Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - amp

Pages: [1]

Tech Clinic / spy sherrif

« on: March 24, 2006, 10:01:29 PM »

Question: Why can't I click on links from my e-mails anymore? I used to be able to before all of this spy sheriff stuff. Also, when i open up my laptop to get to the internet, the sandbar is on for a long time, thanks!

Logfile of HijackThis v1.99.1
Scan saved at 8:30:06 PM, on 3/24/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\wanmpsvc.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Documents and Settings\Michelle\Desktop\hijackthis.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Documents and Settings\Michelle\Desktop\hijackthis.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Documents and Settings\Michelle\Desktop\hijackthis.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\System32\svchost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.dellnet.com/
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Startup: WkCalRem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0\aoltray.exe
O4 - Global Startup: MA521 Configuration Utility.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Tech Clinic / spy sherrif

« on: March 17, 2006, 10:49:01 PM »

Questolo: had to do the rootkitrevealer scan twice; the 1st time it seemed to get stuck while performing the scan. Also, I had a diffucult time saving my scan results to my desktop; when it asked where I wanted to save it to, it kept automatically defaulting to a folder called "system 32" which seems to always come up with all of the different scans. what is this system 32? ( i had to save it in my documents) here are the results:

C:\Documents and Settings\Michelle\Local Settings\Temp\_td1F.tmp 3/15/2006 11:06 PM 0 bytes Hidden from Windows API.

Logfile of HijackThis v1.99.1
Scan saved at 9:35:10 PM, on 3/17/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\wanmpsvc.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Michelle\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.dellnet.com/
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Startup: WkCalRem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0\aoltray.exe
O4 - Global Startup: MA521 Configuration Utility.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Tech Clinic / spy sherrif

« on: March 10, 2006, 09:46:16 PM »

Questolo, hi...sorry so late; my laptop has been really slow and everytime I open it the hourglass stays on for a very long time and I'm unable to do anything at all at that time. Also, before I forget, I wanted to let you know that a few weeks ago, in the midst of all these problems, my roadrunner e-mail address sent out e-mails to EVERYONE in my known contacts list, most likely infected e-mails; i got a bunch returned to me, and they all said something about ebay. Anyway, here are the results of my scans, thanks:

Logfile of HijackThis v1.99.1
Scan saved at 8:29:21 PM, on 3/10/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\wanmpsvc.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Michelle\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.dellnet.com/
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Startup: WkCalRem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0\aoltray.exe
O4 - Global Startup: MA521 Configuration Utility.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on:         7:01:21 PM, 3/10/2006
+ Report-Checksum:      DC4E4BD3

+ Scan result:

   HKU\S-1-5-21-3962561463-2826087509-1140141477-1007\Software\Microsoft\Internet Explorer\Explorer Bars\{159C2E51-9823-11D2-8DDC-D84A1B4ACD4D} -> Adware.Generic : Cleaned with backup
   C:\avenger\backup.zip/avenger/PerfectNavUninstall.exe -> Downloader.Keenval.e : Cleaned with backup
   C:\avenger\backup.zip/avenger/surv3.exe -> Downloader.VB.vv : Cleaned with backup
   :mozilla.76:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
   :mozilla.118:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
   :mozilla.119:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
   :mozilla.120:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
   :mozilla.210:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.211:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.268:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   :mozilla.269:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   :mozilla.270:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   :mozilla.271:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   :mozilla.272:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   :mozilla.273:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   :mozilla.274:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   :mozilla.573:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   C:\Documents and Settings\Michelle\Desktop\backups\backup-20060205-225954-256.dll -> Adware.PurityScan : Cleaned with backup
   :mozilla.73:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.76:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   :mozilla.77:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   C:\Documents and Settings\Tony\Local Settings\Temporary Internet Files\Content.IE5\698RM5YX\!update-3395[1].0000 -> Downloader.PurityScan.bs : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106636.exe -> Downloader.VB.dm : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107816.dll -> Adware.PurityScan : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP123\A0117169.dll -> Trojan.Agent.eu : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP126\A0118396.exe -> Downloader.Keenval.e : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP126\A0118401.exe -> Downloader.VB.vv : Cleaned with backup

::Report End

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\lcyyjeub

*******************

Script file located at: \??\C:\Documents and Settings\hswewmka.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\go_1.exe deleted successfully.
File C:\Program Files\Kazaa\PerfectNavUninstall.exe deleted successfully.
File C:\WINDOWS\alchem.ini deleted successfully.
File C:\WINDOWS\blocklist.reg deleted successfully.
File C:\WINDOWS\Digital Signature 20040926.htm deleted successfully.
File C:\WINDOWS\GatorUninstaller_cme.log deleted successfully.
File C:\WINDOWS\PreProcess.data deleted successfully.
File C:\WINDOWS\smdat32a.sys deleted successfully.
File C:\WINDOWS\surv3.exe deleted successfully.
File C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts.bho deleted successfully.
File C:\WINDOWS\SYSTEM32\ide21201.vxd deleted successfully.
File C:\WINDOWS\SYSTEM32\kernels64.exe deleted successfully.
File C:\WINDOWS\SYSTEM32\O deleted successfully.
File C:\WINDOWS\SYSTEM32\O.BAT deleted successfully.
File C:\WINDOWS\SYSTEM32\shell386.exe deleted successfully.
File C:\WINDOWS\SYSTEM32\web.exe deleted successfully.
File C:\WINDOWS\SYSTEM32\wtssvtr.exe deleted successfully.
Folder C:\Program Files\rdso deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

