View Full Version : Infected Files inTemp Folder.
anujsaraf
2006-12-23, 21:26
Every day files with weird names such as 11exjins.v.exe or 93exssd.v.exe keep showing up in my temp folder along with some image files (that never appear on the pages that I visit). I use AVG Free edition along with Bit Defender (as a secondary anitvirus). AVG normally ignores these files but Bit Defender reported some of them as Infected Generic spammer. I have also scanned with Spybot and Adaware but both of them show no infetions except for some tracking cookies.
These files start appearing on my Task manager as soon i switch on my internet. Plus Multiple instances of IE appear on my proccess list even when I m not using it(I use Opera And Firefox). I recently installed Spyware blaster but it has been of no help.
Here is the HJT log.
Logfile of HijackThis v1.99.1
Scan saved at 1:13:25 AM, on 12/24/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
C:\program files\softwin\bitdefender8\bdswitch.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ashampoo\Ashampoo UnInstaller Platinum Suite\UIWatcher.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\eLitecore\Cyberoam Client for 24Online\CyberoamClient.exe
C:\Program Files\OPERA\Opera.exe
C:\Documents and Settings\Ankur\Desktop\downloaded programs\hijackthis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\Ankur\LOCALS~1\Temp\90exym.4.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\Ankur\LOCALS~1\Temp\60exinjs.v.exe
C:\DOCUME~1\Ankur\LOCALS~1\Temp\90exmodul32f.n.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender8\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] c:\program files\softwin\bitdefender8\bdswitch.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller Platinum Suite\UIWatcher.exe
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\system32\wweb32.dll/lookup.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {0188E17F-B180-48A6-B199-055C219601B5} (DV_GistFontResourcesforWeb Control) - http://203.199.16.205/msd/IE/cab/DVData.CAB
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX Scan Agent 6.5) - http://eu-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {E85FDB2D-2819-11D4-A59A-00600891E126} (IPlugin Control) - http://203.199.16.205/msd/IE/cab/iPlugin.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{73CC04E0-D25D-4932-9E99-8EC2BD8878A6}: NameServer = 172.168.200.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{9A4129D7-AB9E-4C2C-8E79-E190FB8C3137}: NameServer = 172.168.200.1
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Here is the bit defender summary of a test on the temp folder.
Summary:
C:\Documents and Settings\Ankur\Local Settings\Temp\11exinjs.v.exe Infected Backdoor.Agent.KS
C:\Documents and Settings\Ankur\Local Settings\Temp\11exinjs.v.exe Deleted
C:\Documents and Settings\Ankur\Local Settings\Temp\14exssd32.x.exe Infected Generic.Spammer.C1C37BA0
C:\Documents and Settings\Ankur\Local Settings\Temp\14exssd32.x.exe Deleted
C:\Documents and Settings\Ankur\Local Settings\Temp\18exmodul32f.n.exe Infected Generic.Spammer.55056CD1
C:\Documents and Settings\Ankur\Local Settings\Temp\18exmodul32f.n.exe Deleted
C:\Documents and Settings\Ankur\Local Settings\Temp\22exmodul32f.n.exe Infected Generic.Spammer.55056CD1
C:\Documents and Settings\Ankur\Local Settings\Temp\22exmodul32f.n.exe Deleted
C:\Documents and Settings\Ankur\Local Settings\Temp\23exinjs.v.exe Infected Backdoor.Agent.KS
C:\Documents and Settings\Ankur\Local Settings\Temp\23exinjs.v.exe Deleted
C:\Documents and Settings\Ankur\Local Settings\Temp\27exinjs.v.exe Infected Backdoor.Agent.KS
C:\Documents and Settings\Ankur\Local Settings\Temp\27exinjs.v.exe Deleted
C:\Documents and Settings\Ankur\Local Settings\Temp\33exssd32.x.exe Infected Generic.Spammer.C1C37BA0
