View Full Version : Bifrose.LA and Fake.Wget won't go away!
JenniferS
2006-11-02, 01:01
I got hit by several trojans and most have been cleaned up with spybot and AVG, but Bifrose.LA and Fake.Wget won't go away. I've tried fixing the problem several times but they always show up after restarting the computer. I've also read some of the old threads and tried one of the registry clears that was suggested, but this didn't work either. I need some help! Below is my hijackthis file let me know if you need anything else. Thanks!
Logfile of HijackThis v1.99.1
Scan saved at 3:51:33 PM, on 11/1/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
c:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.soulfly.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
provided by Comcast
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} -
C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7b4d79df-9ef0-429d-a0e9-d9b138c6a53b} - C:\Program
Files\VideoKeyCodec\isaddon.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program
files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program
files\google\googletoolbar1.dll
O3 - Toolbar: Protection Bar - {1a29a79a-b9c8-44a9-bedf-7fadde3cf33f} - C:\Program
Files\VideoKeyCodec\iesplugin.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DwlClient] c:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [masqform.exe] C:\Program Files\PureEdge\Viewer 6.0\masqform.exe -UpdateCurrentUser
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common
Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [swg] C:\Program
Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [startkey] C:\WINDOWS\system32\Microsoft.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat
7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital
Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop
Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/
(file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/
(file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/
(file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) -
http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: contrabandists - {dfa61db1-388e-4c87-8d56-540fa229bcb4} - C:\WINDOWS\system32\dpfwu.dll
(file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive
Software\Diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program
Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner -
C:\WINDOWS\system32\UAService7.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
Hi JenniferS and welcome to Safer Networking Forums :)
You got some infections there...
Please download SmitfraudFix (http://siri.urz.free.fr/Fix/SmitfraudFix.zip) (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.
Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.
Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlogic.org/consulting/proc...processutil.htm (http://www.beyondlogic.org/consulting/processutil/processutil.htm)
NOTE: Do not run any other options from SmitfraudFix until I tell you to do so!
JenniferS
2006-11-03, 00:39
okay here it is
SmitFraudFix v2.118
Scan done at 15:39:07.08, Thu 11/02/2006
Run from C:\Documents and Settings\Jenny\Desktop\SmitFraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Jenny
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Jenny\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
C:\DOCUME~1\ALLUSE~1\STARTM~1\Online Security Guide.url FOUND !
C:\DOCUME~1\ALLUSE~1\STARTM~1\Security Troubleshooting.url FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Jenny\FAVORI~1
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{dfa61db1-388e-4c87-8d56-540fa229bcb4}"="contrabandists"
[HKEY_CLASSES_ROOT\CLSID\{dfa61db1-388e-4c87-8d56-540fa229bcb4}\InProcServer32]
@="C:\WINDOWS\system32\dpfwu.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{dfa61db1-388e-4c87-8d56-540fa229bcb4}\InProcServer32]
@="C:\WINDOWS\system32\dpfwu.dll"
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32
»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End
Hi again, we'll continue :)
You have Dell's MyWay (http://support.dell.com/support/topics/global.aspx/support/dsn/en/document?c=us&cs=19&l=en&s=dhs&dn=1091919) installed. If you do not use this, I'll recommend that you remove it. Removal instructions here (http://forums.us.dell.com/supportforums/board/message?board.id=si_virus&message.id=42328).
You should print these instructions or save these to a text file. Follow these instructions carefully.
Please download AVG Anti-Spyware to your Desktop or to your usual Download Folder.
http://www.ewido.net/en/download/
Install AVG Anti-Spyware by double clicking the installer.
Follow the prompts. Make sure that Launch AVG Anti-Spyware is checked.
On the main screen under Your Computer's security.
Click on Change state next to Resident shield. It should now change to inactive.
Click on Change state next to Automatic updates. It should now change to inactive.
Next to Last Update, click on Update now. (You will need an active internet connection to perform this)
Wait until you see the Update succesfull message.
Right-click the AVG Anti-Spyware Tray Icon and uncheck Start with Windows.
Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
If you are having problems with the updater, you can use this link to manually update ewido.
AVG Anti-Spyware manual updates (http://www.ewido.net/en/download/updates/).
Download the Full database to your Desktop or to your usual Download Folder and install it by double clicking the file. Make sure that AVG Anti-Spyware is closed before installing the update.
Download ATF Cleaner (http://www.atribune.org/ccount/click.php?id=1) by Atribune to your desktop.
Do NOT run yet.
==================
Run HijackThis, click Do a system scan only, and check the box next to each of these entries if still present. Close all other windows and press Fix checked. If something isn't there, please continue with the next entry in the list. Fix the blue entries too if you removed Dell's MyWay.
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
Restart your computer to the safe mode:
Restart your computer
Start tapping the F8 key when the computer restarts.
When the start menu opens, choose Safe mode
Press Enter. The computer then begins to start in Safe mode.
Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmd
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.
You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.
The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".
The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows.
A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply.
The report can also be found at the root of the system drive, usually at C:\rapport.txt
Warning : running option #2 on a non infected computer will remove your Desktop background.
Restart to the safe mode again.
Run ATF Cleaner Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
Close ALL open Windows / Programs / Folders. Please start AVG Anti-Spyware and run a full scan.
Click on Scanner on the toolbar.
Click on the Settings tab.
Under How to act?
Click on Recommended Action and choose Quarantine from the popup menu.
Under How to scan?
All checkboxes should be ticked.
Under Possibly unwanted software:
All checkboxes should be ticked.
Under Reports:
Select Automatically generate report after every scan and uncheck Only if threats were found.
Under What to scan?
Select Scan every file.
Click on the Scan tab.
Click on Complete System Scan to start the scan process.
Let the program scan the machine.
When the scan has finished, follow the instructions below.
IMPORTANT : Don't click on the "Save Scan Report" button before you did hit the "Apply all Actions" button.
Make sure that Set all elements to: shows Quarantine (1), if not click on the link and choose Quarantine from the popup menu. (2)
At the bottom of the window click on the Apply all Actions button. (3)
http://img509.imageshack.us/img509/4851/scanavgjk2.jpg
When done, click the Save Scan Report button. (4)
Click the Save Report as button.
Save the report to your Desktop.
Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
Reboot in Normal Mode.
================
When you're ready, post the following logs to here:
- AVG's report
- a fresh HijackThis log
- contents of C:\Rapport.txt
JenniferS
2006-11-03, 23:22
Phew! Ok done.... This is coming in parts because the AVG file is too long.
1) I didn't remove Dell My Way because when I tried to find the files under the Control Panel Add/Remove Programs list, they were not there.
2) Running the smitfraudfix option 2 resulted in the removal of my desktop background so I guess it wasn't infected.
3) There were a couple of problems with the AVG anti-spyware scan. When I had Set all elements to Quarantine, it still tried to delete the majority of the files and encountered several errors while doing so. I've posted the results for everything below. Also, I noticed that the scan did not list Fake.Wget or Bifrose.La - not sure why.