Tech Clinic / spy sherrif

« on: February 26, 2006, 10:35:13 PM »

sorry this took so long; my pc has been running slow; here is what you asked for:

Incident Status Location

Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt[]
Adware:adware/tvmedia Not disinfected C:\Documents and Settings\Michelle\Application Data\tvmcwrd.dll
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Michelle\Cookies\michelle@2o7[2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Michelle\Cookies\[email protected][2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Michelle\Cookies\michelle@advertising[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Michelle\Cookies\michelle@atdmt[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Michelle\Cookies\michelle@doubleclick[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Michelle\Cookies\michelle@hitbox[2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Michelle\Cookies\michelle@realmedia[2].txt
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Michelle\Cookies\michelle@revenue[2].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Michelle\Cookies\[email protected][1].txt
Adware:Adware/PurityScan Not disinfected C:\Documents and Settings\Michelle\Desktop\backups\backup-20060205-225954-256.dll
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Michelle\Desktop\smitRem\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Michelle\Desktop\smitRem.exe[Process.exe]
Spyware:Cookie/go Not disinfected C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt[]
Virus:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Tony\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f5b6b54-71e7725f.zip[GetAccess.class]
Virus:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Tony\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f5b6b54-71e7725f.zip[InsecureClassLoader.class]
Virus:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Tony\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f5b6b54-71e7725f.zip[Dummy.class]
Virus:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Tony\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f5b6b54-71e7725f.zip[Installer.class]
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Tony\Cookies\tony@target[1].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Tony\Cookies\tony@winfixer[1].txt
Adware:Adware/PurityScan Not disinfected C:\Documents and Settings\Tony\Local Settings\Temporary Internet Files\Content.IE5\698RM5YX\!update-3395[1].0000
Virus:Trj/Downloader.VC Not disinfected C:\go_1.exe
Adware:Adware/KeenValue Not disinfected C:\Program Files\Kazaa\PerfectNavUninstall.exe
Adware:Adware/PurityScan Not disinfected C:\Program Files\rdso\eetu.exe
Adware:adware/clickalchemy Not disinfected C:\WINDOWS\alchem.ini
Adware:Adware/EliteBar Not disinfected C:\WINDOWS\blocklist.reg
Adware:adware/downloadware Not disinfected C:\WINDOWS\Digital Signature 20040926.htm
Adware:adware/gator Not disinfected C:\WINDOWS\GatorUninstaller_cme.log
Adware:adware/powerstrip Not disinfected C:\WINDOWS\PreProcess.data
Spyware:application/bestoffer Not disinfected C:\WINDOWS\smdat32a.sys
Spyware:Spyware/Media-motor Not disinfected C:\WINDOWS\surv3.exe
Adware:adware/keenvalue Not disinfected C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts.bho
Adware:adware/wupd Not disinfected C:\WINDOWS\SYSTEM32\ide21201.vxd
Adware:adware/adsmart Not disinfected C:\WINDOWS\SYSTEM32\kernels64.exe
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\SYSTEM32\l?gonui.exe
Adware:Adware/StatBlaster Not disinfected C:\WINDOWS\SYSTEM32\O
Adware:Adware/StatBlaster Not disinfected C:\WINDOWS\SYSTEM32\O.BAT
Adware:adware/cashdeluxe Not disinfected C:\WINDOWS\SYSTEM32\shell386.exe
Adware:adware/craft Not disinfected C:\WINDOWS\SYSTEM32\web.exe
Adware:adware/purityscan Not disinfected C:\WINDOWS\SYSTEM32\wtssvtr.exe
Logfile of HijackThis v1.99.1
Scan saved at 9:33:28 PM, on 2/26/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\wanmpsvc.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Michelle\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.dellnet.com/
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Startup: WkCalRem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0\aoltray.exe
O4 - Global Startup: MA521 Configuration Utility.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Tech Clinic / spy sherrif

« on: February 08, 2006, 11:25:09 PM »

