Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.
1 - 20 of 69 Posts

·
Registered
Joined
·
121 Posts
Discussion Starter · #1 ·
Hello,

Recently tried to use the "cmd" command to pull up ms-dos window to run "ipconfig". I received the following message: C:\\WINDOWS\system32\cmd.com
The NTVDM CPU has encountered an illegal instruction.
CS:0156 IP:04df OP:0f a7 00 22 00 Choose 'Close' to
terminate the application.

Any ideas? If I have displayed info that may jeapordize security, please let me know so I can delete the post.
 

·
Registered
Joined
·
121 Posts
Discussion Starter · #4 ·
Copied and pasted from notepad....

Logfile of HijackThis v1.99.1
Scan saved at 4:31:53 PM, on 1/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\WS_FTP Pro\wsbho2K0.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
 

·
Registered
Joined
·
7,826 Posts
The problem you have can be due to an infection. Since I don't have a shield next to my name (appropriately of course :D ) I won't advise you on your log other than to say that I don't see any antiviral programs running. Is that the case?
 

·
Registered
Joined
·
121 Posts
Discussion Starter · #7 ·
OK, downloaded trial security (AVG) and spyware detector (Stopzilla). Had 3 worms detected and healed w/ AVG. Ran a scan on the file that seems to generate the error. Rebooted. Still having the same problem. Any other suggestions?

Here is another log file from Hijack:

Logfile of HijackThis v1.99.1
Scan saved at 11:31:20 PM, on 1/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\STOPzilla!\STOPzilla.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
c:\progra~1\mozill~1\firefox.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ZILLAbar BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\STOPzilla!\ZB2.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\WS_FTP Pro\wsbho2K0.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files\STOPzilla!\ZB2.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: STOPzilla Service (szserver) - Unknown owner - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
 

·
Administrator
Joined
·
124,122 Posts
Go here to download AlcanShorty_en.exe and save it to your desktop.
  • Double click the alcanShorty.exe file and follow prompts.
  • It will make a folder on desktop called Alcan Shorty
  • Open the Alcan Shorty folder & double click the run.bat file to run it.
  • This will download a file called BFU.exe and a BFU script.
  • If your firewall asks for permission to connect to the Internet you must allow it.
  • A message box will pop up saying "complete".
  • Be patient and wait for the message box to appear as it may take some time.
  • Press OK then BFU.exe will open.
  • Select the option to "Show log after script ends"
  • Execute the script by clicking the Execute button.
  • Note that you should see a progress bar while the script is being executed.
  • When the script has finished press "copy" and that will make a copy of the report in your clipboard.
  • Paste the log into Notepad and save it to your desktop in case it's needed later.
Note: If you have any questions about the use of BFU please read here.

Download AVG Anti-Spyware from HERE and save that file to your desktop. Note that this is not the same program and the AVG Anti-virus you just downloaded.

When the trial period expires it becomes feature-limited freeware but is still worth keeping as a good on-demand scanner.

  1. Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double click it to launch the set up program.
  2. Once the setup is complete you will need run AVG Anti-Spyware and update the definition files.
  3. On the main screen select the icon "Update" then select the "Update now" link.
    • Next select the "Start Update" button. The update will start and a progress bar will show the updates being installed.
  4. Once the update has completed, select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  5. Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
  6. Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"
Close AVG Anti-Spyware. Do Not run a scan just yet, we will run it in safe mode.
  1. Reboot your computer into Safe Mode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight Safe Mode then hit enter.

    IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning as it may interfere with the scanning process:
  2. Launch AVG Anti-Spyware by double clicking the icon on your desktop.
  3. Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  4. AVG will now begin the scanning process. Please be patient as this may take a little time.
    Once the scan is complete, do the following:
  5. If you have any infections you will be prompted. Then select "Apply all actions."
  6. Next select the "Reports" icon at the top.
  7. Select the "Save report as" button in the lower lef- hand of the screen and save it to a text file on your system (make sure to remember where you saved that file. This is important).
  8. Close AVG Anti-Spyware and reboot your system back into Normal Mode.

Please go HERE to run Panda's ActiveScan
  • You need to use IE to run this scan
  • Once you are on the Panda site click the Scan your PC button
  • A new window will open...click the Check Now button
  • Enter your Country
  • Enter your State/Province
  • Enter your e-mail address and click send
  • Select either Home User or Company
  • Click the big Scan Now button
  • If it wants to install an ActiveX component allow it
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • When download is complete, click on My Computer to start the scan
  • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report

Come back here and post a new HijackThis log along with the logs from the AVG and Panda scans.
 