JenniferS
2006-11-03, 23:24
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 2:02:34 PM 11/3/2006
+ Scan result:
HKU\S-1-5-21-1820492858-3169470672-972284890-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A29A79A-B9C8-44A9-BEDF-7FADDE3CF33F} -> Adware.Generic : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP297\A0087887.dll -> Adware.ProtectionBar : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP297\A0087885.exe -> Adware.VirusBurster : Cleaned with backup (quarantined).
C:\Documents and Settings\Jenny\My Documents\My Videos\AVG Anti-Virus Professional 7.1.909+ key_Gen.zip/Crack.exe -> Backdoor.Agent.aga : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\Microsoft.exe -> Backdoor.Agent.aga : Cleaned with backup (quarantined).
:mozilla.698:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.247realmedia : Error during cleaning.
:mozilla.833:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.247realmedia : Error during cleaning.
:mozilla.871:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.247realmedia : Error during cleaning.
:mozilla.112:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.113:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.114:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.115:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.116:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.117:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.118:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.119:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.120:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.121:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.122:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.123:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.124:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.125:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.126:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.146:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.149:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.150:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.151:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.152:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.153:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.154:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.155:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.156:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.157:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.158:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.159:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.238:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.32:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.33:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.34:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.35:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.36:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.37:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.38:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.39:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.40:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.41:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.14:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Addynamix : Error during cleaning.
:mozilla.109:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Admarketplace : Error during cleaning.
:mozilla.247:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Admarketplace : Error during cleaning.
:mozilla.615:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.696:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.697:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.765:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.806:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.831:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.832:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.869:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.870:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.234:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Adserver : Error during cleaning.
:mozilla.235:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Adserver : Error during cleaning.
:mozilla.236:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Adserver : Error during cleaning.
:mozilla.237:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Adserver : Error during cleaning.
:mozilla.79:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Adserver : Error during cleaning.
:mozilla.79:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Adserver : Error during cleaning.
:mozilla.81:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Adserver : Error during cleaning.
:mozilla.85:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Adserver : Error during cleaning.
:mozilla.86:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Adserver : Error during cleaning.
:mozilla.87:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Adserver : Error during cleaning.
:mozilla.638:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Adtech : Error during cleaning.
:mozilla.639:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Adtech : Error during cleaning.
:mozilla.786:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Adtech : Error during cleaning.
:mozilla.787:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Adtech : Error during cleaning.
:mozilla.827:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Adtech : Error during cleaning.
:mozilla.828:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Adtech : Error during cleaning.
:mozilla.31:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.32:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.33:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.34:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.382:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.383:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.385:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.387:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.392:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.57:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.58:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.59:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.60:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.61:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.62:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.63:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.64:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.65:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.66:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.671:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.672:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.677:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.67:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.68:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.69:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.70:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.71:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.72:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
JenniferS
2006-11-03, 23:26
:mozilla.72:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.73:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.74:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.75:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.76:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.76:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.77:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.77:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.78:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.78:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.79:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.81:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.82:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.83:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.84:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.88:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.89:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.90:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.94:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.97:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.19:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Atdmt : Error during cleaning.
:mozilla.44:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.55:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Atdmt : Error during cleaning.
:mozilla.8:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Atdmt : Error during cleaning.
:mozilla.231:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Bluestreak : Error during cleaning.
:mozilla.91:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Bluestreak : Error during cleaning.
:mozilla.104:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Burstbeacon : Error during cleaning.
:mozilla.105:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Burstbeacon : Error during cleaning.
:mozilla.232:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Burstbeacon : Error during cleaning.
:mozilla.244:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Burstbeacon : Error during cleaning.
:mozilla.103:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Burstnet : Error during cleaning.
:mozilla.243:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Burstnet : Error during cleaning.
:mozilla.617:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Burstnet : Error during cleaning.
:mozilla.213:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.223:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.226:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.228:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.229:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.230:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.231:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.232:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.233:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.45:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.46:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.47:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.54:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.64:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.67:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.684:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.685:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.69:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.70:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.71:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.72:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.73:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.74:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.136:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Centrport : Error during cleaning.
:mozilla.265:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Centrport : Error during cleaning.
:mozilla.90:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.91:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.216:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Com : Error during cleaning.
:mozilla.217:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Com : Error during cleaning.
:mozilla.220:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Com : Error during cleaning.
:mozilla.301:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Com : Error during cleaning.
:mozilla.302:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Com : Error during cleaning.
:mozilla.305:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Com : Error during cleaning.
:mozilla.612:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Com : Error during cleaning.
:mozilla.613:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Com : Error during cleaning.
:mozilla.652:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Com : Error during cleaning.
:mozilla.795:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Com : Error during cleaning.
:mozilla.836:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Com : Error during cleaning.
:mozilla.198:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Comclick : Error during cleaning.
:mozilla.199:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Comclick : Error during cleaning.
:mozilla.200:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Comclick : Error during cleaning.
:mozilla.293:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Comclick : Error during cleaning.
:mozilla.294:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Comclick : Error during cleaning.
:mozilla.295:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Comclick : Error during cleaning.
:mozilla.122:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Coremetrics : Error during cleaning.
:mozilla.171:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Coremetrics : Error during cleaning.
:mozilla.189:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Coremetrics : Error during cleaning.
:mozilla.23:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Coremetrics : Error during cleaning.
:mozilla.313:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Coremetrics : Error during cleaning.
:mozilla.7:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Coremetrics : Error during cleaning.
:mozilla.12:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Doubleclick : Error during cleaning.
:mozilla.14:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Doubleclick : Error during cleaning.
:mozilla.22:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.27:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Doubleclick : Error during cleaning.
:mozilla.314:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning.
:mozilla.378:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning.
:mozilla.584:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning.
:mozilla.663:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning.
:mozilla.713:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning.
:mozilla.741:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning.
:mozilla.782:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning.
:mozilla.806:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning.
:mozilla.843:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning.
:mozilla.846:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning.
:mozilla.86:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning.
:mozilla.881:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning.
:mozilla.214:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Falkag : Error during cleaning.
:mozilla.215:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Falkag : Error during cleaning.
:mozilla.216:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Falkag : Error during cleaning.
:mozilla.217:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Falkag : Error during cleaning.
:mozilla.55:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Falkag : Error during cleaning.
:mozilla.56:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Falkag : Error during cleaning.
:mozilla.57:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Falkag : Error during cleaning.
:mozilla.58:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Falkag : Error during cleaning.
:mozilla.16:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.17:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.19:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.25:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.27:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.28:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.29:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.550:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.551:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.75:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.80:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.83:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.84:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.85:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.96:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.185:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Gamershell : Error during cleaning.
:mozilla.402:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Gamershell : Error during cleaning.
:mozilla.463:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Gamershell : Error during cleaning.
:mozilla.174:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
JenniferS
2006-11-03, 23:30
:mozilla.175:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.176:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.210:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.211:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.212:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.213:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.265:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.298:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.299:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.300:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.339:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.412:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.424:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.433:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.440:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.493:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.607:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.612:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.652:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.657:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.666:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.709:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.678:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Hitslink : Error during cleaning.