sorry, here is the end of the first ewido report:
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104330.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104331.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104332.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104333.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104334.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104335.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104336.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104337.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104338.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104339.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104340.dll -> Spyware.Esyndic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104342.exe -> Adware.eZula : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104343.exe -> Adware.eZula : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104344.exe -> Adware.eZula : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104345.exe -> Adware.eZula : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104346.dll -> Adware.eZula : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104347.dll -> Adware.eZula : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104348.dll -> Adware.eZula : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104351.exe -> Spyware.AdSrve.b : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104352.exe/systb.dll -> Spyware.ImiBar : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104353.dll -> Spyware.ImiBar : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104354.dll -> Downloader.Dyfuca.dt : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104355.dll -> Downloader.Keenval.e : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104356.exe -> Downloader.Keenval.e : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104357.exe -> Downloader.Keenval.e : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104359.dll -> Downloader.Rameh.c : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104360.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104361.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104362.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104363.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104364.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104365.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104366.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104367.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104368.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104369.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104370.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104371.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104372.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104373.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104374.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104375.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104376.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104377.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104378.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104379.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104380.exe -> Downloader.VB.em : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104381.exe -> Spyware.PowerScan : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104382.ocx -> Spyware.MediaMotor : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104383.dll -> Trojan.Septic.a : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104385.exe -> Downloader.Small.abd : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104389.EXE -> Downloader.Small.wk : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104392.exe -> Spyware.BiSpy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104393.exe -> Spyware.BiSpy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104394.dll -> Spyware.BiSpy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104395.dll -> Spyware.VirtualBouncer : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104399.dll -> Spyware.WebHancer : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104400.exe/WhAgent.exe -> Spyware.WebHancer : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104401.exe -> Spyware.WebHancer : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104405.dll -> Adware.MidADle : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104406.dll -> Adware.MidADle : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104407.exe -> Spyware.WinFetcher.b : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104428.exe -> Trojan.ExHosts : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104431.dll -> Spyware.VirtualBouncer : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104432.dll -> Spyware.VirtualBouncer : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104433.dll -> Spyware.VirtualBouncer : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104434.dll -> Spyware.VirtualBouncer : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104437.exe -> Downloader.Agent.ae : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104438.exe -> Spyware.BiSpy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104439.exe -> Downloader.Agent.ae : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104441.exe -> Downloader.Apropo.h : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104442.exe -> Spyware.AproposMedia : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104443.exe -> Downloader.Apropo.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104445.exe -> Spyware.PurityScan : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104446.exe -> Downloader.Small.oe : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104447.exe -> Downloader.Small.oe : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104448.exe -> Downloader.Small.oe : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104449.exe -> Downloader.Small.Iq : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104450.exe -> Dropper.Delf.z : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104451.dll -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104452.exe -> Trojan.Revop.b : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104454.exe -> Downloader.Small.gl : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104456.dll -> Downloader.Agent.br : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104457.dll -> Trojan.Zapchast : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104465.dll -> Trojan.Agent.nw : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104468.dll -> Worm.Locksky.p : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104469.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104471.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104472.exe -> Proxy.Small.ea : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104473.exe -> Worm.Delf.i : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104475.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104476.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104477.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104478.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104480.exe -> Spyware.WinFetcher : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104487.dll -> Trojan.Agent.nw : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104491.exe -> Proxy.Small.ea : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104492.dll -> Worm.Locksky.p : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104494.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104497.exe -> Worm.Delf.i : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104500.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104501.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0104502.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0105487.dll -> Trojan.Agent.nw : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0105490.dll -> Worm.Locksky.p : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0105491.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0105493.exe -> Proxy.Small.ea : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0105494.ocx -> Spyware.MediaMotor : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0105496.exe -> Worm.Delf.i : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0105498.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0105500.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0105501.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0105502.dll -> Spyware.PurityScan : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106487.dll -> Trojan.Agent.nw : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106490.dll -> Worm.Locksky.p : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106492.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106495.exe -> Proxy.Small.ea : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106496.ocx -> Spyware.MediaMotor : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106498.exe -> Worm.Delf.i : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106500.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106501.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106502.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106619.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106620.exe -> Worm.Locksky.z : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106621.exe -> Worm.Locksky.z : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106622.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106623.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106624.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106625.exe -> Backdoor.Agent.qr : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106626.exe -> Backdoor.Small.jo : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106627.exe -> Backdoor.Small.jo : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106628.exe -> Downloader.Small.chg : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106629.dll -> Backdoor.Small.jo : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106630.exe -> Downloader.3746.A : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106631.exe -> Spyware.UrlSpy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106632.exe -> Spyware.IEDriver : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106633.exe -> Spyware.UrlSpy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106638.ocx -> Downloader.VB.ov : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106642.exe -> Dropper.Small.aeq : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106643.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106644.exe -> Downloader.Agent.tv : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106647.exe -> Trojan.LowZones.am : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106649.exe -> Downloader.Dyfuca.EI : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106651.dll -> Adware.Mirar : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106652.exe -> Adware.SaveNow : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106653.exe -> Downloader.Small.cds : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106654.exe -> Downloader.Tibs.bu : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106655.exe -> Downloader.Agent.adv : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106656.exe -> Downloader.Small.aqu : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106657.exe -> Downloader.Small.aqu : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106658.exe -> Downloader.Small.aqu : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106659.exe -> Trojan.Dialer.u : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106660.exe -> Spyware.BargainBuddy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106662.srg -> Spyware.BargainBuddy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106663.exe -> Spyware.BargainBuddy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106664.exe -> Downloader.Small.awa : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106665.dll -> Trojan.Agent.eu : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106666.exe -> Downloader.CWS.r : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106667.exe -> Downloader.CWS.r : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106668.dll -> Spyware.Ihbo : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106669.dll -> Spyware.Ihbo : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0106670.exe -> Downloader.CWS.s : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107785.exe -> Adware.MediaMotor : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107788.exe -> Not-A-Virus.Hoax.Win32.Renos.av : Cleaned with backup
   C:\WINDOWS\C.exe -> Adware.MidADle : Cleaned with backup
   C:\WINDOWS\K3.exe -> Adware.MidADle : Cleaned with backup
   C:\WINDOWS\piz..exe/eee2.exe -> Adware.MediaMotor : Cleaned with backup
   C:\WINDOWS\polall1t.exe -> Downloader.Agent.ae : Cleaned with backup
   C:\WINDOWS\seli.exe/eee2.exe -> Adware.MediaMotor : Cleaned with backup
   C:\WINDOWS\SYSTEM32\ADPTIF03.exe -> Spyware.AdSrve : Cleaned with backup
   C:\WINDOWS\SYSTEM32\ASFSIPC8.exe -> Spyware.AdSrve : Cleaned with backup
   C:\WINDOWS\SYSTEM32\AVMETER0.exe -> Spyware.UrlSpy : Cleaned with backup
   C:\WINDOWS\SYSTEM32\bbchk.exe -> Spyware.BargainBuddy : Cleaned with backup
   C:\WINDOWS\SYSTEM32\BIDISPL6.exe -> Spyware.AdSrve : Cleaned with backup
   C:\WINDOWS\SYSTEM32\elitefjt32.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\WINDOWS\SYSTEM32\kalvyfd32.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\WINDOWS\SYSTEM32\loader.exe -> Downloader.VB.vs : Cleaned with backup
   C:\WINDOWS\SYSTEM32\maxd64.exe -> Trojan.Dialer.ay : Cleaned with backup
   C:\WINDOWS\SYSTEM32\mirindaspl.exe -> Trojan.Kolweb.g : Cleaned with backup
   C:\WINDOWS\SYSTEM32\mmxp2passion.exe -> Downloader.VB.uc : Cleaned with backup
   C:\WINDOWS\SYSTEM32\mspostsp.exe -> Trojan.Inject.i : Cleaned with backup
   C:\WINDOWS\SYSTEM32\msshed32.exe -> Downloader.Delf.zw : Cleaned with backup
   C:\WINDOWS\SYSTEM32\msupdate32.dll -> Proxy.Agent.ij : Cleaned with backup
   C:\WINDOWS\SYSTEM32\qecjkfa.exe_ -> Downloader.Agent.ae : Cleaned with backup
   C:\WINDOWS\SYSTEM32\sachostm.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\WINDOWS\SYSTEM32\vxgame6.exe -> Trojan.Small : Cleaned with backup
   C:\WINDOWS\SYSTEM32\vxgamet2.exe -> Trojan.Small : Cleaned with backup
   C:\WINDOWS\SYSTEM32\vxgamet3.exe -> Dropper.Agent.abu : Cleaned with backup
   C:\WINDOWS\SYSTEM32\vxh8jkdq2.exe -> Not-A-Virus.Hoax.Win32.Renos.av : Cleaned with backup
   C:\WINDOWS\SYSTEM32\winrun.exe -> Downloader.Small.bnz : Cleaned with backup
   C:\WINDOWS\SYSTEM32\wwwloader.exe -> Downloader.Small.cho : Cleaned with backup

