Adware is hijacking IE7

G

Granville

New member
As requested, starting a new topic by copying over my initial enquiry.

Ok, I am a FireFox user but I still need IE occasionally.
So I updated to IE7.
Every time I try to use it (and sometimes when I don't - just working with FF) some form of Adware takes it over and kills the "Live" tab and replaces it with "Party Poker", "888 Casino" and the like.
I have run S&D several times and it always comes up blank.
But the malware is still there.
Any suggestions or similar occurrences?


And in response to Tashi's queries...

I run a Dell OEM XP Pro, with auto-updates set, so should be fully updated.
I only have the freebee S&D 1.3 but this appears to update it's signature files each time it is run.

I am currently updating to 1.4 and will re-run a scan when that is installed.

I will report back on any progress before you commit any time to this. Back soon...
 
Update

Don't know why I hadn't installed 1.4 before but it is on now.
It found a whole heap of stuff which 1.3 didn't recognise.
I have dumped all that lot, so will give it a day or so to see if things are fully resolved.
I will report back one way or the other, so this thread can be closed if all is well.
Thanks.
 
Change of direction

I did the update to 1.4, and it seems to have found and cleared a stack of nasties missed by 1.3.
However, now when I boot up S&D starts to cycle hundreds of query dialogs, which even when set to be quiet and background, flash up an endless stream of notification boxes, nearly all of which appear to be exactly the same.
The screen shots are two hours apart and show no sign of ever stopping.
Short of killing S&D, nothing seems to be able stop this.
I could stop Immunise and/or take off the Permanent IE blocker, but surely this is defeating the objective?
Any advice please?
 
More problems

IE is becoming unusable, which is an extra problem when trying to sort out why.

I have been following your instructions and have tried several times to run the Panda external checker.

Unfortunately, this won't run in FF, so have to use IE. It starts ok. Sets of scanning all HDs. Just a percent or two into the scan finds it's first nasty. It shows a "press here for details of this" button, which will open a new window. As that window opens, IE simply fades away (both windows) losing the details and the scan.

So, start again. Running to circa 6% and found 30 new items. Not picking the details window this time. Suddenly a pile of Casino popup pages appear and again - crash. All gone.

Last night, I closed everything down except the scan and left it running, hoping that by this morning it would have completed and had a list of targets.

When I came through, nothing there - all gone. No indication of when, so don't know if it completed, started to open the display and crashed or jut died in the traces.

Obviously, there is something there which S&D is missing but using IE is not working.

Can you suggest another with will work with FF please?
 
Read before you write...

Ok, last one on the list, Trend, works in FF, so am on with running a scan with that. Will post results when avaiable.
 
This is getting worse

Housecall set up and started running.
Estimated time 4.5hrs to scan.
45mins into it, had about half a dozen "finds".
Then suddenly, WIPEOUT.
No FireFox, no Trend, nothing.
Ended up having to reboot and am now setting this up all over again.

Is this indicative of some new Self-Protective Malware, which recognises when it is about to be eliminated and pulls the plug to avoid it?
 
and worse...

On the basis that my wife's computer is on the same house-lan as mine, thought it would be best to run the scan on her machine at the same time as mine to clear them both and avoid cross contamination.

Again after about half an hour FF came up with an error message and had to close. Sent the crash-file to MS and rebooted her system.

Will start another scan and see how that goes.
 
and even worse...

Crashed out my computer AGAIN.

There is something very odd or nasty here.

FireFox is normally so stable, nothing seems to shake it.
However, it is falling apart on two independent machines at the same time, doing the same job with the same software.

Is it likely to be the Trend Housecall, or the nasties it is locating?
 
I give up.

Had Trend running on both machines.

Both died within a couple of minutes of one another.

Tashi, if you need the results of this scan, I will try to provide it but while what ever is wrong is killing both IE and FF, there doesn't seem to be a solution.

Any other ideas or suggesions?

Just going to wait now till I hear from you.
 