:mozilla.679:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Hitslink : Error during cleaning.
:mozilla.680:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Hitslink : Error during cleaning.
:mozilla.681:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Hitslink : Error during cleaning.
:mozilla.816:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Hitslink : Error during cleaning.
:mozilla.817:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Hitslink : Error during cleaning.
:mozilla.818:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Hitslink : Error during cleaning.
:mozilla.819:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Hitslink : Error during cleaning.
:mozilla.856:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Hitslink : Error during cleaning.
:mozilla.857:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Hitslink : Error during cleaning.
:mozilla.858:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Hitslink : Error during cleaning.
:mozilla.859:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Hitslink : Error during cleaning.
:mozilla.415:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Ivwbox : Error during cleaning.
:mozilla.599:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Ivwbox : Error during cleaning.
:mozilla.644:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Ivwbox : Error during cleaning.
:mozilla.413:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Linksynergy : Error during cleaning.
:mozilla.414:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Linksynergy : Error during cleaning.
:mozilla.597:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Linksynergy : Error during cleaning.
:mozilla.598:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Linksynergy : Error during cleaning.
:mozilla.642:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Linksynergy : Error during cleaning.
:mozilla.643:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Linksynergy : Error during cleaning.
:mozilla.102:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Liveperson : Error during cleaning.
:mozilla.108:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Liveperson : Error during cleaning.
:mozilla.701:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Liveperson : Error during cleaning.
:mozilla.836:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Liveperson : Error during cleaning.
:mozilla.874:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Liveperson : Error during cleaning.
:mozilla.13:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Mediaplex : Error during cleaning.
:mozilla.17:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Mediaplex : Error during cleaning.
:mozilla.84:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.90:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Mediaplex : Error during cleaning.
:mozilla.133:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Overture : Error during cleaning.
:mozilla.134:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Overture : Error during cleaning.
:mozilla.514:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Overture : Error during cleaning.
:mozilla.686:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Overture : Error during cleaning.
:mozilla.92:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.124:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.125:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.126:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.127:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.256:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.257:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.258:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.259:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.709:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.710:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.711:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.712:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.230:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Questionmarket : Error during cleaning.
:mozilla.56:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Questionmarket : Error during cleaning.
:mozilla.197:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Revenue : Error during cleaning.
:mozilla.87:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Revenue : Error during cleaning.
:mozilla.177:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Ru4 : Error during cleaning.
:mozilla.178:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Ru4 : Error during cleaning.
:mozilla.296:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.297:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.298:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.299:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.360:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.361:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.362:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.363:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.53:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.54:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.55:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.56:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.79:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.80:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.81:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.82:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.83:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.121:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Sitestat : Error during cleaning.
:mozilla.255:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Sitestat : Error during cleaning.
:mozilla.214:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.215:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.93:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.94:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.95:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.96:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.330:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Spylog : Error during cleaning.
:mozilla.39:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Spylog : Error during cleaning.
:mozilla.529:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Spylog : Error during cleaning.
:mozilla.332:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Starware : Error during cleaning.
:mozilla.333:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Starware : Error during cleaning.
:mozilla.259:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.260:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.305:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
JenniferS
2006-11-03, 23:30
:mozilla.333:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.334:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.238:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.239:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.240:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.241:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.91:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.92:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.93:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.95:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.111:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Tribalfusion : Error during cleaning.
:mozilla.112:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Tribalfusion : Error during cleaning.
:mozilla.309:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Tribalfusion : Error during cleaning.
:mozilla.48:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.49:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.80:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Tribalfusion : Error during cleaning.
:mozilla.81:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Tribalfusion : Error during cleaning.
:mozilla.82:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Tribalfusion : Error during cleaning.
:mozilla.277:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Valueclick : Error during cleaning.
:mozilla.283:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Valueclick : Error during cleaning.
:mozilla.483:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Valueclick : Error during cleaning.
:mozilla.489:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Valueclick : Error during cleaning.
:mozilla.541:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Valueclick : Error during cleaning.
:mozilla.547:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Valueclick : Error during cleaning.
:mozilla.181:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Web-stat : Error during cleaning.
:mozilla.184:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Web-stat : Error during cleaning.
:mozilla.284:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Web-stat : Error during cleaning.
:mozilla.285:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Web-stat : Error during cleaning.
:mozilla.320:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Web-stat : Error during cleaning.
:mozilla.321:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Web-stat : Error during cleaning.
:mozilla.384:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Web-stat : Error during cleaning.
:mozilla.385:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Web-stat : Error during cleaning.
:mozilla.94:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Web-stat : Error during cleaning.
:mozilla.95:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Web-stat : Error during cleaning.
:mozilla.109:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.12:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.13:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.191:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.192:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.193:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.194:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.195:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.196:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.197:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.198:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.199:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.286:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.31:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.32:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.33:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.34:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.350:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.354:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.35:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.360:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.369:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.36:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.374:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.375:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.379:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.37:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.381:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.384:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.386:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.38:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.39:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.405:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.550:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.555:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.564:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.568:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.569:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.572:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.574:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.590:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.601:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.605:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.609:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.613:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.614:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.617:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.619:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.635:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.643:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.644:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.649:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.656:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.657:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.658:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.791:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.792:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.799:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.800:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.801:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.832:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.833:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.840:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.841:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.304:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Yadro : Error during cleaning.
:mozilla.305:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Yadro : Error during cleaning.
:mozilla.368:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Yadro : Error during cleaning.
:mozilla.369:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Yadro : Error during cleaning.
:mozilla.63:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Yadro : Error during cleaning.
:mozilla.64:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Yadro : Error during cleaning.
:mozilla.218:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.219:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.220:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.221:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.38:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.39:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.40:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.41:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.42:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.43:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\nwkptpm7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.59:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.60:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.61:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.62:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.252:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Zedo : Error during cleaning.
:mozilla.253:C:\Program Files\support.com\backup\Co\cookies.txt\84544_5bedf810a_/cookies.txt -> TrackingCookie.Zedo : Error during cleaning.
:mozilla.326:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Zedo : Error during cleaning.
:mozilla.327:C:\Program Files\support.com\backup\Co\cookies.txt\88747_5854831aa_/cookies.txt -> TrackingCookie.Zedo : Error during cleaning.
:mozilla.77:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Zedo : Error during cleaning.
:mozilla.78:C:\Program Files\support.com\backup\Co\cookies.txt\70054_52f5879e6_/cookies.txt -> TrackingCookie.Zedo : Error during cleaning.
::Report end
Hi again :)
One or more of the identified infections is a backdoor trojan. This allows hackers to remotely control your computer, steal critical system information and Download and Execute files. If this system is used for online banking or has credit card information on it, all passwords should be changed immediately by using a different computer (not the infected one!) to make the changes. Banking and credit card institutions, if any, should be notified of the possible security breech. I suggest that you read this (http://www.dslreports.com/faq/10451) article too.
Then this:
C:\Documents and Settings\Jenny\My Documents\My Videos\AVG Anti-Virus Professional 7.1.909+ key_Gen.zip/Crack.exe -> Backdoor.Agent.aga : Cleaned with backup (quarantined).