C:\Documents and Settings\Ankur\Local Settings\Temp\33exssd32.x.exe Deleted
C:\Documents and Settings\Ankur\Local Settings\Temp\40exmodul32f.n.exe Infected Generic.Spammer.55056CD1
C:\Documents and Settings\Ankur\Local Settings\Temp\40exmodul32f.n.exe Deleted
C:\Documents and Settings\Ankur\Local Settings\Temp\45exinjs.v.exe Infected Backdoor.Agent.KS
C:\Documents and Settings\Ankur\Local Settings\Temp\45exinjs.v.exe Deleted
C:\Documents and Settings\Ankur\Local Settings\Temp\60exinjs.v.exe Infected Backdoor.Agent.KS
C:\Documents and Settings\Ankur\Local Settings\Temp\60exinjs.v.exe Deleted
C:\Documents and Settings\Ankur\Local Settings\Temp\73exinjs.v.exe Infected Backdoor.Agent.KS
C:\Documents and Settings\Ankur\Local Settings\Temp\73exinjs.v.exe Deleted
C:\Documents and Settings\Ankur\Local Settings\Temp\77exssd32.x.exe Infected Generic.Spammer.C1C37BA0
C:\Documents and Settings\Ankur\Local Settings\Temp\77exssd32.x.exe Deleted
C:\Documents and Settings\Ankur\Local Settings\Temp\81exinjs.v.exe Infected Backdoor.Agent.KS
C:\Documents and Settings\Ankur\Local Settings\Temp\81exinjs.v.exe Deleted
C:\Documents and Settings\Ankur\Local Settings\Temp\91exinjs.v.exe Infected Backdoor.Agent.KS
C:\Documents and Settings\Ankur\Local Settings\Temp\91exinjs.v.exe Deleted
Bit defender found no problems with the following files.
C:\Documents and Settings\Ankur\Local Settings\Temp\21exhdd.u.exe OK
C:\Documents and Settings\Ankur\Local Settings\Temp\16exym.4.exe OK
C:\Documents and Settings\Ankur\Local Settings\Temp\27exym.4.exe OK
C:\Documents and Settings\Ankur\Local Settings\Temp\30exym.4.exe OK
C:\Documents and Settings\Ankur\Local Settings\Temp\34exym.4.exe OK
C:\Documents and Settings\Ankur\Local Settings\Temp\36exym.4.exe OK
C:\Documents and Settings\Ankur\Local Settings\Temp\42exhdd.u.exe OK
C:\Documents and Settings\Ankur\Local Settings\Temp\42exym.4.exe OK
C:\Documents and Settings\Ankur\Local Settings\Temp\46exssd32.v.exe OK
C:\Documents and Settings\Ankur\Local Settings\Temp\51exym.4.exe OK
C:\Documents and Settings\Ankur\Local Settings\Temp\65exym.4.exe OKC:\Documents and Settings\Ankur\Local Settings\Temp\81exym.4.exe OK
C:\Documents and Settings\Ankur\Local Settings\Temp\83exmodul32f.l.exe OK
C:\Documents and Settings\Ankur\Local Settings\Temp\8A56EAB7.TMP OK
C:\Documents and Settings\Ankur\Local Settings\Temp\90exssd32.v.exe OK
I know I m interupting the holiday season but please help me if u can.
pskelley
2006-12-24, 13:29
Welcome to the forum, some information for you first.
1) It is ok to run a online scan to double check your antivirus program, b ut it is very bad policy to have two or more active antivirus programs running at the same time. Here is information from Symantec, Microsoft and others:
You are running two antivirus programs at the same time and this is not a good thing. They conflict with each other and you will be less safe than if you ran one good program and maintained it properly.
http://service1.symantec.com/SUPPORT/nav.nsf/docid/2000031316555206
"Microsoft recommends that you have only one anti-virus program installed on your computer."
http://www.washingtonpost.com/wp-dyn/content/article/2005/12/03/AR2005120300087.html
Uninstall one of those antivirus programs.
2) SpywareBlaster is a very good freeware program, but it does not remove anything, rather stops the junk before it can get on your computer. You should have had it in place before the infection, though I doubt it would have stopped this backdoor trojan. Here is a tutorial to help you benefit from the program in the future:
http://www.bleepingcomputer.com/tutorials/tutorial49.html
3) Do you own this program: C:\Program Files\Ashampoo\Ashampoo UnInstaller Platinum Suite\UIWatcher.exe
if not I suggest you uninstall it.
