________

Close ALL open Windows / Programs / Folders. Please start AVG Anti-Spyware and run a full scan.
Click on Scanner on the toolbar.
Click on the Settings tab.
Under How to act?
Click on Recommended Action and choose Quarantine from the popup menu.
Under How to scan?
All checkboxes should be ticked.
Under Possibly unwanted software:
All checkboxes should be ticked.
Under Reports:
Select Automatically generate report after every scan and uncheck Only if threats were found.
Under What to scan?
Select Scan every file.
Click on the Scan tab.
Click on Complete System Scan to start the scan process.
Let the program scan the machine.
When the scan has finished, follow the instructions below.
IMPORTANT : Don't click on the "Save Scan Report" button before you did hit the "Apply all Actions" button.
Make sure that Set all elements to: shows Quarantine (1), if not click on the link and choose Quarantine from the popup menu. (2)
At the bottom of the window click on the Apply all Actions button. (3)
http://img509.imageshack.us/img509/4851/scanavgjk2.jpg
When done, click the Save Scan Report button. (4)
Click the Save Report as button.
Save the report to your Desktop.
Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
Reboot in Normal Mode.
_____________________

Post:
- A fresh HijackThis log
- AVG Anti-Spyware's report

thedollyllama
2007-07-22, 05:01
hi :)

HJT log:
Logfile of HijackThis v1.99.1
Scan saved at 7:00:48 PM, on 7/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\VPTray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Vista Start Menu\StartMenu.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\AIM6\aim6.exe
C:\Yod'm\Yodm3D.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\Scanner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [suScheduler] C:\Program Files\ThinkVantage\SystemUpdate\UCLauncher.exe /SCHEDULER
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "c:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\StartMenu.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [Yodm3D] C:\Yod'm\Yodm3D.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,wbsys.dll KATRACK.DLL C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: psfus - C:\WINDOWS\SYSTEM32\psqlpwd.dll
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe (file missing)
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
O23 - Service: ThinkVantage System Update (UCLauncherService) - Unknown owner - C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

thedollyllama
2007-07-22, 05:03
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 5:04:25 AM 7/21/2007

+ Scan result:



C:\QooBox\Quarantine\C\Program Files\Outerinfo\OiUninstaller.exe.vir -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\qphknif.dll.vir -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{5D527826-05BD-4A83-8416-28ACDDA14001}\RP291\A0081365.dll -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{5D527826-05BD-4A83-8416-28ACDDA14001}\RP291\A0081396.dll -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\urqpnki.dll.vir -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\Program Files\Common Files\Yazzle1162OinAdmin.exe.vir -> Downloader.PurityScan.eg : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\SSEMBL~1\winspool.exe.vir -> Downloader.PurityScan.ej : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{5D527826-05BD-4A83-8416-28ACDDA14001}\RP291\A0081402.exe -> Downloader.PurityScan.ej : Cleaned with backup (quarantined).
C:\Documents and Settings\Harker\crack.exe -> Dropper.Small.ayg : Cleaned with backup (quarantined).
:mozilla.595:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.596:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.175:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.206:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.21:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.22:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.23:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.24:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.25:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.261:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.261:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.35:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.36:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.37:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.38:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.39:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.40:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.41:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.42:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.43:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.44:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.45:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.46:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.47:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.48:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.49:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.50:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.50:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.51:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.52:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.52:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.53:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.54:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.55:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.56:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.57:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.58:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.59:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.60:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.61:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.62:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.633:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.63:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.64:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.65:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.66:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.67:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.68:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.69:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.70:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.713:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.71:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.72:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.73:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.74:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.75:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.76:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.779:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.77:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.78:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.79:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.80:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.81:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.82:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.83:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.84:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.890:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.963:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
C:\WINDOWS\system32\config\systemprofile\Cookies\harker@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.133:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.134:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.135:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.66:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.67:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.68:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.70:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.71:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.72:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.780:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.781:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.782:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.82:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.484:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.485:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.486:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Adobe : Cleaned.
:mozilla.191:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.192:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.338:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.339:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.340:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.341:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.342:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.343:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.344:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.15:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.16:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.17:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.17:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.18:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.18:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.19:C:\Documents and Settings\Harker\Application