It is illegal to use pirated software and as you can see, it gets you infected.
Then, please do the following...
To generate a HijackThis Startup list:
1. Open HijackThis by double-clicking the desktop shortcut or HijackThis.exe
2. Click on "Open the Misc Tools Section"
3. Make sure that both boxes to the right of "Generate StartupList Log" are checked:
* List also minor sections (Full)
* List empty sections (Complete)
4. Click "Generate StartupListLog"
5. Click "Yes" at the prompt.
6. A Notepad window will open with the contents of the HijackThis Startup list displayed
7. Copy & Paste that log to here
JenniferS
2006-11-05, 00:10
Thanks for your help. I actually downloaded the pirated AVG software in the middle of my computer being attacked by trojans. It was an attempt to clean my system because my normal software was not working and any online free software refused to function with my infections. Guess it just added to them. When can I access my financial account information on this computer? I actually don't have another computer so I would have to go to the library to do this.
Here are the results:
StartupList report, 11/4/2006, 3:06:30 PM
StartupList version: 1.52.2
Started from : C:\Program Files\HijackThis\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
c:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis\HijackThis.exe
--------------------------------------------------
Listing of startup folders:
Shell folders Startup:
[C:\Documents and Settings\Jenny\Start Menu\Programs\Startup]
*No files*
Shell folders AltStartup:
*Folder not found*
User shell folders Startup:
*Folder not found*
User shell folders AltStartup:
*Folder not found*
Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Shell folders Common AltStartup:
*Folder not found*
User shell folders Common Startup:
*Folder not found*
User shell folders Alternate Common Startup:
*Folder not found*
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*
[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz = nwiz.exe /installquiet
BCMSMMSG = BCMSMMSG.exe
SynTPLpr = C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
dla = C:\WINDOWS\system32\dla\tfswctrl.exe
Dell QuickSet = C:\Program Files\Dell\QuickSet\quickset.exe
PCMService = "C:\Program Files\Dell\Media Experience\PCMService.exe"
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
MSMSGS = "C:\Program Files\Messenger\MSMSGS.EXE" /background
googletalk = "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
DellSupport = "C:\Program Files\Dell Support\DSAgnt.exe" /startup
swg = C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
LDM = \Program\BackWeb-8876480.exe
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
[OptionalComponents]
*No values found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
--------------------------------------------------
File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command
(Default) = "%1" %*
--------------------------------------------------
File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command
(Default) = "%1" %*
--------------------------------------------------
File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command
(Default) = "%1" %*
--------------------------------------------------
File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command
(Default) = "%1" %*
--------------------------------------------------
File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command
(Default) = "%1" /S
--------------------------------------------------
File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command
(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1
--------------------------------------------------
Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)
[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP
[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
[{4b218e3e-bc98-4770-93d3-2731b9329278}] *
StubPath = %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
[{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub
[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll
[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = %SystemRoot%\system32\ie4uinit.exe
[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install
[{9B71D88C-C598-4935-C5D1-43AA4DB90836}] *
StubPath = C:\WINDOWS\system32\Microsoft.exe s
--------------------------------------------------
Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps
*Registry key not found*
--------------------------------------------------
Load/Run keys from C:\WINDOWS\WIN.INI:
load=*INI section not found*
run=*INI section not found*
Load/Run keys from Registry:
HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=
--------------------------------------------------
Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\NIKONS~4.SCR
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Checking for EXPLORER.EXE instances:
C:\WINDOWS\Explorer.exe: PRESENT!
C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present
--------------------------------------------------
Checking for superhidden extensions:
.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden
--------------------------------------------------
JenniferS
2006-11-05, 00:12
Verifying REGEDIT.EXE integrity:
- Regedit.exe found in C:\WINDOWS
- .reg open command is normal (regedit.exe %1)
- Company name OK: 'Microsoft Corporation'
- Original filename OK: 'REGEDIT.EXE'
- File description: 'Registry Editor'
Registry check passed
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - C:\WINDOWS\system32\dla\tfswshx.dll - {5CA3D70E-1895-11CF-8E15-001234567890}
(no name) - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
(no name) - c:\program files\google\googletoolbar1.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
--------------------------------------------------
Enumerating Task Scheduler jobs:
AppleSoftwareUpdate.job
ISP signup reminder 1.job
--------------------------------------------------
Enumerating Download Program Files:
[Checkers Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\msgrchkr.dll
CODEBASE = http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
[Java Plug-in]
InProcServer32 = C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
[MessengerStatsClient Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll
CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
[ZoneAxRcMgr Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\ZAxRcMgr.ocx
CODEBASE = http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
[{9F1C11AA-197B-4942-BA54-47A8489BB47F}]
CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38140.6694675926
[Java Plug-in]
InProcServer32 = C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
[Java Plug-in 1.5.0_06]
InProcServer32 = C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
--------------------------------------------------
Enumerating Winsock LSP files:
NameSpace #1: C:\WINDOWS\System32\mswsock.dll
NameSpace #2: C:\WINDOWS\System32\winrnr.dll
NameSpace #3: C:\WINDOWS\System32\mswsock.dll
Protocol #1: C:\WINDOWS\system32\mswsock.dll