4) Your Java program is out of date, see this information:
http://forums.spybot.info/showpost.php?p=12880&postcount=2
download the newest version and uninstall all old version in Add Remove programs.
5) Thanks to andymanchesta and anyone else who helped with the fix.
Download SDFix (http://downloads.andymanchesta.com/RemovalTools/SDFix.exe) and save it to your Desktop.
Double click SDFix.exe and choose Install to extract it to its own folder on the Desktop. Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.
Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services or Registry Entries found then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt.
Finally copy and paste the contents of the results file Report.txt back onto the forum with a new HijackThis log
(hold those reports and logs until we finish)
6) How to make files and folders visible:
Click Start > Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.
Uncheck: Hide file extensions for known file types
Uncheck the Hide protected operating system files (recommended) option.
Click Yes to confirm.
Click OK.
7) Please download ATF Cleaner by Atribune
http://www.atribune.org/content/view/25/2/
Save it to your Desktop. We will use this later.
8) Open HijackThis and choose "Do a system scan only" then check the box in front of these line items:
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
(may be gone)
O16 - DPF: {E85FDB2D-2819-11D4-A59A-00600891E126} (IPlugin Control) - http://203.199.16.205/msd/IE/cab/iPlugin.CAB
(if you are positive this is safe, you can leave it)
Close all programs but HJT and all browser windows, then click on "Fix Checked"
9) RIGHT Click on Start then click on Explore. Locate and delete these items:
(what I want you to do here is navigate to that Temp folder and delete everything in it...NOT THE FOLDER)
C:\DOCUMENTS & SETTINGS~1\Ankur\LOCALS~1\Temp\90exym.4.exe
C:\DOCUMENTS & SETTINGS~1\Ankur\LOCALS~1\Temp\60exinjs.v.exe
C:\DOCUMENTS & SETTINGS~1\Ankur\LOCALS~1\Temp\90exmodul32f.n.exe
10) Run ATF Cleaner
Double-click ATF-Cleaner.exe to run the program.
Click Select All found at the bottom of the list.
Click the Empty Selected button.
Click Exit on the Main menu to close the program.
Restart the computer and post the Report.txt from SDFix and a new HJT log. Let me know how the computer is running now.
Thanks
anujsaraf
2006-12-25, 22:12
Thanks for that prompt reply. I followed up the given links and did the necessary things. Here is what i did
1) I did not uninstall any one of the Antivirus as the free edition of BitDefender does not offer real time scanning. I use it only as an OnDemand scannner. And I switch off the real time protection and the windows shell protection of the AVG whenever I use BitDefender .
I did try online scans but slow internet speeds make it a long drawn process.
So should I uninstall BitDefender???
2) The latest update available for java was JRE v5 update 10. I downloaded and installed it. Is it enough or should I download some other version???
3) I followed the given procedure with SDFix and the aTF Cleaner. As u said the smss.exe file from system foler disappeared aftr the SDFix scan. The second file that u suspected was part of my uninstaller application(Ashampoo). I deleted the third file using HJT. Here r the SDFix and the HJT logs.
Stage Two - Normal Mode
Checking For Malware:
--------------------
C:\WINDOWS\system\smss.exe
Backing Up and Removing any Files Found...
Alternate Stream Check:
C:\WINDOWS\system32
No streams found.