thedollyllama
2007-07-22, 05:04
Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.19:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.20:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.20:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.252:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.253:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.254:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.255:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.10:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.157:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.196:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.312:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.313:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.9:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uo64e5tt.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.543:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.684:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.645:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.122:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.123:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.479:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.481:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.482:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.483:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.127:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.647:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.648:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.649:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.650:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.651:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.652:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.607:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Com : Cleaned.
:mozilla.608:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Com : Cleaned.
:mozilla.609:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Com : Cleaned.
:mozilla.12:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.15:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.16:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.49:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.137:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.140:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.240:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.241:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.242:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.243:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.244:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.398:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.677:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.678:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.679:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.680:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.205:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.206:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.207:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.208:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.209:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.210:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.263:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.264:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.265:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.69:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.849:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.943:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.105:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.107:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.108:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.109:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.117:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.119:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.121:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.221:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.223:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.224:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.244:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.245:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.246:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.247:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.253:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.255:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.256:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.257:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.371:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.372:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.373:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.522:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.523:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.620:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.621:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.687:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.717:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.964:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.132:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.133:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.134:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.135:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.846:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.228:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.229:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.237:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.238:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.292:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.293:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.48:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.51:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.52:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.169:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.170:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.171:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.102:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.103:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.106:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.573:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.574:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.20:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.568:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.658:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.660:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.168:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.37:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.38:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.39:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.502:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.503:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.504:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.676:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.155:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.509:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.195:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.

thedollyllama
2007-07-22, 05:05
:mozilla.196:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.197:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.233:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.234:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.235:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.236:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.682:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.683:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.211:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.212:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.213:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.214:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.269:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.270:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.57:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.58:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.59:C:\Documents and Settings\Sonya\ApplicationData\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\WINDOWS\system32\config\systemprofile\Cookies\harker@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.120:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.121:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.138:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.139:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.141:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.722:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.723:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.724:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.725:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.726:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.207:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.208:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.209:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.210:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.211:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.212:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.213:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.382:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.383:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.384:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.385:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.386:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.387:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.388:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.389:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.390:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.391:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.392:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.393:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.394:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.395:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.39:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.400:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.40:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.40:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.41:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.42:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.452:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.453:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.454:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.455:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.233:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.239:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.240:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.241:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.242:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.249:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.661:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.662:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.663:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.664:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.665:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.666:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.151:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.152:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.153:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.154:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.24:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.25:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.26:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.27:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.28:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.29:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.30:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.31:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.32:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.33:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.34:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.104:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.105:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.106:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.107:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.108:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.109:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.

thedollyllama
2007-07-22, 05:06
:mozilla.110:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.111:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.112:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.113:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.114:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.115:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.116:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.117:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.118:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.119:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.120:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.121:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.122:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.123:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.124:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.125:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.126:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.127:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.128:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.129:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.130:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.131:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.132:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.133:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.134:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.135:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.136:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.137:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.138:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.139:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.140:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.141:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.142:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.143:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.144:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.145:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.146:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.147:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.148:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.149:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.150:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.151:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.152:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.153:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.61:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.100:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.112:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.113:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.198:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.266:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.401:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.404:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.405:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.406:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.407:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.408:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.456:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.96:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.97:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.98:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.99:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.814:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.345:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.346:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.347:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.348:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.349:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.350:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.351:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.352:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.353:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.354:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.74:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.75:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.76:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.77:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.78:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.79:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.80:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.81:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.480:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.101:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.191:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.69:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.773:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.774:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.310:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.925:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.115:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.218:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.644:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.143:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.144:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.145:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.168:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.172:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.173:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.174:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.175:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.193:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.128:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.183:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.184:C:\Documents and Settings\Sonya\Application Data\Mozilla\Firefox\Profiles\jgkd92qu.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.517:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.518:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.519:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.520:C:\Documents and Settings\Harker\Application Data\Mozilla\Firefox\Profiles\vyk66xdk.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned.
C:\QooBox\Quarantine\C\WINDOWS\system32\wnsapiicomsv32.exe.vir -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{5D527826-05BD-4A83-8416-28ACDDA14001}\RP291\A0081399.exe -> Trojan.Small : Cleaned with backup (quarantined).