Protocol #2: C:\WINDOWS\system32\mswsock.dll
Protocol #3: C:\WINDOWS\system32\mswsock.dll
Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
Protocol #6: C:\WINDOWS\system32\mswsock.dll
Protocol #7: C:\WINDOWS\system32\mswsock.dll
Protocol #8: C:\WINDOWS\system32\mswsock.dll
Protocol #9: C:\WINDOWS\system32\mswsock.dll
Protocol #10: C:\WINDOWS\system32\mswsock.dll
Protocol #11: C:\WINDOWS\system32\mswsock.dll
Protocol #12: C:\WINDOWS\system32\mswsock.dll
Protocol #13: C:\WINDOWS\system32\mswsock.dll
Protocol #14: C:\WINDOWS\system32\mswsock.dll
Protocol #15: C:\WINDOWS\system32\mswsock.dll
Protocol #16: C:\WINDOWS\system32\mswsock.dll
Protocol #17: C:\WINDOWS\system32\mswsock.dll
Protocol #18: C:\WINDOWS\system32\mswsock.dll
Protocol #19: C:\WINDOWS\system32\mswsock.dll
--------------------------------------------------
Enumerating Windows NT/2000/XP services
abp480n5: \SystemRoot\System32\DRIVERS\ABP480N5.SYS (disabled)
Microsoft ACPI Driver: System32\DRIVERS\ACPI.sys (system)
adpu160m: \SystemRoot\System32\DRIVERS\adpu160m.sys (disabled)
ADSFilter - (Aluria Filter Driver): system32\DRIVERS\ADSFilter.sys (manual start)
Microsoft Kernel Acoustic Echo Canceller: system32\drivers\aec.sys (manual start)
AFD Networking Support Environment: \SystemRoot\System32\drivers\afd.sys (system)
Intel AGP Bus Filter: System32\DRIVERS\agp440.sys (system)
Compaq AGP Bus Filter: \SystemRoot\System32\DRIVERS\agpCPQ.sys (disabled)
Aha154x: \SystemRoot\System32\DRIVERS\aha154x.sys (disabled)
aic78u2: \SystemRoot\System32\DRIVERS\aic78u2.sys (disabled)
aic78xx: \SystemRoot\System32\DRIVERS\aic78xx.sys (disabled)
Alerter: %SystemRoot%\System32\svchost.exe -k LocalService (disabled)
Application Layer Gateway Service: %SystemRoot%\System32\alg.exe (manual start)
AliIde: \SystemRoot\System32\DRIVERS\aliide.sys (disabled)
ALI AGP Bus Filter: \SystemRoot\System32\DRIVERS\alim1541.sys (disabled)
AMD AGP Bus Filter Driver: \SystemRoot\System32\DRIVERS\amdagp.sys (disabled)
amsint: \SystemRoot\System32\DRIVERS\amsint.sys (disabled)
Application Management: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
1394 ARP Client Protocol: System32\DRIVERS\arp1394.sys (manual start)
asc: \SystemRoot\System32\DRIVERS\asc.sys (disabled)
asc3350p: \SystemRoot\System32\DRIVERS\asc3350p.sys (disabled)
asc3550: \SystemRoot\System32\DRIVERS\asc3550.sys (disabled)
ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (manual start)
RAS Asynchronous Media Driver: System32\DRIVERS\asyncmac.sys (manual start)
Standard IDE/ESDI Hard Disk Controller: System32\DRIVERS\atapi.sys (system)
ATM ARP Client Protocol: System32\DRIVERS\atmarpc.sys (manual start)
Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Audio Stub Driver: System32\DRIVERS\audstub.sys (manual start)
AVG Anti-Spyware Driver: \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys (system)
AVG Anti-Spyware Guard: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (autostart)
AVG Anti-Spyware Clean Driver: System32\DRIVERS\AvgAsCln.sys (system)
BASFND: \??\C:\WINDOWS\system32\Drivers\BASFND.sys (autostart)
Dell Wireless WLAN Card Driver: System32\DRIVERS\bcmwl5.sys (manual start)
Broadcom 440x 10/100 Integrated Controller XP Driver: System32\DRIVERS\bcm4sbxp.sys (manual start)
BCM V.92 56K Modem: System32\DRIVERS\BCMSM.sys (manual start)
Background Intelligent Transfer Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Computer Browser: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
cbidf: \SystemRoot\System32\DRIVERS\cbidf2k.sys (disabled)
Closed Caption Decoder: system32\DRIVERS\CCDECODE.sys (manual start)
cd20xrnt: \SystemRoot\System32\DRIVERS\cd20xrnt.sys (disabled)
CD-ROM Driver: System32\DRIVERS\cdrom.sys (system)
Indexing Service: %SystemRoot%\system32\cisvc.exe (manual start)
ClipBook: %SystemRoot%\system32\clipsrv.exe (disabled)
Microsoft ACPI Control Method Battery Driver: System32\DRIVERS\CmBatt.sys (manual start)
CmdIde: \SystemRoot\System32\DRIVERS\cmdide.sys (disabled)
Microsoft Composite Battery Driver: System32\DRIVERS\compbatt.sys (system)
COM+ System Application: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
Cpqarray: \SystemRoot\System32\DRIVERS\cpqarray.sys (disabled)
Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Cisco Systems VPN Adapter: system32\DRIVERS\CVirtA.sys (manual start)
dac2w2k: \SystemRoot\System32\DRIVERS\dac2w2k.sys (disabled)
dac960nt: \SystemRoot\System32\DRIVERS\dac960nt.sys (disabled)
DCOM Server Process Launcher: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
DHCP Client: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Disk Driver: System32\DRIVERS\disk.sys (system)
Diskeeper: C:\Program Files\Executive Software\Diskeeper\DkService.exe (autostart)
Logical Disk Manager Administrative Service: %SystemRoot%\System32\dmadmin.exe /com (manual start)
dmboot: System32\drivers\dmboot.sys (disabled)
Logical Disk Manager Driver: System32\drivers\dmio.sys (system)
dmload: System32\drivers\dmload.sys (system)
Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Microsoft Kernel DLS Syntheiszer: system32\drivers\DMusic.sys (manual start)
DNS Client: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
dpti2o: \SystemRoot\System32\DRIVERS\dpti2o.sys (disabled)
Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start)
drvmcdb: system32\drivers\drvmcdb.sys (system)
drvnddm: system32\drivers\drvnddm.sys (autostart)
3Com EtherLink XL 90XB/C Adapter Driver: System32\DRIVERS\el90xbc5.sys (manual start)
Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Event Log: %SystemRoot%\system32\services.exe (autostart)
COM+ Event System: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start)
Fast User Switching Compatibility: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Floppy Disk Controller Driver: System32\DRIVERS\fdc.sys (manual start)
Floppy Disk Driver: System32\DRIVERS\flpydisk.sys (manual start)
FltMgr: system32\drivers\fltmgr.sys (system)
Volume Manager Driver: System32\DRIVERS\ftdisk.sys (system)
GEAR CDRom Filter: SYSTEM32\DRIVERS\GEARAspiWDM.sys (manual start)
Generic Packet Classifier: System32\DRIVERS\msgpc.sys (manual start)
Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Microsoft HID Class Driver: System32\DRIVERS\hidusb.sys (manual start)
hpn: \SystemRoot\System32\DRIVERS\hpn.sys (disabled)
IEEE-1284.4 Driver HPZid412: system32\DRIVERS\HPZid412.sys (manual start)
Print Class Driver for IEEE-1284.4 HPZipr12: system32\DRIVERS\HPZipr12.sys (manual start)
USB to IEEE-1284.4 Translation Driver HPZius12: system32\DRIVERS\HPZius12.sys (manual start)
HTTP: System32\Drivers\HTTP.sys (manual start)
HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start)
i2omp: \SystemRoot\System32\DRIVERS\i2omp.sys (disabled)
i8042 Keyboard and PS/2 Mouse Port Driver: System32\DRIVERS\i8042prt.sys (system)
i81x: System32\DRIVERS\i81xnt5.sys (manual start)
iAimFP0: System32\DRIVERS\wADV01nt.sys (manual start)
iAimFP1: System32\DRIVERS\wADV02NT.sys (manual start)
iAimFP2: System32\DRIVERS\wADV05NT.sys (manual start)
iAimFP3: System32\DRIVERS\wSiINTxx.sys (manual start)
iAimFP4: System32\DRIVERS\wVchNTxx.sys (manual start)