Final Check:
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\phonewalared\\phonewalared.exe"="C:\\Program Files\\phonewalared\\phonewalared.exe:*:Enabled:Net2Phone CommCenter Client GUI Module"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"F:\\Program Files\\Skype\\Phone\\Skype.exe"="F:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:HP Software Update Client"
"C:\\Program Files\\eLitecore\\Cyberoam Client for 24Online\\CyberoamClient.exe"="C:\\Program Files\\eLitecore\\Cyberoam Client for 24Online\\CyberoamClient.exe:*:Enabled:24Online Client"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\QuickTime\\QuickTimePlayer.exe"="C:\\Program Files\\QuickTime\\QuickTimePlayer.exe:*:Enabled:QuickTime Player"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\Documents and Settings\\Ankur\\Local Settings\\Temp\\Rar$EX00.511\\ipmsg.exe"="C:\\Documents and Settings\\Ankur\\Local Settings\\Temp\\Rar$EX00.511\\ipmsg.exe:*:Enabled:IPMsg English"
"C:\\Documents and Settings\\Ankur\\Desktop\\ipmsg.exe"="C:\\Documents and Settings\\Ankur\\Desktop\\ipmsg.exe:*:Enabled:IPMsg English"
"C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Grisoft\\AVG Free\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG Free\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"="C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\79exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\79exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\93exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\93exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\38exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\38exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\88exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\88exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\64exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\64exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\5exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\5exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\14exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\14exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\18exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\18exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\75exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\75exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\41exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\41exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\9exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\9exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\17exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\17exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\32exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\32exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\80exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\80exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\10exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\10exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\49exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\49exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\8exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\8exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\45exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\45exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\59exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\59exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\69exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\69exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\40exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\40exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\52exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\52exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\53exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\53exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\85exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\85exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\27exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\27exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\39exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\39exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\3exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\3exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\70exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\70exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\60exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\60exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\72exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\72exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\34exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\34exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\87exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\87exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\47exmodul32d.3.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\47exmodul32d.3.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\55exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\55exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\34exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\34exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\28exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\28exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\19exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\19exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\60exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\60exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\18exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\18exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\70exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\70exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\95exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\95exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\84exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\84exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\85exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\85exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\99exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\99exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\71exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\71exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\20exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\20exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\8exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\8exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\15exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\15exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\98exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\98exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\83exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\83exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\73exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\73exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\47exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\47exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\45exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\45exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\80exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\80exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\14exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\14exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\46exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\46exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\69exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\69exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\96exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\96exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\81exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\81exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\41exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\41exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\52exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\52exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\5exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\5exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\75exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\75exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\67exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\67exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\39exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\39exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\29exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\29exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\56exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\56exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\25exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\25exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\51exmodul32d.4.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\51exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\38exmodul32d.6.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\38exmodul32d.6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\66exmodul32d.6.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\66exmodul32d.6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\8exmodul32d.6.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\8exmodul32d.6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\90exmodul32d.6.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\90exmodul32d.6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\62exmodul32d.6.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\62exmodul32d.6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\96exmodul32d.6.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\96exmodul32d.6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\61exmodul32d.6.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\61exmodul32d.6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\85exmodul32d.6.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\85exmodul32d.6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\16exmodul32d.6.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\16exmodul32d.6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\73exmodul32d.6.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\73exmodul32d.6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\40exmodul32d.6.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\40exmodul32d.6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\18exmodul32d.6.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\18exmodul32d.6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\75exmodul32d.6.exe"="C:\\DOCUME~1\\Ankur\\LOCALS~1\\Temp\\75exmodul32d.6.exe:*:Enabled:Microsoft Update"
pskelley
2006-12-25, 22:20
Please make sure you do not have "Word Wrap" enabled under Format in Notepad.
I need a new HJT log to see how we did.
Restart the computer and post the Report.txt from SDFix and a new HJT log. Let me know how the computer is running now.
Thanks
anujsaraf
2006-12-25, 22:23
There were around two hundred(with weird names) more files in the SDFix report. Here is the remaining part of teh report excliding those files.