IE7 hijack HJT file - No Panda, see previous posts

Logfile of HijackThis v1.99.1
Scan saved at 11:16:43, on 13-02-07
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Browster\proxy\wrapper.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE
C:\PROGRA~1\Browster\proxy\jre\bin\java.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\WINDOWS\wanmpsvc.exe
c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\WINDOWS\BCMSMMSG.exe
D:\PROGRA~1\Nero\NEROTO~1\DRIVES~1.EXE
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\dvd43\dvd43_tray.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Hello\Hello.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Napster\napster.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\DynDNS Updater\DynDNS.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Video Server S\Video Server S.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopMail.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\MailWasher\MailWasher.exe
C:\Program Files\Graphisoft\ArchiCAD 10\ArchiCAD.exe
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/uk/enu/gen/default.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.orange.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/countries/uk/enu/gen/default.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8448
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,DLPSP.EXE
O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - (no file)
O2 - BHO: eBay Helper Object - {001F2570-5DF5-11d3-B991-00A0C9BB0874} - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Messenger\ycomp5_1_6_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1FEA39D6-46B3-4F66-BC38-4839CFE198EA} - (no file)
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browster BrwIEConnector - {908A31E8-2A6E-4736-8E8A-AAF00C4AE38F} - C:\Program Files\Browster\Browster.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Browster - {2EF39867-654F-48b6-8F93-B4FC3E8C6844} - C:\Program Files\Browster\Browster.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {46AE04C0-BCFA-4728-90E7-00EB4A8B3863} - (no file)
O4 - HKLM\..\Run: [ZIVGXcov] C:\PROGRA~1\soxtvutv\cYADGAQN.exe
O4 - HKLM\..\Run: [YAVHT1Ex] C:\PROGRA~1\swvtwtur\pwqxvrsv.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [RwpGWAUx] C:\PROGRA~1\swvtwtur\pwqxvrsv.exe
O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [eIpGS1Uw] C:\PROGRA~1\swvtwtur\pwqxvrsv.exe
O4 - HKLM\..\Run: [egVHToEx] C:\PROGRA~1\swvtwtur\pwqxvrsv.exe
O4 - HKLM\..\Run: [eA0GS5ow] C:\PROGRA~1\swvtwtur\pwqxvrsv.exe
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [Nero DriveSpeed] D:\PROGRA~1\Nero\NEROTO~1\DRIVES~1.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [DLPSP] "c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera 301x
O4 - HKLM\..\Run: [PicasaNet] "C:\Program Files\Hello\Hello.exe" -b
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SignGramDeadMess] C:\Documents and Settings\All Users\Application Data\HeartUserSignGram\TransLong.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [nygzyjli] C:\WINDOWS\System32\hdkpuiam.exe
O4 - HKLM\..\Run: [Windows SA] C:\Program Files\WindowsSA\omniscient.exe
O4 - HKLM\..\Run: [beuvoiirdiuy] C:\WINDOWS\System32\nejufl.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKCU\..\Run: [EPSON Plotter] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /A "C:\WINDOWS\System32\E_S71.tmp"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [DynDNS Updater] "C:\Program Files\DynDNS Updater\DynDNS.exe"
O4 - HKCU\..\Run: [NBJ] "D:\Program Files\Nero\Nero BackItUp\NBJ.exe"
O4 - Startup: Shortcut to Video Server S.lnk = C:\Program Files\Video Server S\Video Server S.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk/
O15 - Trusted Zone: *.excite.com
O15 - Trusted Zone: www.ofoto.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://host.cycore.net/plugins/windows/ie/Cult3D_IE_5.3.0.228.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-9.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://polyblog.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/02e29a4318b73eea9d06/netzip/RdxIE601.cab
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.pestpatrol.com/pestscan/pestscan.cab
O16 - DPF: {5938FEB1-3609-11D4-85CD-00902707DAE7} (MapCtl Class) - https://www.promapserver.co.uk/controls/latest/webmap.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - http://www.techsmith.com/codec/tsccinst.cab
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://support.euro.dell.com/global/apps/systemprofiler/PROFILER.CAB
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://194.200.57.26//cgi-bin/AxisCamControl.ocx
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://rtc3.webresponse.one.microsoft.com/media/xp/TLIEFlash.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BF6BBE9A-0656-4598-A0CD-32DAC03959B5} (Image Uploader 3.0 Control) - http://www.bootsdigitalphotocentre.com/wpp/boots/opcuploader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Companion) - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6_0.cab
O16 - DPF: {F2A84794-EE6D-447B-8C21-3BA1DC77C5B4} (SDKInstall Class) - http://activex.microsoft.com/activex/controls/sdkupdate/sdkinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe
O23 - Service: Browster Proxy (BrwstrPF) - Unknown owner - C:\PROGRA~1\Browster\proxy\wrapper.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
O23 - Service: Dell Printer Status Watcher (DLPWD) - Dell Inc. - c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
O23 - Service: Dell Printer Status Database (DLSDB) - Dell Inc. - c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
 
Welcome to the forum, please listen up, you have a bunch of nasty junk on this computer and if they are on the same LAN chances are they are both infected. I suggest you pull the plugs until we get this one clean, it going to be tricky keeping one from reinfecting the other. Is there a way you can separate them so they are not networked together?