iAimTV0: System32\DRIVERS\wATV01nt.sys (manual start)
iAimTV1: System32\DRIVERS\wATV02NT.sys (manual start)
iAimTV2: System32\DRIVERS\wATV03nt.sys (manual start)
iAimTV3: System32\DRIVERS\wATV04nt.sys (manual start)
iAimTV4: System32\DRIVERS\wCh7xxNT.sys (manual start)
InstallDriver Table Manager: "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" (manual start)
CD-Burning Filter Driver: System32\DRIVERS\imapi.sys (system)
IMAPI CD-Burning COM Service: C:\WINDOWS\System32\imapi.exe (manual start)
ini910u: \SystemRoot\System32\DRIVERS\ini910u.sys (disabled)
IntelIde: System32\DRIVERS\intelide.sys (system)
Intel Processor Driver: System32\DRIVERS\intelppm.sys (system)
IPv6 Windows Firewall Driver: system32\drivers\ip6fw.sys (manual start)
IP Traffic Filter Driver: System32\DRIVERS\ipfltdrv.sys (manual start)
IP in IP Tunnel Driver: System32\DRIVERS\ipinip.sys (manual start)
IP Network Address Translator: System32\DRIVERS\ipnat.sys (manual start)
iPod Service: "C:\Program Files\iPod\bin\iPodService.exe" (manual start)
IPSEC driver: System32\DRIVERS\ipsec.sys (system)
IR Enumerator Service: System32\DRIVERS\irenum.sys (manual start)
PnP ISA/EISA Bus Driver: System32\DRIVERS\isapnp.sys (system)
Keyboard Class Driver: System32\DRIVERS\kbdclass.sys (system)
Keyboard HID Driver: system32\DRIVERS\kbdhid.sys (system)
Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start)
Server: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Workstation: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
TCP/IP NetBIOS Helper: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
JenniferS
2006-11-05, 00:12
AEGIS Protocol (IEEE 802.1x) v2.3.1.7: System32\DRIVERS\mdc8021x.sys (autostart)
Machine Debug Manager: "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE" (autostart)
Messenger: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
NetMeeting Remote Desktop Sharing: C:\WINDOWS\System32\mnmsrvc.exe (manual start)
Mouse Class Driver: System32\DRIVERS\mouclass.sys (system)
Mouse HID Driver: System32\DRIVERS\mouhid.sys (manual start)
mraid35x: \SystemRoot\System32\DRIVERS\mraid35x.sys (disabled)
WebDav Client Redirector: System32\DRIVERS\mrxdav.sys (manual start)
MRXSMB: System32\DRIVERS\mrxsmb.sys (system)
Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start)
Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start)
Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start)
Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
Microsoft System Management BIOS Driver: System32\DRIVERS\mssmbios.sys (manual start)
Microsoft Streaming Tee/Sink-to-Sink Converter: system32\drivers\MSTEE.sys (manual start)
NABTS/FEC VBI Codec: system32\DRIVERS\NABTSFEC.sys (manual start)
Microsoft TV/Video Connection: system32\DRIVERS\NdisIP.sys (manual start)
Remote Access NDIS TAPI Driver: System32\DRIVERS\ndistapi.sys (manual start)
NDIS Usermode I/O Protocol: System32\DRIVERS\ndisuio.sys (manual start)
Remote Access NDIS WAN Driver: System32\DRIVERS\ndiswan.sys (manual start)
NetBIOS Interface: System32\DRIVERS\netbios.sys (system)
NetBios over Tcpip: System32\DRIVERS\netbt.sys (system)
Network DDE: %SystemRoot%\system32\netdde.exe (disabled)
Network DDE DSDM: %SystemRoot%\system32\netdde.exe (disabled)
Net Logon: %SystemRoot%\System32\lsass.exe (manual start)
Network Connections: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
1394 Net Driver: System32\DRIVERS\nic1394.sys (manual start)
Network Location Awareness (NLA): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
NT LM Security Support Provider: %SystemRoot%\System32\lsass.exe (manual start)
Removable Storage: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
nv: System32\DRIVERS\nv4_mini.sys (manual start)
NVIDIA NDIS IO Control Driver: \??\C:\WINDOWS\system32\Drivers\NvNdis.sys (autostart)
NVIDIA Display Driver Service: %SystemRoot%\system32\nvsvc32.exe (autostart)
IPX Traffic Filter Driver: System32\DRIVERS\nwlnkflt.sys (manual start)
IPX Traffic Forwarder Driver: System32\DRIVERS\nwlnkfwd.sys (manual start)
Texas Instruments OHCI Compliant IEEE 1394 Host Controller: System32\DRIVERS\ohci1394.sys (system)
OMCI WDM Device Driver: System32\DRIVERS\omci.sys (system)
Office Source Engine: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (manual start)
Intel PentiumIII Processor Driver: System32\DRIVERS\p3.sys (system)
Parallel port driver: System32\DRIVERS\parport.sys (manual start)
PCI Bus Driver: System32\DRIVERS\pci.sys (system)
PCIIde: System32\DRIVERS\pciide.sys (system)
Pcmcia: System32\DRIVERS\pcmcia.sys (system)
perc2: \SystemRoot\System32\DRIVERS\perc2.sys (disabled)
perc2hib: \SystemRoot\System32\DRIVERS\perc2hib.sys (disabled)
Padus ASPI Shell: system32\drivers\pfc.sys (manual start)
Plug and Play: %SystemRoot%\system32\services.exe (autostart)
Pml Driver HPZ12: C:\WINDOWS\system32\HPZipm12.exe (manual start)
IPSEC Services: %SystemRoot%\System32\lsass.exe (autostart)
WAN Miniport (PPTP): System32\DRIVERS\raspptp.sys (manual start)
Processor Driver: System32\DRIVERS\processr.sys (system)
Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
QoS Packet Scheduler: System32\DRIVERS\psched.sys (manual start)
Direct Parallel Link Driver: System32\DRIVERS\ptilink.sys (manual start)
PxHelp20: System32\Drivers\PxHelp20.sys (system)
Logitech QuickCam Communicate: system32\DRIVERS\LVCM.sys (manual start)
ql1080: \SystemRoot\System32\DRIVERS\ql1080.sys (disabled)
Ql10wnt: \SystemRoot\System32\DRIVERS\ql10wnt.sys (disabled)
ql12160: \SystemRoot\System32\DRIVERS\ql12160.sys (disabled)
ql1240: \SystemRoot\System32\DRIVERS\ql1240.sys (disabled)
ql1280: \SystemRoot\System32\DRIVERS\ql1280.sys (disabled)
Remote Access Auto Connection Driver: System32\DRIVERS\rasacd.sys (system)
Remote Access Auto Connection Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
WAN Miniport (L2TP): System32\DRIVERS\rasl2tp.sys (manual start)
Remote Access Connection Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Remote Access PPPOE Driver: System32\DRIVERS\raspppoe.sys (manual start)
Direct Parallel: System32\DRIVERS\raspti.sys (manual start)
Rdbss: System32\DRIVERS\rdbss.sys (system)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Terminal Server Device Redirector Driver: System32\DRIVERS\rdpdr.sys (manual start)
Remote Desktop Help Session Manager: C:\WINDOWS\system32\sessmgr.exe (manual start)
Digital CD Audio Playback Filter Driver: System32\DRIVERS\redbook.sys (system)
Routing and Remote Access: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Remote Registry: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Remote Procedure Call (RPC) Locator: %SystemRoot%\System32\locator.exe (manual start)
Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start)
Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
Smart Card: %SystemRoot%\System32\SCardSvr.exe (manual start)
Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Secdrv: System32\DRIVERS\secdrv.sys (manual start)
Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Serenum Filter Driver: System32\DRIVERS\serenum.sys (manual start)