::Report End

there is a website i can't log on to for work, that goes through "citrix metaframe" and I don't know if it's a problem with the website or my pc. everything is running fine, no pop ups but the last 2 days my pc is running slower and internet explorer keeps giving me popups saying there was a problem connecting to the page i was trying to get to. Thanks!

Tech Clinic / spy sherrif

« on: February 08, 2006, 11:17:39 PM »

Hi, I did run the ATF cleaner in safe mode, and here's the Blacklight log:

02/08/06 21:42:23 [Info]: BlackLight Engine 1.0.30 initialized
02/08/06 21:42:23 [Info]: OS: 5.1 build 2600 (Service Pack 1)
02/08/06 21:42:24 [Note]: 7019 4
02/08/06 21:42:24 [Note]: 7005 0
02/08/06 21:42:45 [Note]: 7006 0
02/08/06 21:42:45 [Note]: 7011 2456
02/08/06 21:42:46 [Note]: FSRAW library version 1.7.1014
02/08/06 21:44:16 [Note]: 4013 30229
02/08/06 21:44:16 [Note]: 4020 94 6160384
02/08/06 21:44:16 [Note]: 4018 94 6160384
02/08/06 21:45:34 [Note]: 7007 0

this is the first ewido report:
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on:         10:24:42 PM, 2/5/2006
+ Report-Checksum:      F5C1E2E1

+ Scan result:

   HKLM\SOFTWARE\Desktop\LicenseStores -> Spyware.MidAddle : Cleaned with backup
   HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates : Cleaned with backup
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BC3BBF86-E4EC-4412-9676-8355468B3B05} -> Spyware.Maxspeed : Cleaned with backup
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges -> Trojan.Small : Cleaned with backup
   :mozilla.30:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
   :mozilla.31:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
   :mozilla.45:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
   :mozilla.50:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.51:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.52:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.58:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
   :mozilla.67:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.68:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.69:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.70:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.71:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.72:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.73:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.74:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.75:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.76:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.77:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.78:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.79:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.80:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.81:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.82:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.83:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.84:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.85:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.86:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.87:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.88:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.89:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.90:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.91:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.92:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.93:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.94:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.95:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.96:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.97:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.98:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.99:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.100:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.101:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.102:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.103:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.104:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.105:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.106:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.107:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.108:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.109:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.110:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.111:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.112:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.113:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.114:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.115:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.116:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.132:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.133:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.134:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.135:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.136:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.137:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.138:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.139:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
   :mozilla.142:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
   :mozilla.143:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
   :mozilla.153:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
   :mozilla.154:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
   :mozilla.163:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.164:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.165:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.166:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
   :mozilla.167:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
   :mozilla.168:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
   :mozilla.169:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
   :mozilla.174:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.176:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.177:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.178:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.179:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.180:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.181:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.185:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.186:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.201:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.202:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.203:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.204:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.205:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
   :mozilla.213:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.214:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.215:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
   :mozilla.224:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.225:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.226:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.227:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.236:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
   :mozilla.237:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
   :mozilla.238:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
   :mozilla.239:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
   :mozilla.243:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
   :mozilla.244:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
   :mozilla.245:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
   :mozilla.246:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
   :mozilla.249:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
   :mozilla.250:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
   :mozilla.253:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.254:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.255:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.256:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.257:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.308:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
   :mozilla.336:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
   :mozilla.340:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
   :mozilla.341:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.349:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
   :mozilla.361:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.373:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
   :mozilla.385:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
   :mozilla.386:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
   :mozilla.387:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
   :mozilla.398:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.399:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.412:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
   :mozilla.413:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
   :mozilla.414:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.415:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.416:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.417:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
   :mozilla.433:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
   :mozilla.434:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
   :mozilla.435:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
   :mozilla.463:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.464:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.465:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.466:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.468:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
   :mozilla.477:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.479:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.490:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.491:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.492:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.493:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Linksynergy : Cleaned with backup
   :mozilla.494:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Linksynergy : Cleaned with backup
   :mozilla.495:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
   :mozilla.496:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
   :mozilla.497:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
   :mozilla.498:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
   :mozilla.501:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
   :mozilla.509:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
   :mozilla.540:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.545:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
   :mozilla.565:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Clickagents : Cleaned with backup
   :mozilla.566:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Clickagents : Cleaned with backup
   :mozilla.567:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Clickagents : Cleaned with backup
   :mozilla.568:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Clickagents : Cleaned with backup
   :mozilla.569:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Clickagents : Cleaned with backup
   :mozilla.570:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Clickagents : Cleaned with backup
   :mozilla.571:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Clickagents : Cleaned with backup
   :mozilla.578:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.597:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.598:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.599:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.620:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.624:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
   :mozilla.664:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Matchcraft : Cleaned with backup
   :mozilla.666:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.714:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.754:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.765:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
   :mozilla.766:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
   :mozilla.779:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.780:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.827:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.828:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.829:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.830:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.832:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.897:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Ad-logics : Cleaned with backup
   :mozilla.898:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Ad-logics : Cleaned with backup
   :mozilla.940:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
   :mozilla.950:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
   :mozilla.958:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
   :mozilla.970:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
   :mozilla.980:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Bluemountain : Cleaned with backup
   :mozilla.16:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.19:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.20:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.21:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.22:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.23:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.24:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.25:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
   :mozilla.29:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.30:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.31:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.32:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.33:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
   :mozilla.38:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
   :mozilla.51:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.52:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.53:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.54:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.55:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.56:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.57:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.58:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.63:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
   :mozilla.71:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Trafic : Cleaned with backup
   :mozilla.72:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.73:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.75:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.77:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.80:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.82:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.83:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.84:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.87:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
   :mozilla.88:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.89:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.90:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.92:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
   :mozilla.93:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
   :mozilla.96:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
   :mozilla.112:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
   :mozilla.113:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
   :mozilla.119:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
   :mozilla.141:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
   :mozilla.142:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
   :mozilla.143:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
   :mozilla.144:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
   :mozilla.149:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
   :mozilla.156:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
   C:\Documents and Settings\Tony\Cookies\tony@-1shz2prbmdj6wvny-1sez2pra2dj6wfkicmazkcpg-1dj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
   C:\Documents and Settings\Tony\Cookies\tony@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlyaocpigoasdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
   C:\Documents and Settings\Tony\Cookies\tony@y-1shz2prbmdj6wvny-1sez2pra2dj6wjmyumdzidpaidj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
   C:\Documents and Settings\Tony\Local Settings\Temp\~448962.tmp -> Downloader.WinTool : Cleaned with backup
   C:\Documents and Settings\Tony\Local Settings\Temp\~526117.tmp -> Downloader.WinTool : Cleaned with backup
   C:\Documents and Settings\Tony\Local Settings\Temp\~533831.tmp -> Downloader.WinTool : Cleaned with backup
   C:\Documents and Settings\Tony\Local Settings\Temp\~585870.tmp -> Downloader.WinTool : Cleaned with backup
   C:\Documents and Settings\Tony\Local Settings\Temp\~595156.tmp -> Downloader.WinTool : Cleaned with backup
   C:\Documents and Settings\Tony\Local Settings\Temp\~661390.tmp -> Downloader.WinTool : Cleaned with backup
   C:\Documents and Settings\Tony\Local Settings\Temp\~755696.tmp -> Downloader.WinTool : Cleaned with backup
   C:\Documents and Settings\Tony\Local Settings\Temp\~758442.tmp -> Downloader.WinTool : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0095988.exe -> Proxy.Small.ea : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0095989.exe -> Worm.Delf.i : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0097988.exe -> Spyware.AproposMedia : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0097990.exe -> Spyware.BargainBuddy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0097991.exe -> Spyware.CashBack : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0097992.exe -> Spyware.CashBack : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0097996.dll -> Spyware.BargainBuddy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0097997.exe -> Spyware.BargainBuddy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0097998.exe -> Spyware.BargainBuddy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098010.exe -> Spyware.BargainBuddy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098014.dll -> Spyware.BargainBuddy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098015.exe -> Spyware.BargainBuddy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098016.exe -> Spyware.BargainBuddy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098033.dll -> Trojan.Agent.nw : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098034.dll -> Backdoor.Small.jo : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098035.dll -> Worm.Locksky.p : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098036.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098042.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098043.ocx -> Downloader.VB.ov : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098045.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098047.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098048.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098049.exe -> Proxy.Small.ea : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098050.exe -> Worm.Delf.i : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098052.exe -> Downloader.Small.cds : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098054.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098055.exe -> Trojan.Dialer.u : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098056.exe -> Downloader.CWS.r : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098057.exe -> Dropper.Agent.abu : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098058.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098080.dll -> Backdoor.Small.jo : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098081.dll -> Trojan.Agent.nw : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098085.dll -> Worm.Locksky.p : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098086.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098090.exe -> Downloader.Small.cds : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098091.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098092.exe -> Worm.Locksky.z : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098093.exe -> Proxy.Small.ea : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098095.exe -> Trojan.Dialer.u : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098096.exe -> Downloader.CWS.r : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098097.exe -> Downloader.Small.chg : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098098.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098099.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098100.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098101.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098103.exe -> Backdoor.Small.jo : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099122.dll -> Backdoor.Small.jo : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099123.dll -> Trojan.Agent.nw : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099126.dll -> Worm.Locksky.p : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099127.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099130.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099131.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099132.ocx -> Downloader.VB.ov : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099134.exe -> Proxy.Small.ea : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099136.exe -> Worm.Locksky.z : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099137.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099138.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099139.exe -> Trojan.Dialer.u : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099140.exe -> Downloader.CWS.r : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099141.exe -> Dropper.Agent.abu : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099142.exe -> Downloader.Small.chg : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099143.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099144.exe -> Worm.Delf.i : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099145.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099146.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099147.exe -> Downloader.Small.cho : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099148.exe -> Backdoor.Small.jo : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099149.exe -> Downloader.Small.cds : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0100122.exe -> Backdoor.Small.jo : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0100123.dll -> Trojan.Agent.nw : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0100125.exe -> Backdoor.Small.jo : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0100126.dll -