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Documents and Settings\\Ankur\\Local Settings\\Temp\\98exmodul32f.b.exe"="C:\\Documents and Settings\\Ankur\\Local Settings\\Temp\\98exmodul32f.b.exe:*:Enabled:Microsoft Update"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
Remaining Files:
---------------
Backups Folder: - C:\DOCUME~1\Ankur\Desktop\DOWNLO~1\SDFix\SDFix\backups\backups.zip
Checking for files with Hidden Attributes:
C:\Documents and Settings\Ankur\My Documents\Downloaded Programs\Office XP\MSDE2000\SQLRESLD.DLL
C:\Program Files\Common Files\Adobe\ESD\DLMCleanup.exe
C:\WINDOWS\system32\cdplayer.exe.manifest
C:\WINDOWS\system32\logonui.exe.manifest
C:\hiberfil.sys
C:\IO.SYS
C:\MSDOS.SYS
C:\pagefile.sys
C:\RECYCLER\S-1-5-21-1708537768-1606980848-1957994488-1005\Dc2494.TMP
C:\RECYCLER\S-1-5-21-1708537768-1606980848-1957994488-1005\Dc2495.TMP
C:\RECYCLER\S-1-5-21-1708537768-1606980848-1957994488-1005\Dc2496.TMP
C:\RECYCLER\S-1-5-21-1708537768-1606980848-1957994488-1005\Dc2513.tmp
C:\RECYCLER\S-1-5-21-1708537768-1606980848-1957994488-1005\Dc2514.tmp
here is the HJT log
Logfile of HijackThis v1.99.1
Scan saved at 1:43:55 AM, on 12/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ashampoo\Ashampoo UnInstaller Platinum Suite\UIWatcher.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Ankur\Desktop\downloaded programs\hijackthis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender8\bdnagent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller Platinum Suite\UIWatcher.exe
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\system32\wweb32.dll/lookup.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {0188E17F-B180-48A6-B199-055C219601B5} (DV_GistFontResourcesforWeb Control) - http://203.199.16.205/msd/IE/cab/DVData.CAB
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX Scan Agent 6.5) - http://eu-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{73CC04E0-D25D-4932-9E99-8EC2BD8878A6}: NameServer = 172.168.200.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{9A4129D7-AB9E-4C2C-8E79-E190FB8C3137}: NameServer = 172.168.200.1
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
As for my PC its a little faster than it used to be. The weird files in the temp folder have not shown up for the past one hour.
And last but not the least a belated(not that late for u though:D: )
Merry Christmas!!!!!
pskelley
2006-12-25, 22:57
It appears you are formating the information you are posting and I am having a hard time scanning it. Did you check to see if word wrap is turned off in notepad? Are you formating the material in any other way?
The HJT log appears to be clean of malware, please make sure the recycle bin in empty. You can remove SDFix, we are done with it. ATF-Cleaner is yours to keep if you wish. If you are so inclined, I would a appreciate a look at the scan results from this Anti-Spyware scan:
http://forums.security-central.us/showthread.php?t=3165
To make sure nothing is lurking. If not, then let me wish you safe surfing and a Merry Christmas yourself.
System Restore does not know the good files from the bad. In case bad stuff has gotten into your System Restore files, follow the instructions in this link to get clean System Restore files. Turn it off, reboot then turn it back on:
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001111912274039?Open&src=sec_doc_nam
Here is some great information from Tony Klein, Texruss, ChrisRLG and Grinler to help you stay clean and safe online:
http://forums.spybot.info/showthread.php?t=279
http://russelltexas.com/malware/allclear.htm
http://forum.malwareremoval.com/viewtopic.php?t=14
http://www.bleepingcomputer.com/forums/topict2520.html
http://cybercoyote.org/security/not-admin.shtml
Thanks...pskelley
Safer Networking Forums
http://www.spybot.info/en/donate/index.html
If you are reading this information...thank a teacher,
If you are reading it in English...thank a soldier.
anujsaraf
2006-12-26, 19:54
I downloaded and installed the avg-antispyware. Here is the report of the full system scan.
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 1:55:20 PM 12/26/2006
+ Scan result:
F:\D drive\Complete.Anonymous.Web.Surfing.v3.0.retail\japsetup.exe -> Adware.Fastseeker : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{5F1ABCDB-A875-46c1-8345-B72A45670064} -> Adware.Generic : Cleaned.
HKU\S-1-5-21-1708537768-1606980848-1957994488-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5F1ABCDB-A875-46C1-8345-B72A45670064} -> Adware.Generic : Cleaned.
C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll -> Adware.Minibug : Cleaned.
F:\Program Files\Overnet Lite\Plugins\httpprotocol.dll -> Downloader.Small : Cleaned.
F:\My Documents\ankur1\downloaded programs\book collector 2.3\New Folder\collectorz.comallproductsgenericcrackcracktsrh.zip/crack.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Cleaned.