·
Registered
Joined
·
121 Posts
Discussion Starter · #9 ·
let me preface by saying that the error message I was receiving when I first posted is cleared up after running the first program. Here are the results...

hijack log
Logfile of HijackThis v1.99.1
Scan saved at 11:40:06 AM, on 1/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\STOPzilla!\STOPzilla.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ZILLAbar BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\STOPzilla!\ZB2.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\WS_FTP Pro\wsbho2K0.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files\STOPzilla!\ZB2.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: STOPzilla Service (szserver) - Unknown owner - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
 

·
Registered
Joined
·
121 Posts
Discussion Starter · #10 ·
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 10:57:26 AM 1/28/2007

+ Scan result:

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP115\A0016334.exe -> Adware.180Solutions : Cleaned.
C:\Program Files\Hotbar -> Adware.HotBar : Cleaned.
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP115\A0016323.exe -> Adware.HotBar : Cleaned.
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP115\A0016328.exe -> Adware.HotBar : Cleaned.
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP115\A0016329.dll -> Adware.HotBar : Cleaned.
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP115\A0016333.dll -> Adware.Hotbar : Cleaned.
:mozilla.61:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.62:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.63:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.23:C:\Documents and Settings\Warren Scott Wells\Application Data\Netscape\NSB\Profiles\ekpo5klc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.24:C:\Documents and Settings\Warren Scott Wells\Application Data\Netscape\NSB\Profiles\ekpo5klc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.25:C:\Documents and Settings\Warren Scott Wells\Application Data\Netscape\NSB\Profiles\ekpo5klc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:C:\Documents and Settings\Warren Scott Wells\Application Data\Netscape\NSB\Profiles\ekpo5klc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.36:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.37:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.38:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.39:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.40:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.41:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.42:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.432:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.434:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.43:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.44:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.46:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.47:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.48:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.49:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.50:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.510:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.51:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.52:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.53:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.54:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.55:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.56:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.57:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.58:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.59:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.60:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.617:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.792:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.862:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.503:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.504:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.785:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.787:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.788:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.299:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.300:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.306:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.308:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.309:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.310:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][3].txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.100:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.101:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.102:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.104:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.105:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.15:C:\Documents and Settings\Warren Scott Wells\Application Data\Netscape\NSB\Profiles\ekpo5klc.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.16:C:\Documents and Settings\Warren Scott Wells\Application Data\Netscape\NSB\Profiles\ekpo5klc.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.17:C:\Documents and Settings\Warren Scott Wells\Application Data\Netscape\NSB\Profiles\ekpo5klc.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.18:C:\Documents and Settings\Warren Scott Wells\Application Data\Netscape\NSB\Profiles\ekpo5klc.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.21:C:\Documents and Settings\Warren Scott Wells\Application Data\Netscape\NSB\Profiles\ekpo5klc.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.26:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.28:C:\Documents and Settings\Warren Scott Wells\Application Data\Netscape\NSB\Profiles\ekpo5klc.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.138:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.220:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.221:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.222:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.223:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.231:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.228:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.27:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.29:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.30:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][2].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.260:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.261:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.262:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.263:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.264:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.265:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.266:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.267:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][2].txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.710:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Centrport : Cleaned.
:mozilla.190:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][2].txt -> TrackingCookie.Commission-junction : Cleaned.
:mozilla.219:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.12:C:\Documents and Settings\Warren Scott Wells\Application Data\Netscape\NSB\Profiles\ekpo5klc.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.28:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.406:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.795:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.153:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.331:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.333:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.334:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.335:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.336:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.351:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.357:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.358:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.573:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.620:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.790:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.791:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.863:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.459:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.460:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.461:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.462:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][2].txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.224:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.225:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.226:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.227:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.111:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.112:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.113:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.114:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.115:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.116:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.118:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.119:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.120:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.121:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.94:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
 

·
Registered
Joined
·
121 Posts
Discussion Starter · #11 ·
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][2].txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.189:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.639:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.776:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.855:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.161:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.162:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.163:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.164:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.170:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.171:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.567:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.568:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.569:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.726:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.727:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.728:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.756:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.757:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.551:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Information : Cleaned.
:mozilla.343:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.344:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.345:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.528:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.529:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.703:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.704:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.739:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.740:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.777:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.778:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.133:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.134:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.708:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.709:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt -> TrackingCookie.Overture : Cleaned.
:mozilla.29:C:\Documents and Settings\Warren Scott Wells\Application Data\Netscape\NSB\Profiles\ekpo5klc.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.30:C:\Documents and Settings\Warren Scott Wells\Application Data\Netscape\NSB\Profiles\ekpo5klc.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.31:C:\Documents and Settings\Warren Scott Wells\Application Data\Netscape\NSB\Profiles\ekpo5klc.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.32:C:\Documents and Settings\Warren Scott Wells\Application Data\Netscape\NSB\Profiles\ekpo5klc.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.352:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.353:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.354:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.355:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][2].txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.823:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned.
:mozilla.76:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.89:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.90:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][2].txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.455:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.456:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.457:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.458:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.390:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt -> TrackingCookie.Realtracker : Cleaned.
:mozilla.522:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.523:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.301:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.302:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.303:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.304:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.305:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.307:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][2].txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.544:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.545:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.546:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.547:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.548:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.549:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.78:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.79:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.80:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.83:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.84:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.85:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.86:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.92:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.93:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.367:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.368:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.369:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.370:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.371:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.372:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.373:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.374:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.375:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][2].txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.298:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.502:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.81:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.82:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.87:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.88:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.91:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\[email protected][1].txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.647:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.422:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.423:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.424:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.425:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.426:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.427:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.428:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.429:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.281:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.186:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][2].txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.241:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.242:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.243:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.244:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.245:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.246:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.247:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.117:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.122:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.38:C:\Documents and Settings\Warren Scott Wells\Application Data\Netscape\NSB\Profiles\ekpo5klc.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.95:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][2].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][3].txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.550:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.560:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.235:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.236:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.237:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.238:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.239:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.240:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.37:C:\Documents and Settings\Warren Scott Wells\Application Data\Netscape\NSB\Profiles\ekpo5klc.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.178:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.179:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.180:C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt -> TrackingCookie.Zedo : Cleaned.
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP116\A0016344.exe -> Trojan.Holax.E : Cleaned.
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP116\A0016341.exe -> Worm.VB.an : Cleaned.