Serial port driver: System32\DRIVERS\serial.sys (system)
Windows Firewall/Internet Connection Sharing (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
SIS AGP Bus Filter: \SystemRoot\System32\DRIVERS\sisagp.sys (disabled)
BDA Slip De-Framer: system32\DRIVERS\SLIP.sys (manual start)
Sparrow: \SystemRoot\System32\DRIVERS\sparrow.sys (disabled)
Microsoft Kernel Audio Splitter: system32\drivers\splitter.sys (manual start)
Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
System Restore Filter Driver: System32\DRIVERS\sr.sys (system)
System Restore Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Srv: System32\DRIVERS\srv.sys (manual start)
sscdbhk5: system32\drivers\sscdbhk5.sys (system)
SSDP Discovery Service: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
ssrtln: system32\drivers\ssrtln.sys (system)
Audio Driver (WDM) - SigmaTel CODEC: system32\drivers\STAC97.sys (manual start)
Windows Image Acquisition (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart)
BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start)
Software Bus Driver: System32\DRIVERS\swenum.sys (manual start)
Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start)
MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{261FF5D6-55B3-4D28-8348-7DBC93E219F0} (manual start)
symc810: \SystemRoot\System32\DRIVERS\symc810.sys (disabled)
symc8xx: \SystemRoot\System32\DRIVERS\symc8xx.sys (disabled)
sym_hi: \SystemRoot\System32\DRIVERS\sym_hi.sys (disabled)
sym_u3: \SystemRoot\System32\DRIVERS\sym_u3.sys (disabled)
Synaptics TouchPad Driver: System32\DRIVERS\SynTP.sys (manual start)
Microsoft Kernel System Audio Device: system32\drivers\sysaudio.sys (manual start)
Performance Logs and Alerts: %SystemRoot%\system32\smlogsvc.exe (manual start)
Telephony: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
TCP/IP Protocol Driver: System32\DRIVERS\tcpip.sys (system)
Terminal Device Driver: System32\DRIVERS\termdd.sys (system)
Terminal Services: %SystemRoot%\System32\svchost -k DComLaunch (manual start)
tfsnboio: system32\dla\tfsnboio.sys (autostart)
tfsncofs: system32\dla\tfsncofs.sys (autostart)
tfsndrct: system32\dla\tfsndrct.sys (autostart)
tfsndres: system32\dla\tfsndres.sys (autostart)
tfsnifs: system32\dla\tfsnifs.sys (autostart)
tfsnopio: system32\dla\tfsnopio.sys (autostart)
tfsnpool: system32\dla\tfsnpool.sys (autostart)
tfsnudf: system32\dla\tfsnudf.sys (autostart)
tfsnudfa: system32\dla\tfsnudfa.sys (autostart)
Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Telnet: C:\WINDOWS\System32\tlntsvr.exe (disabled)
tmcomm: \??\C:\WINDOWS\system32\drivers\tmcomm.sys (autostart)
TosIde: \SystemRoot\System32\DRIVERS\toside.sys (disabled)
Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
ultra: \SystemRoot\System32\DRIVERS\ultra.sys (disabled)
Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (autostart)
Microcode Update Driver: System32\DRIVERS\update.sys (manual start)
Universal Plug and Play Device Host: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start)
USB Audio Driver (WDM): system32\drivers\usbaudio.sys (manual start)
Microsoft USB Generic Parent Driver: System32\DRIVERS\usbccgp.sys (manual start)
Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: System32\DRIVERS\usbehci.sys (manual start)
USB2 Enabled Hub: System32\DRIVERS\usbhub.sys (manual start)
Microsoft USB PRINTER Class: System32\DRIVERS\usbprint.sys (manual start)
USB Scanner Driver: System32\DRIVERS\usbscan.sys (manual start)
USB Mass Storage Driver: System32\DRIVERS\USBSTOR.SYS (manual start)
Microsoft USB Universal Host Controller Miniport Driver: System32\DRIVERS\usbuhci.sys (manual start)
USB Remote NDIS Network Device Driver: System32\DRIVERS\usb8023.sys (manual start)
SecuROM User Access Service (V7): C:\WINDOWS\system32\UAService7.exe (autostart)
VGA Display Controller.: \SystemRoot\System32\drivers\vga.sys (system)
VIA AGP Bus Filter: \SystemRoot\System32\DRIVERS\viaagp.sys (disabled)
ViaIde: \SystemRoot\System32\DRIVERS\viaide.sys (disabled)
vsdatant: \??\C:\WINDOWS\system32\vsdatant.sys (manual start)
Volume Shadow Copy: %SystemRoot%\System32\vssvc.exe (manual start)
Windows Time: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Remote Access IP ARP Driver: System32\DRIVERS\wanarp.sys (manual start)
WAN Miniport (ATW): System32\DRIVERS\wanatw4.sys (manual start)
Microsoft WINMM WDM Audio Compatibility Driver: system32\drivers\wdmaud.sys (manual start)
WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
WLTRYSVC: %SystemRoot%\System32\WLTRYSVC.EXE %SystemRoot%\System32\bcmwltry.exe (autostart)
Portable Media Serial Number Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Windows Management Instrumentation Driver Extensions: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
WMI Performance Adapter: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start)
Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
World Standard Teletext Codec: system32\DRIVERS\WSTCODEC.SYS (manual start)
Automatic Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Network Provisioning Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
--------------------------------------------------
Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*
Windows NT checkdisk command:
BootExecute = autocheck autochk *
Windows NT 'Wininit.ini':
PendingFileRenameOperations: *Registry value not found*
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
*No values found*
--------------------------------------------------
End of report, 40,589 bytes
Report generated in 0.331 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
Hi again, it is looking quite good now :)
Open Notepad (NOT WORDPAD!) and copy the following lines from the quote box below into a new document, leaving a blank line at the end. (don't forget to copy and paste the word REGEDIT4) :
REGEDIT4
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{9B71D88C-C598-4935-C5D1-43AA4DB90836}]
Make sure there are NO blank lines before REGEDIT4
Make sure there IS one blank line at the end of the file.
Save the document to your desktop as Fix.reg and filetype: All Files
Go to your desktop and double click on the file to run Fix.reg and when it asks you if you want to merge the contents to the registry, click yes/ok.
Then you seem to have removed the AVG Antivirus. Now we need to get you protected.
You don't seem to a firewall (http://forum.malwareremoval.com/viewtopic.php?p=56#56) running, you must install one firewall.
NOTE: If you're using Windows XP firewall, I recommend that you install a better firewall. Windows firewall doesn't really provide enough protection.
Disable Windows firewall after installing a new firewall.
These are good (free) firewalls: Sunbelt-Kerio (http://www.sunbelt-software.com/Kerio.cfm)
ZoneAlarm (http://www.zonelabs.com/)
Sygate (http://http://www.majorgeeks.com/download.php?det=3356)
Outpost (http://www.majorgeeks.com/download.php?det=1056)
You don't have an antivirus (http://forum.malwareremoval.com/viewtopic.php?p=53#53) on your computer, you must install one antivirus. Otherwise you'll get infected again.