::Report end

Markka
2007-07-22, 20:10
Hello :)

Next step is:

Kaspersky online scanner works only with Internet Explorer!

Please run an online scanner with Kaspersky Online Scanner (http://www.kaspersky.com/downloads/kws/kavwebscan.html). You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
The program will launch and then start to download the latest definition files.
Once the scanner is installed and the definitions downloaded, click Next.
Now click on Scan Settings
In the scan settings make sure that the following are selected:

o Scan using the following Anti-Virus database:

+ Extended (If available otherwise Standard)

o Scan Options:

+ Scan Archives
+ Scan Mail Bases

Click OK
Now under select a target to scan select My Computer
The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected.
Now click on the Save as Text button
Save the file to your desktop.
Copy and paste that information in your next post.
____________________

Post:
- A fresh HijackThis log
- Kaspersky's report

thedollyllama
2007-07-23, 06:55
Hello :)
today my Symantec found about 14 more viruses, all of which were Downloaders and Vundos. I can provide the names if you want. This is a big problem, right?

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Sunday, July 22, 2007 8:43:58 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 23/07/2007
Kaspersky Anti-Virus database records: 366664
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\

Scan Statistics:
Total number of scanned objects: 102953
Number of viruses found: 9
Number of infected objects: 39
Number of suspicious objects: 0
Duration of the scan process: 01:43:37

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09300000.VBN Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09300002.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kr skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09300004.VBN Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09300006.VBN Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09300008.VBN Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0930000A.VBN Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0930000C.VBN Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0930000E.VBN Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09300010.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kr skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09300012.VBN Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09300014.VBN Infected: Trojan.Win32.BHO.bd skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09300016.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09300018.VBN Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0930001A.VBN Infected: Trojan.Win32.BHO.bd skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C6C0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C6C0001.VBN Infected: not-a-virus:AdWare.Win32.PurityScan.fn skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D340000.VBN Infected: not-a-virus:AdWare.Win32.PurityScan.fn skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D340001.VBN Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D340002.VBN Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D340003.VBN Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D340004.VBN Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D440000.VBN Infected: not-a-virus:AdWare.Win32.PurityScan.fn skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D440001.VBN Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D440003.VBN Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D440004.VBN Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D880000.VBN Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0DDC0000.VBN Infected: not-a-virus:AdWare.Win32.PurityScan.fn skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0E5C0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\Documents and Settings\Harker\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Harker\Desktop\osadobephotoshopcs2tryouttofullactivationkeygenoscaria.exe/data.rar/keygen.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\Documents and Settings\Harker\Desktop\osadobephotoshopcs2tryouttofullactivationkeygenoscaria.exe/data.rar/patch.exe Infected: Trojan.Win32.Dialer.qn skipped
C:\Documents and Settings\Harker\Desktop\osadobephotoshopcs2tryouttofullactivationkeygenoscaria.exe/data.rar/crack.exe Infected: Trojan-Dropper.Win32.Small.ayg skipped
C:\Documents and Settings\Harker\Desktop\osadobephotoshopcs2tryouttofullactivationkeygenoscaria.exe/data.rar Infected: Trojan-Dropper.Win32.Small.ayg skipped
C:\Documents and Settings\Harker\Desktop\osadobephotoshopcs2tryouttofullactivationkeygenoscaria.exe RarSFX: infected - 4 skipped
C:\Documents and Settings\Harker\keygen.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\Documents and Settings\Harker\Local Settings\Application Data\AOL OCP\AIM\Storage\All Users\localStorage\common.cls Object is locked skipped
C:\Documents and Settings\Harker\Local Settings\Application Data\AOL OCP\AIM\Storage\data\pinkpoofyllama\localStorage\common.cls Object is locked skipped
C:\Documents and Settings\Harker\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Harker\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Harker\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Harker\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Harker\Local Settings\History\History.IE5\MSHist012007072220070723\index.dat Object is locked skipped
C:\Documents and Settings\Harker\Local Settings\Temp\Perflib_Perfdata_d94.dat Object is locked skipped
C:\Documents and Settings\Harker\Local Settings\Temp\~DF4FFD.tmp Object is locked skipped
C:\Documents and Settings\Harker\Local Settings\Temp\~DF5002.tmp Object is locked skipped
C:\Documents and Settings\Harker\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Harker\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Harker\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Harker\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\awtttrp.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\dtlmchqd.dll.vir Infected: Trojan.Win32.BHO.bd skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\iifefda.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\mthtujej.dll.vir Infected: Trojan.Win32.BHO.bd skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\winjrs32.dll.vir Infected: Trojan.Win32.Dialer.qn skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{5D527826-05BD-4A83-8416-28ACDDA14001}\RP293\change.log Object is locked skipped
C:\WINDOWS\CSC\00000001 Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{A1DF30C0-0670-4046-A013-52728DCED725}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