F:\My Documents\ankur1\minigames\inspector.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Cleaned.
F:\Program Files\eMule\Incoming\Reverse Engineering Tools Pack - CNC.rar/Cracking Tools\WinHEX v10.90 SR-3.rar/WinHEX v10.90 SR-3\wh_cr.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Cleaned.
:mozilla.113:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.121:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.122:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.123:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.124:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.125:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.126:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.127:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.128:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.129:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.130:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.131:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.132:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.133:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.134:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.135:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.136:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.137:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.138:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.139:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.140:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.141:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.142:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.143:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.144:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.145:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.146:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.147:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.148:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.149:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.150:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.151:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.152:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.153:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.154:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.155:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.156:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.157:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.158:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.159:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.160:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.161:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.162:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.163:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.164:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.165:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.166:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.167:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.168:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.169:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.170:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.187:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.207:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.345:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.489:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.621:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.6:C:\Documents and Settings\Sunil\Application Data\Mozilla\Firefox\Profiles\agueuxt5.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.739:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.206:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.207:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.208:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.242:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.39:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.40:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.245:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.246:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.114:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.115:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.116:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.20:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.21:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.22:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.189:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.23:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.324:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.325:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.47:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.48:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.85:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.86:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.87:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.88:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.89:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.90:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.157:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Centrport : Cleaned.
:mozilla.369:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.370:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.371:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.372:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.373:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.374:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.804:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.805:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.356:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.357:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.358:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.849:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned.
:mozilla.862:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned.
:mozilla.15:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.171:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.264:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.276:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.38:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.41:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.42:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.154:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.217:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.151:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.152:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
anujsaraf
2006-12-26, 20:03
the report is continued here.
:mozilla.153:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.172:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.206:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.494:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.147:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.148:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.149:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.858:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.859:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.860:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.29:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.193:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.194:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.195:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.196:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.197:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.198:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.199:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.200:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.201:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.202:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.203:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.714:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.727:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
F:\WINDOWS\Cookies\sunil@paypopup[2].txt -> TrackingCookie.Paypopup : Cleaned.
:mozilla.175:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.176:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.177:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.178:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.179:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.24:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.25:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.26:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.27:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.741:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.172:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.173:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.174:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.58:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.744:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.410:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.411:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.412:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.413:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.321:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.768:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.769:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.770:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.771:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.772:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.366:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.367:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.893:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.894:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.895:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
F:\WINDOWS\Cookies\sunil@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.30:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.31:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.32:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.33:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.34:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.35:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.80:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.83:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.50:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.51:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.52:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.779:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.96:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Targetnet : Cleaned.
:mozilla.112:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.788:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.789:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.79:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.80:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.81:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.82:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.83:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.84:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.46:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.791:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
F:\WINDOWS\Cookies\sunil@server3.web-stat[2].txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.139:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.180:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
F:\WINDOWS\Cookies\sunil@yadro[1].txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.74:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.75:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.76:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.77:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.78:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.834:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.835:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.836:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
F:\WINDOWS\Cookies\sunil@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.107:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.108:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.109:C:\Documents and Settings\Ankur\Application Data\Mozilla\Firefox\Profiles\flagnir4.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.91:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.92:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.93:F:\WINDOWS\Application Data\Mozilla\Profiles\default\sdrqjfjm.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned.
::Report end
The temp folder and the recycler folder has free of any malware for the past 15 hours or so. Just hoping that the backdoor trojan is gone for good....
pskelley
2006-12-26, 20:24
Whoa...why are you storing all of those junk cookies?
http://www.mistywindow.com/security/firefox-cookie-control.htm
http://support.lexis-nexis.com/lawschool/record.asp?ArticleID=wg_delete_cookies#fire2
Since AVG Anti-Spyware found so much junk in normal mode, I strongly suggest you run it in safe mode:
http://www.bleepingcomputer.com/tutorials/tutorial61.html
Look to those links I posted to learn how to keep your computer clean and safe.
Safe surfing...thanks:eek:
Glad we could help, as the problem appears to be resolved this topic has been archived. :)
If you need it re-opened please send me or your helper a private message (pm) and provide a link to the thread; this applies only to the original topic starter.
Anyone else with similar problems please start a new topic.