Tech Clinic / spy sherrif

« on: February 06, 2006, 11:59:47 PM »

I FOUND THE ORIGINAL REPORT, HIDDEN UNDER A FOLDER TITLED "RECENT"; THIS FIRST ONE IS FROM YESTERDAY, DON'T KNOW IF YOU STILL NEED IT OR NOT, SO HERE IT IS:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on:         10:24:42 PM, 2/5/2006
+ Report-Checksum:      F5C1E2E1

+ Scan result:

   HKLM\SOFTWARE\Desktop\LicenseStores -> Spyware.MidAddle : Cleaned with backup
   HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates : Cleaned with backup
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BC3BBF86-E4EC-4412-9676-8355468B3B05} -> Spyware.Maxspeed : Cleaned with backup
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges -> Trojan.Small : Cleaned with backup
   :mozilla.30:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
   :mozilla.31:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
   :mozilla.45:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
   :mozilla.50:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.51:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.52:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.58:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
   :mozilla.67:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.68:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.69:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.70:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.71:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.72:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.73:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.74:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.75:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.76:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.77:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.78:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.79:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.80:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.81:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.82:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.83:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.84:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.85:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.86:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.87:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.88:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.89:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.90:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.91:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.92:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.93:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.94:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.95:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.96:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.97:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.98:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.99:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.100:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.101:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.102:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.103:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.104:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.105:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.106:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.107:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.108:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.109:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.110:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.111:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.112:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.113:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.114:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.115:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.116:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.132:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.133:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.134:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.135:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.136:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.137:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.138:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.139:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
   :mozilla.142:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
   :mozilla.143:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
   :mozilla.153:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
   :mozilla.154:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
   :mozilla.163:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.164:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.165:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.166:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
   :mozilla.167:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
   :mozilla.168:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
   :mozilla.169:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
   :mozilla.174:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.176:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.177:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.178:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.179:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.180:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.181:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.185:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.186:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.201:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.202:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.203:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.204:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.205:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
   :mozilla.213:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.214:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.215:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
   :mozilla.224:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.225:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.226:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.227:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.236:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
   :mozilla.237:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
   :mozilla.238:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
   :mozilla.239:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
   :mozilla.243:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
   :mozilla.244:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
   :mozilla.245:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
   :mozilla.246:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
   :mozilla.249:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
   :mozilla.250:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
   :mozilla.253:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.254:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.255:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.256:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.257:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.308:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
   :mozilla.336:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
   :mozilla.340:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
   :mozilla.341:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.349:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
   :mozilla.361:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.373:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
   :mozilla.385:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
   :mozilla.386:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
   :mozilla.387:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
   :mozilla.398:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.399:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.412:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
   :mozilla.413:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
   :mozilla.414:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.415:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.416:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.417:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
   :mozilla.433:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
   :mozilla.434:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
   :mozilla.435:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
   :mozilla.463:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.464:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.465:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.466:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.468:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
   :mozilla.477:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.479:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.490:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.491:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.492:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.493:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Linksynergy : Cleaned with backup
   :mozilla.494:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Linksynergy : Cleaned with backup
   :mozilla.495:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
   :mozilla.496:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
   :mozilla.497:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
   :mozilla.498:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
   :mozilla.501:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
   :mozilla.509:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
   :mozilla.540:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.545:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
   :mozilla.565:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Clickagents : Cleaned with backup
   :mozilla.566:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Clickagents : Cleaned with backup
   :mozilla.567:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Clickagents : Cleaned with backup
   :mozilla.568:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Clickagents : Cleaned with backup
   :mozilla.569:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Clickagents : Cleaned with backup
   :mozilla.570:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Clickagents : Cleaned with backup
   :mozilla.571:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Clickagents : Cleaned with backup
   :mozilla.578:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.597:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.598:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.599:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.620:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.624:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
   :mozilla.664:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Matchcraft : Cleaned with backup