thedollyllama
2007-07-23, 06:56
Logfile of HijackThis v1.99.1
Scan saved at 8:56:14 PM, on 7/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\VPTray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Vista Start Menu\StartMenu.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\AIM6\aim6.exe
C:\Yod'm\Yodm3D.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Google\Google Desktop Search\gcdtmp4\GoogleDesktopSetupHelper.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\HJT\Scanner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [suScheduler] C:\Program Files\ThinkVantage\SystemUpdate\UCLauncher.exe /SCHEDULER
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "c:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\StartMenu.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [Yodm3D] C:\Yod'm\Yodm3D.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,wbsys.dll KATRACK.DLL C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: psfus - C:\WINDOWS\SYSTEM32\psqlpwd.dll
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe (file missing)
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
O23 - Service: ThinkVantage System Update (UCLauncherService) - Unknown owner - C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe



Thanks

Markka
2007-07-23, 22:37
Hello :)


This is a big problem, right?
I think this isn't a big problem, because Kaspersky shows they are in quarantine.

Empty this folder:

C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine

Delete these files:

C:\Documents and Settings\Harker\Desktop\osadobephotoshopcs2tryouttofullactivationkeygenoscaria.exe
C:\Documents and Settings\Harker\keygen.exe

Delete this folder:

C:\QooBox
_________________________

Disable system restore:
Right click on my computer icon
Choose properties
Click on system restore tab
Select Turn off System Restore
Click apply and click OK
Reboot!

Enable system restore:
Right click on my computer icon
Choose properties
Click on system restore tab
un-check Turn off System Restore
Click apply and click OK
Reboot!
________________________

Your java is out of date. Update your java.

Instruction:

-> Go to Control panel -> Add/remove programs
-> Find java(s) from the list
-> Delete this java version:
jre1.5.0_06
-> Please download from here (https://java.sun.com/javase/downloads/index.jsp) a new java and install it.
-> The latest java version is: Java Runtime Environment (JRE) 6u2
____________________

Re-run with Kaspersky online scanner!

Post:
- A fresh HijackThis log
- Kaspersky's report

tashi
2007-07-30, 20:49
thedollyllama, still with us?

tashi
2007-08-07, 00:40
This topic has been archived due to lack of a response.

If you need it re-opened, please send me a private message (pm) and provide a link to the thread. Applies only to the original poster, anyone else with similar problems please start a new topic.

Thank you Markka.