I am also not looking back at all of that stuff you posted so I might ask questions you have already answered, bear with me that information will just confuse me at this point.
Please concentrate on this computer, once it is clean we will close this topic and you may start a new topic for the other computer.

I see this: C:\Program Files\Java\j2re1.4.2_03\ and this: C:\Program Files\Java\jre1.5.0_10\ see this information:
http://forums.spybot.info/showpost.php?p=12880&postcount=2 that out of date version may be what caused the infection. Uninstall all but the newest in Add Remove Programs.

Some of this junk I do not even recognize, so I am guessing a little, but we will start like this, make sure you do this in the numbered ordered.

1) This is at least a Adware.BlazeFind infection, Symantec has a tool so run it first here:
http://sarc.com/avcenter/venc/data/pf/adware.blazefind.html
http://securityresponse.symantec.com/avcenter/FxBlzFnd.exe

2) How to make files and folders visible:
Click Start > Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.
Uncheck: Hide file extensions for known file types
Uncheck the Hide protected operating system files (recommended) option.
Click Yes to confirm. Click OK.
You may reverse this for safety when we are finished.

3) Please download ATF Cleaner by Atribune
http://www.atribune.org/content/view/25/2/
Save it to your Desktop. We will use this later.

4) We need to disable your Windows Defender Real-time Protection as it may interfere with the fixes that we need to make.
Open Windows Defender, Click on Tools, General Settings.
Scroll down and uncheck Turn on real-time protection (recommended).
After you uncheck this, click on the Save button and close Windows Defender.
After all of the fixes are complete it is very important that you enable Real-time Protection again.

5) Start > Control Panel > Add Remove Programs and uninstall WindowsSA, uninstall any program you know does not belong there.

6) Open HijackThis and choose "Do a system scan only" then check the box in front of these line items:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - (no file)
O2 - BHO: eBay Helper Object - {001F2570-5DF5-11d3-B991-00A0C9BB0874} - (no file)
O2 - BHO: (no name) - {1FEA39D6-46B3-4F66-BC38-4839CFE198EA} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O3 - Toolbar: (no name) - {46AE04C0-BCFA-4728-90E7-00EB4A8B3863} - (no file)
O4 - HKLM\..\Run: [ZIVGXcov] C:\PROGRA~1\soxtvutv\cYADGAQN.exe
O4 - HKLM\..\Run: [YAVHT1Ex] C:\PROGRA~1\swvtwtur\pwqxvrsv.exe
O4 - HKLM\..\Run: [RwpGWAUx] C:\PROGRA~1\swvtwtur\pwqxvrsv.exe
O4 - HKLM\..\Run: [eIpGS1Uw] C:\PROGRA~1\swvtwtur\pwqxvrsv.exe
O4 - HKLM\..\Run: [egVHToEx] C:\PROGRA~1\swvtwtur\pwqxvrsv.exe
O4 - HKLM\..\Run: [eA0GS5ow] C:\PROGRA~1\swvtwtur\pwqxvrsv.exe
O4 - HKLM\..\Run: [nygzyjli] C:\WINDOWS\System32\hdkpuiam.exe
O4 - HKLM\..\Run: [Windows SA] C:\Program Files\WindowsSA\omniscient.exe
O4 - HKLM\..\Run: [beuvoiirdiuy] C:\WINDOWS\System32\nejufl.exe
(if you really trust those next two, you can leave them)
O15 - Trusted Zone: *.excite.com
O15 - Trusted Zone: www.ofoto.com
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/02e29a43...p/RdxIE601.cab

Close all programs but HJT and all browser windows, then click on "Fix Checked"

7) RIGHT Click on Start then click on Explore. Locate and delete these items:

C:\PROGRAM FILES~1\soxtvutv\ <<< delete that folder

C:\PROGRAM FILES~1\swvtwtur\ <<< delete that folder

C:\Program Files\WindowsSA\ <<< delete that folder

C:\WINDOWS\System32\hdkpuiam.exe <<< delete that file

C:\WINDOWS\System32\nejufl.exe <<< delete that file

8) Follow the directions in this link, make sure you delete or at least quarantine anything the program locates and save that scan report.
http://forums.security-central.us/showthread.php?t=3165

9) Run ATF Cleaner
Double-click ATF-Cleaner.exe to run the program.
Click Select All found at the bottom of the list.
Click the Empty Selected button.
Click Exit on the Main menu to close the program.