::Report end
 

·
Registered
Joined
·
121 Posts
Discussion Starter · #12 ·
Incident Status Location

Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt[.go.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt[.apmebf.com/]
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt[.bravenet.com/]
Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt[landing.domainsponsor.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt[.atwola.com/]
Spyware:Cookie/Lop Not disinfected C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt[.mp3search.ru/]
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt[hc2.humanclick.com/]
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt[hc2.humanclick.com/hc/12339856]
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Warren Scott Wells\Application Data\Mozilla\Firefox\Profiles\4sthdm2j.default\cookies.txt[.target.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][2].txt
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Warren Scott Wells\Cookies\warren scott [email protected][1].txt

It seems like this is an awful lot of information. My appologies if I have done something wrong and posted too much info
 

·
Administrator
Joined
·
124,122 Posts
Other than an outdated version of Java, your HijackThis log looks good.

Go to Add/Remove programs and uninstall all previous versions.

Now go here and install the latest version of Java.

You should clear all cookies in all browser (I see Netscape, Firefox and IE).

There are some nasties in system restore but we will flush the restore points to remove those now.

Now you should turn system restore off to flush out all previous system restore points, then turn it back on and create a new restore point:

To turn off system restore, on the Desktop, right click on My Computer and click on Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply and then click OK.

Restart your computer, turn System Restore back on and create a restore point.

To create a new restore point, click on Start – All Programs – Accessories – System Tools and then select System Restore.

In the System Restore wizard, select Create a restore point and click the Next button.

Type a name for your new restore point then click on Create.

I also recommend downloading SPYWAREBLASTER for added protection.

Read here for info on how to tighten your security.

Delete your temporary files:

In safe mode navigate to the C:\Windows\Temp folder. Open the Temp folder and go to Edit - Select All then Edit - Delete to delete the entire contents of the Temp folder.

Go to Start - Run and type %temp% in the Run box. The Temp folder will open. Click Edit - Select All then hit Delete to delete the entire contents of the Temp folder.

Finally go to Control Panel - Internet Options. On the General tab under "Temporary Internet Files" Click "Delete Files". Put a check by "Delete Offline Content" and click OK (this option does not exist in IE7). Click Apply then OK.

Empty the recycle bin.
 

·
Administrator
Joined
·
124,122 Posts
System restore has probably been damaged by malware so let's reinstall it.

Go to Start - Run and type %Windir%\INF then press enter.

In Windows Explorer go to Tools - Folder Options - View Tab and uncheck “Hide extensions for known file types”.

Find the sr.inf file, right click on it and select Install.
 

·
Registered
Joined
·
121 Posts
Discussion Starter · #18 ·
c:\
c:\i386\IIs6.cab
c:\WONDOWS\Driver Cache
c:\i386\CMPNENTS\MEDIACTR
C:\i386\CMPNENTS\NETFX
c:\Program Files\Macromedia\FlashPaper 2
c:\Program Files Java\jre1.6.0\jib
c:\windows\system32\ReinstallBackups\0000\DriverFiles
c:\windows\system32\ReinstallBackups\0002\DriverFiles
c:\windows\system32\ReinstallBackups\0003\DriverFiles
c:\windows\system32\ReinstallBackups\0004\DriverFiles
c:\windows\system32\ReinstallBackups\0005\DriverFiles
c:\windows\system32\ReinstallBackups\0006\DriverFiles
c:\windows\system32\ReinstallBackups\0007\DriverFiles
c:\windows\system32\ReinstallBackups\0008\DriverFiles
c:\windows\system32\ReinstallBackups\0009\DriverFiles
c:\windows\system32\ReinstallBackups\0010\DriverFiles
c:\windows\system32\ReinstallBackups\0011\DriverFiles
c:\windows\system32\ReinstallBackups\0012\DriverFiles
lib
 
1 - 20 of 69 Posts
Status
Not open for further replies.
Top