   :mozilla.666:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.714:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.754:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.765:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
   :mozilla.766:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
   :mozilla.779:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.780:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.827:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.828:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.829:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.830:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.832:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.897:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Ad-logics : Cleaned with backup
   :mozilla.898:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Ad-logics : Cleaned with backup
   :mozilla.940:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
   :mozilla.950:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
   :mozilla.958:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
   :mozilla.970:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
   :mozilla.980:C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\xb9fxqaz.default\cookies.txt -> Spyware.Cookie.Bluemountain : Cleaned with backup
   :mozilla.16:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.19:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.20:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.21:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.22:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.23:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.24:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.25:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
   :mozilla.29:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.30:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.31:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.32:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.33:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
   :mozilla.38:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
   :mozilla.51:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.52:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.53:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.54:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.55:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.56:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.57:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.58:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.63:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
   :mozilla.71:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Trafic : Cleaned with backup
   :mozilla.72:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.73:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.75:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.77:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.80:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.82:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.83:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.84:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.87:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
   :mozilla.88:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.89:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.90:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.92:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
   :mozilla.93:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
   :mozilla.96:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
   :mozilla.112:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
   :mozilla.113:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
   :mozilla.119:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
   :mozilla.141:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
   :mozilla.142:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
   :mozilla.143:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
   :mozilla.144:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
   :mozilla.149:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
   :mozilla.156:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\poe7l0sn.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
   C:\Documents and Settings\Tony\Cookies\tony@-1shz2prbmdj6wvny-1sez2pra2dj6wfkicmazkcpg-1dj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
   C:\Documents and Settings\Tony\Cookies\tony@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlyaocpigoasdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
   C:\Documents and Settings\Tony\Cookies\tony@y-1shz2prbmdj6wvny-1sez2pra2dj6wjmyumdzidpaidj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
   C:\Documents and Settings\Tony\Local Settings\Temp\~448962.tmp -> Downloader.WinTool : Cleaned with backup
   C:\Documents and Settings\Tony\Local Settings\Temp\~526117.tmp -> Downloader.WinTool : Cleaned with backup
   C:\Documents and Settings\Tony\Local Settings\Temp\~533831.tmp -> Downloader.WinTool : Cleaned with backup
   C:\Documents and Settings\Tony\Local Settings\Temp\~585870.tmp -> Downloader.WinTool : Cleaned with backup
   C:\Documents and Settings\Tony\Local Settings\Temp\~595156.tmp -> Downloader.WinTool : Cleaned with backup
   C:\Documents and Settings\Tony\Local Settings\Temp\~661390.tmp -> Downloader.WinTool : Cleaned with backup
   C:\Documents and Settings\Tony\Local Settings\Temp\~755696.tmp -> Downloader.WinTool : Cleaned with backup
   C:\Documents and Settings\Tony\Local Settings\Temp\~758442.tmp -> Downloader.WinTool : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0095988.exe -> Proxy.Small.ea : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0095989.exe -> Worm.Delf.i : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0097988.exe -> Spyware.AproposMedia : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0097990.exe -> Spyware.BargainBuddy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0097991.exe -> Spyware.CashBack : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0097992.exe -> Spyware.CashBack : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0097996.dll -> Spyware.BargainBuddy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0097997.exe -> Spyware.BargainBuddy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0097998.exe -> Spyware.BargainBuddy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098010.exe -> Spyware.BargainBuddy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098014.dll -> Spyware.BargainBuddy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098015.exe -> Spyware.BargainBuddy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098016.exe -> Spyware.BargainBuddy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098033.dll -> Trojan.Agent.nw : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098034.dll -> Backdoor.Small.jo : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098035.dll -> Worm.Locksky.p : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098036.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098042.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098043.ocx -> Downloader.VB.ov : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098045.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098047.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098048.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098049.exe -> Proxy.Small.ea : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098050.exe -> Worm.Delf.i : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098052.exe -> Downloader.Small.cds : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098054.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098055.exe -> Trojan.Dialer.u : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098056.exe -> Downloader.CWS.r : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098057.exe -> Dropper.Agent.abu : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098058.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098080.dll -> Backdoor.Small.jo : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098081.dll -> Trojan.Agent.nw : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098085.dll -> Worm.Locksky.p : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098086.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098090.exe -> Downloader.Small.cds : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098091.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098092.exe -> Worm.Locksky.z : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098093.exe -> Proxy.Small.ea : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098095.exe -> Trojan.Dialer.u : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098096.exe -> Downloader.CWS.r : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098097.exe -> Downloader.Small.chg : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098098.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098099.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098100.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098101.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0098103.exe -> Backdoor.Small.jo : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099122.dll -> Backdoor.Small.jo : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099123.dll -> Trojan.Agent.nw : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099126.dll -> Worm.Locksky.p : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099127.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099130.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099131.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099132.ocx -> Downloader.VB.ov : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099134.exe -> Proxy.Small.ea : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099136.exe -> Worm.Locksky.z : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099137.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099138.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099139.exe -> Trojan.Dialer.u : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099140.exe -> Downloader.CWS.r : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099141.exe -> Dropper.Agent.abu : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099142.exe -> Downloader.Small.chg : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099143.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099144.exe -> Worm.Delf.i : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099145.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099146.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099147.exe -> Downloader.Small.cho : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099148.exe -> Backdoor.Small.jo : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0099149.exe -> Downloader.Small.cds : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0100122.exe -> Backdoor.Small.jo : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0100123.dll -> Trojan.Agent.nw : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0100125.exe -> Backdoor.Small.jo : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0100126.dll -> Backdoor.Small.jo : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0100128.dll -> Worm.Locksky.p : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0100129.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information&#