Restart the computer and post the AVG Anti-Spyware scan results, a new HJT log and any comments you think will help.

Thanks
 
After scan and clearance results

Sorry it took so long to get back to you, the first scan took over six hours but ended up with no results. The others did find some stuff, which I deleted and the updated text files follow. (Looks like it will be in three chunks)

Logfile of HijackThis v1.99.1
Scan saved at 22:29:20, on 13-02-07
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Browster\proxy\wrapper.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\PROGRA~1\Browster\proxy\jre\bin\java.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\WINDOWS\wanmpsvc.exe
c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\WINDOWS\BCMSMMSG.exe
D:\PROGRA~1\Nero\NEROTO~1\DRIVES~1.EXE
C:\Program Files\dvd43\dvd43_tray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Hello\Hello.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Napster\napster.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\DynDNS Updater\DynDNS.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Video Server S\Video Server S.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopMail.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/uk/enu/gen/default.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.orange.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/countries/uk/enu/gen/default.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8448
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,DLPSP.EXE
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browster BrwIEConnector - {908A31E8-2A6E-4736-8E8A-AAF00C4AE38F} - C:\Program Files\Browster\Browster.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Browster - {2EF39867-654F-48b6-8F93-B4FC3E8C6844} - C:\Program Files\Browster\Browster.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [Nero DriveSpeed] D:\PROGRA~1\Nero\NEROTO~1\DRIVES~1.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [DLPSP] "c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera 301x
O4 - HKLM\..\Run: [PicasaNet] "C:\Program Files\Hello\Hello.exe" -b
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SignGramDeadMess] C:\Documents and Settings\All Users\Application Data\HeartUserSignGram\TransLong.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [EPSON Plotter] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /A "C:\WINDOWS\System32\E_S71.tmp"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [DynDNS Updater] "C:\Program Files\DynDNS Updater\DynDNS.exe"
O4 - HKCU\..\Run: [NBJ] "D:\Program Files\Nero\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - Startup: Shortcut to Video Server S.lnk = C:\Program Files\Video Server S\Video Server S.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://host.cycore.net/plugins/windows/ie/Cult3D_IE_5.3.0.228.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-9.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://polyblog.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.pestpatrol.com/pestscan/pestscan.cab
O16 - DPF: {5938FEB1-3609-11D4-85CD-00902707DAE7} (MapCtl Class) - https://www.promapserver.co.uk/controls/latest/webmap.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - http://www.techsmith.com/codec/tsccinst.cab
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://support.euro.dell.com/global/apps/systemprofiler/PROFILER.CAB
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://194.200.57.26//cgi-bin/AxisCamControl.ocx
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://rtc3.webresponse.one.microsoft.com/media/xp/TLIEFlash.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BF6BBE9A-0656-4598-A0CD-32DAC03959B5} (Image Uploader 3.0 Control) - http://www.bootsdigitalphotocentre.com/wpp/boots/opcuploader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6_0.cab
O16 - DPF: {F2A84794-EE6D-447B-8C21-3BA1DC77C5B4} (SDKInstall Class) - http://activex.microsoft.com/activex/controls/sdkupdate/sdkinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
 
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Browster Proxy (BrwstrPF) - Unknown owner - C:\PROGRA~1\Browster\proxy\wrapper.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
O23 - Service: Dell Printer Status Watcher (DLPWD) - Dell Inc. - c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
O23 - Service: Dell Printer Status Database (DLSDB) - Dell Inc. - c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

-------------------------------------------------

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 22:03:05 13-02-07

+ Scan result:



HKU\S-1-5-21-3792747927-3728794093-2820869814-1010\Software\Microsoft\Internet Explorer\MenuExt\Add A Page Note -> Adware.CommonName : Cleaned.
HKU\S-1-5-21-3792747927-3728794093-2820869814-1010\Software\Microsoft\Internet Explorer\MenuExt\Bookmark This Page -> Adware.CommonName : Cleaned.
HKU\S-1-5-21-3792747927-3728794093-2820869814-1010\Software\Microsoft\Internet Explorer\MenuExt\Email This Link -> Adware.CommonName : Cleaned.
HKU\S-1-5-21-3792747927-3728794093-2820869814-1010\Software\Microsoft\Internet Explorer\MenuExt\Search using CommonName -> Adware.CommonName : Cleaned.
C:\Documents and Settings\All Users\Application Data\HeartUserSignGram\TransLong.exe -> Adware.Lop : Cleaned.
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1217\A0144836.dll -> Adware.Yahoo : Cleaned.
C:\Utilities\Downloads\Microsoft\MSN\MsgPlus-220.exe/70000011.exe -> Downloader.Swizzor.g : Cleaned.
C:\Utilities\Downloads\Microsoft\MSN\MsgPlus-221.exe/70000011.exe -> Downloader.Swizzor.g : Cleaned.
C:\Program Files\Adobe\Photoshop CS\test.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Cleaned.
C:\Utilities\Downloads\Rips\Photoshop CS Fix.zip/CS Fix/test.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Cleaned.
:mozilla.494:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.546:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Granville\Cookies\granville@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Granville\Cookies\granville@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Granville\Cookies\granville@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.6:C:\Documents and Settings\Granville\Application Data\MozillaControl\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.6:C:\Documents and Settings\Granville\Application Data\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.6:C:\Documents and Settings\Granville\MozillaControl\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.7:C:\Documents and Settings\Granville\Application Data\MozillaControl\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.7:C:\Documents and Settings\Granville\Application Data\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.7:C:\Documents and Settings\Granville\MozillaControl\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.11:C:\Documents and Settings\Granville\Application Data\MozillaControl\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Adviva : Cleaned.
:mozilla.11:C:\Documents and Settings\Granville\Application Data\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Adviva : Cleaned.
:mozilla.11:C:\Documents and Settings\Granville\MozillaControl\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Adviva : Cleaned.
:mozilla.12:C:\Documents and Settings\Granville\Application Data\MozillaControl\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Adviva : Cleaned.
:mozilla.12:C:\Documents and Settings\Granville\Application Data\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Adviva : Cleaned.
:mozilla.12:C:\Documents and Settings\Granville\MozillaControl\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Adviva : Cleaned.
:mozilla.498:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.499:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.8:C:\Documents and Settings\Granville\Application Data\MozillaControl\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.8:C:\Documents and Settings\Granville\Application Data\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.8:C:\Documents and Settings\Granville\MozillaControl\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.9:C:\Documents and Settings\Granville\Application Data\MozillaControl\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.9:C:\Documents and Settings\Granville\Application Data\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.9:C:\Documents and Settings\Granville\MozillaControl\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.661:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned.
:mozilla.174:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.175:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.177:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.178:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.179:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.189:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Granville\Cookies\granville@com[1].txt -> TrackingCookie.Com : Cleaned.
:mozilla.13:C:\Documents and Settings\Granville\Application Data\MozillaControl\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.13:C:\Documents and Settings\Granville\Application Data\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.13:C:\Documents and Settings\Granville\MozillaControl\profiles\MozillaControl\wquas19e.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.367:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.488:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.352:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.446:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.625:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.688:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.689:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.690:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.691:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.721:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.775:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.842:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.880:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.909:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
 
:mozilla.568:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Etracker : Cleaned.
C:\Documents and Settings\Granville\Cookies\granville@www.etracker[2].txt -> TrackingCookie.Etracker : Cleaned.
C:\Documents and Settings\Granville\Cookies\granville@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.287:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.319:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.327:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.336:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.338:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.443:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.601:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.652:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.658:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.670:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.697:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.701:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.712:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.714:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.722:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.739:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.789:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.809:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.823:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.824:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.233:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.234:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.235:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.236:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.237:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.518:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.519:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.520:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.521:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.522:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.571:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.599:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.600:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.615:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.653:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.706:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.748:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.749:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.751:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.773:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.860:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.862:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.733:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.899:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.290:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.291:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.292:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.326:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.753:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.754:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.756:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.814:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.815:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
 