These are good (free) antiviruses: AVG (http://free.grisoft.com)
Antivir (http://www.free-av.com)
Avast (http://www.avast.com)
Then we'll run a one more scanner just in case:
Please do an online scan with Kaspersky WebScanner (http://www.kaspersky.com/virusscanner)
Click on Kaspersky Online Scanner
You will be promted to install an ActiveX component from Kaspersky, Click Yes.
The program will launch and then begin downloading the latest definition files:
Once the files have been downloaded click on NEXT
Now click on Scan Settings
In the scan settings make that the following are selected:
Scan using the following Anti-Virus database:
Extended (if available otherwise Standard)
Scan Options:
Scan Archives
Scan Mail Bases
Click OK
Now under select a target to scan:Select My Computer
This will program will start and scan your system.
The scan will take a while so be patient and let it run.
Once the scan is complete it will display if your system has been infected.
Now click on the Save as Text button:
Save the file to your desktop.
Copy and paste that information in your next post along with a fresh HijackThis log
JenniferS
2006-11-07, 02:24
Ok well Spybot and AVG antispyware scans do not show any infections but when I ran Kasperski I found some....Here is the report.
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Monday, November 06, 2006 5:20:08 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 6/11/2006
Kaspersky Anti-Virus database records: 238677
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
C:\
D:\
Scan Statistics:
Total number of scanned objects: 79990
Number of viruses found: 2
Number of infected objects: 3 / 0
Number of suspicious objects: 0
Duration of the scan process: 02:03:32
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Avg7\Log\emc.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Support.com\profiles\Jenny\triggers.log Object is locked skipped
C:\Documents and Settings\Jenny\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\DSAgnt.log Object is locked skipped
C:\Documents and Settings\Jenny\Application Data\Mozilla\Firefox\Profiles\nit9c9ah.default\cert8.db Object is locked skipped
C:\Documents and Settings\Jenny\Application Data\Mozilla\Firefox\Profiles\nit9c9ah.default\history.dat Object is locked skipped
C:\Documents and Settings\Jenny\Application Data\Mozilla\Firefox\Profiles\nit9c9ah.default\key3.db Object is locked skipped
C:\Documents and Settings\Jenny\Application Data\Mozilla\Firefox\Profiles\nit9c9ah.default\parent.lock Object is locked skipped
C:\Documents and Settings\Jenny\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Jenny\Local Settings\Application Data\ApplicationHistory\NotifyAlert.exe.83a8f8c0.ini.inuse Object is locked skipped
C:\Documents and Settings\Jenny\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Jenny\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Jenny\Local Settings\Application Data\Mozilla\Firefox\Profiles\nit9c9ah.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Jenny\Local Settings\Application Data\Mozilla\Firefox\Profiles\nit9c9ah.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Jenny\Local Settings\Application Data\Mozilla\Firefox\Profiles\nit9c9ah.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Jenny\Local Settings\Application Data\Mozilla\Firefox\Profiles\nit9c9ah.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Jenny\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\Jenny\Local Settings\Temp\Perflib_Perfdata_374.dat Object is locked skipped
C:\Documents and Settings\Jenny\Local Settings\Temp\Perflib_Perfdata_56c.dat Object is locked skipped
C:\Documents and Settings\Jenny\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Jenny\ntuser.dat Object is locked skipped
C:\Documents and Settings\Jenny\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\HP\hpcoretech\hpcmerr.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log.idx Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log Object is locked skipped
C:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log.idx Object is locked skipped
C:\RECYCLER\S-1-5-21-1820492858-3169470672-972284890-1008\Dc41\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP283\A0084863.dll Infected: not-a-virus:AdTool.Win32.WhenU.i skipped
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP283\A0084864.exe Infected: not-a-virus:AdTool.Win32.WhenU.i skipped
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP307\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\WIADEBUG.LOG Object is locked skipped
C:\WINDOWS\WIASERVC.LOG Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
Here is the Hijack This report:
Logfile of HijackThis v1.99.1
Scan saved at 5:23:40 PM, on 11/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
c:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Grisoft\AVG Free\avgcc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DwlClient] c:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [masqform.exe] C:\Program Files\PureEdge\Viewer 6.0\masqform.exe -UpdateCurrentUser
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
Hi again, it is looking clean now :)
How is the computer running ?
The infections were inside the system restore. This can be easily cleaned, see more info from the end of my message.
You can fix the following leftovers with HijackThis:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
Now you can clean AVG's Quarantine:
Open AVG Anti-Spyware
Click Infections
Click Quarantine tab
Click Select all
Click Remove finally
Close the program
You can remove the tools that we used.
Then you should update your Java to the latest version (5.0 update 9) Start
Control Panel
Add/Remove Programs
Delete the old Java, J2SE Runtime Environment 5.0 Update 6
Then we'll get the latest version of Java -> LINK (https://java.sun.com/javase/downloads/index.jsp)
Scroll down to Java Runtime Environment (JRE) 5.0 Update 9
Download & install it
Now you can make your hidden files hidden again.
Go to My Computer
Select the Tools menu and click Folder Options
Click the View tab.
Checkmark the "Display the contents of system folders"
Under the Hidden files and folders select "Show hidden files and folders"
Check "Hide protected operating system files"
Click Apply and then the OK and close My Computer.
=============
Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:
Clear your system restore (http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/tips/mcgill1.mspx)
This will clear the system restore folders from possible malware that was left behind during the cleaning process.
Use ATF Cleaner (http://www.atribune.org/ccount/click.php?id=1)
Download and install ATF Cleaner. Clean your temporary files & folders with it regularly.
Use Ad-Aware (http://www.bleepingcomputer.com/forums/?showtutorial=48)
Download and install Ad-Aware. Update it and scan your computer regularly with it.
Use AVG Anti-Spyware (http://www.ewido.net/en/)
Update it and scan your computer regularly with it.
Use Spybot S&D (http://www.bleepingcomputer.com/forums/?showtutorial=43)
Download and install Spybot S&D. Update it and scan your computer regularly with it.
Install SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html)
SpywareBlaster will prevent spyware from being installed.
Install MVPS Hosts file (http://mvps.org/winhelp2002/hosts.htm)
This prevents your computer from connecting to harmful sites.
Use Firefox browser (http://www.mozilla.org)
Firefox is faster, safer and better browser than Internet Explorer.
Keep your systen up-to-date (http://windowsupdate.microsoft.com)
Visit Windows Update regularly.
Keep your antivirus and firewall up-to-date
Scan your computer regularly with your antivirus.
Read this article by TonyKlein (http://castlecops.com/postlite7736-.html)
So how did I get infected in the first place?
Stand Up and Be Counted ! (http://www.malwarecomplaints.info/index.php)
The site offers people who have been (or are) victims of malware the opportunity to document their story and, in that way, launch a complaint against the malware and the makers of the malware.
Stay clean and be safe ;)