:mozilla.915:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.916:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.492:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.493:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.559:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.560:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.561:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Granville\Cookies\granville@overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Granville\Cookies\granville@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.650:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned.
:mozilla.500:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.501:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Granville\Cookies\granville@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Granville\Cookies\granville@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.776:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.798:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.799:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.843:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.100:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.101:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.102:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.103:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.104:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.105:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.106:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.107:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.108:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.109:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.110:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.111:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.112:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.113:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.114:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.58:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.59:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.67:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.68:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.69:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.70:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.71:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.72:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.73:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.74:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.75:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.76:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.77:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.78:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.79:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.80:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.81:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.82:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.83:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.84:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.85:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.86:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.87:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.88:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.89:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.90:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.91:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.92:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.93:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.94:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.95:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.96:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.97:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.98:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.99:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.893:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.894:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.895:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.896:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.897:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.669:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.284:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.707:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.708:C:\Documents and Settings\Granville\Application Data\Mozilla\Firefox\Profiles\gsdqaxdp.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\B9AC4BC8-7ABB-4893-B42D-F1A16A\3A7A9119-AFEF-45D8-A9D1-CDBEDF -> Trojan.CommonName.b : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\B9AC4BC8-7ABB-4893-B42D-F1A16A\9EE13603-D6DD-4D1C-9E88-0D4149 -> Trojan.CommonName.b : Cleaned.
C:\Program Files\Microsoft AntiSpyware\Quarantine\B9AC4BC8-7ABB-4893-B42D-F1A16A\EC36DEC4-42FF-4C90-9115-EA9364 -> Trojan.CommonName.b : Cleaned.


::Report end

-------------------------
Oh well, ended up as four parts.
Thanks for what you have done so far, hope this lot means something to you!

Off now to reset my AV and file settings.
 
I just want to say I am trying to get rid of the malware, but you sure have a lot of stuff running on this comuter. I am personally surprised it starts up and even runs at all.
A lot of the stuff I have never seen before, and will have to ask you to tell me if it's valid or not. You do have a LOP/C2 Media infection that is usually caused because messengerplus is downloaded with sponsor programs.

I believe this one is safe, but my scanner is saying no, please let me know if this is a valid item:
C:\PROGRA~1\Browster\proxy\jre\bin\java.exe if you need to check any of this stuff, use one or more of these free onlines scans:
http://virusscan.jotti.org/
http://www.kaspersky.com/scanforvirus
http://www.virustotal.com/flash/index_en.html

Before I post the Lop information I am just wondering what you intend to accomplish. I can get rid of the malware, but I doubt this computer is every going to perform unless you control the stuff you have running:
http://netsquirrel.com/msconfig/
http://users.telenet.be/bluepatchy/miekiemoes/slowcomputer.html

From the looks of the AVG Anti-Spyware scan report, it appears no one knows how to delete cookies? If you need me to post instructions, let me know.

Since The AVG Anti-Spyware Scan removed so much junk in normal mode, I strongly suggest you boot the computer into safe mode:
http://www.bleepingcomputer.com/tutorials/tutorial61.html
and see what the program can remove when nothing is running.


Here is the LOP item, let's remove it:
O4 - HKLM\..\Run: [SignGramDeadMess] C:\Documents and Settings\All Users\Application Data\HeartUserSignGram\TransLong.exe
Some information: http://inetexplorer.mvps.org/data/lop.htm
http://www.superadblocker.com/P/PROGRAM BOOK.EXE-3755.html

Please download NoLop to the Desktop from one of those sites:
http://www.spywareedge.net/nolop/NoLop.exe
http://www.thespykiller.co.uk/forum/index.php?action=tpmod;dl=item16

Close any programs you have running since a reboot is required
Double click NoLop.exe to run it
Next, click the button labeled: Search and Destroy
<<your computer will now be scanned for infected files>>
When the scan finishes, if infected, you are prompted to reboot
Click OK

Now click: REBOOT
A Message should popup from NoLop. If not, double click the program again and it will finish.
Please Post the contents of C:\NoLop.log along with a new HijackThis log

Let me have some comments from you.

Thanks...Phil
 
Initial response

Phil,
Thanks again for your time and efforts on my behalf.

Yea, the comp is busy. I am a one-man-band Architectural Practice and my pc gets used for everything, both business and pleasure. There are a lot of specialist programs as well as an abundance of "goodies" which I find indispensable (like Browster)

I am probably not going to have chance till tomw to run your suggestions as I will be out of the office. However, will work my way through the list as soon as.
Granville
 
You must log in or register to reply here.
Back
Top