Tech Clinic / spy sherrif

« on: February 06, 2006, 11:45:16 PM »

I just tried looking for the ewido report, and I still couldn't find it, so I ran it again, hope that's okay. Everything I see on there, 25 total infections, I saw last night with the original scan. Here it is, thanks:

ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on:         10:41:40 PM, 2/6/2006
+ Report-Checksum:      B3AF1A88

+ Scan result:

   C:\Documents and Settings\Michelle\Cookies\[email protected][1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107790.exe -> Adware.MidADle : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107791.exe -> Adware.MidADle : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107792.exe/eee2.exe -> Adware.MediaMotor : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107793.exe -> Downloader.Agent.ae : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107794.exe/eee2.exe -> Adware.MediaMotor : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107795.exe -> Spyware.AdSrve : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107796.exe -> Spyware.AdSrve : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107797.exe -> Spyware.UrlSpy : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107799.exe -> Spyware.AdSrve : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107800.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107801.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107802.exe -> Downloader.VB.vs : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107803.exe -> Trojan.Dialer.ay : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107804.exe -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107805.exe -> Downloader.VB.uc : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107806.exe -> Trojan.Inject.i : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107807.exe -> Downloader.Delf.zw : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107808.dll -> Proxy.Agent.ij : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107809.exe -> Worm.Locksky.ab : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107810.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107811.exe -> Trojan.Small : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107812.exe -> Dropper.Agent.abu : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107814.exe -> Downloader.Small.bnz : Cleaned with backup
   C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP121\A0107815.exe -> Downloader.Small.cho : Cleaned with backup

::Report End

Tech Clinic / spy sherrif

« on: February 06, 2006, 10:38:39 PM »

Hi! Well, I have one actual folder labeled "backups" on my desktop, but within that folder there are 25 actual files. When I tried to open one of the files a window pops up saying " you are attempting to open a file of type Application Extension ( .dll). also says if I try to open it, it could damage my system. When I tried to open some of the other files it says it couldn't open them because it needed to know what program created them. Also, with the Smitrem, the first time I ran it, when it got to the part abaout disk clean up and it said it could take up to 3 hours to clean, right after that message everything just disappeared back to normal, and I wasn't sure if it cleaned it at all, so I ran it again. I will try to find the Edwido report.

I just realized that before installing spysweeeper my mozilla firefox was disabled. Everything is running fine, but there is a website for my job that I can't get into anymore, and it goes through Micorosoft outlook. Also, this spy sheriff thing I had, or one of the many things I had, sent out a bunch of e-mail under my name to every contact on my mail list, under the heading "your e-bay account has been suspended", and now road runner has sent me an e-mail saying I'm a spammer. What do I do next, after I find that report?
Do I still have any security protection, like the adaware se, or spy sweeper, actually enabled? Thanks!

Tech Clinic / spy sherrif

« on: February 06, 2006, 12:46:21 AM »

Logfile of HijackThis v1.99.1
Scan saved at 11:26:06 PM, on 2/5/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Michelle\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.dellnet.com/
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Startup: WkCalRem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0\aoltray.exe
O4 - Global Startup: MA521 Configuration Utility.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

smitRem © log file
version 2.8

by noahdfear

Microsoft Windows XP [Version 5.1.2600]
The current date is: Sun 02/05/2006
The current time is: 21:58:25.39

Running from
C:\Documents and Settings\Michelle\Desktop\smitRem

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Pre-run SharedTask Export

SharedTaskScheduler exporter by Grinler

Registry Pseudo-Format Mode (Not a valid reg file):

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

checking for ShudderLTD key

ShudderLTD key not present!

checking for PSGuard.com key

PSGuard.com key not present!

checking for WinHound.com key

WinHound.com key not present!

spyaxe uninstaller NOT present
Winhound uninstaller NOT present
SpywareStrike uninstaller NOT present

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Existing Pre-run Files

~~~ Program Files ~~~

~~~ Shortcuts ~~~

~~~ Favorites ~~~

~~~ system32 folder ~~~

~~~ Icons in System32 ~~~

~~~ Windows directory ~~~

~~~ Drive root ~~~

~~~ Miscellaneous Files/folders ~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 [email protected]
Killing PID 1440 'explorer.exe'
Killing PID 1440 'explorer.exe'

Starting registry repairs

Registry repairs complete

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SharedTask Export after registry fix

SharedTaskScheduler exporter by Grinler

Registry Pseudo-Format Mode (Not a valid reg file):

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Deleting files

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Remaining Post-run Files

~~~ Program Files ~~~

~~~ Shortcuts ~~~

~~~ Favorites ~~~

~~~ system32 folder ~~~

~~~ Icons in System32 ~~~

~~~ Windows directory ~~~

~~~ Drive root ~~~

~~~ Miscellaneous Files/folders ~~~

~~~ Wininet.dll ~~~

CLEAN!

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'

\' />

I'M SORRY I CAN'T FIND THE EDWIDO REPORT! CAN YOU TELL ME HOW TO FIND IT, BECAUSE I WAS SURE THAT I SAVED IT, BUT I DID HAVE AN ERROR MESSAGE WHEN I RAN THE SMITREM, AND NOW I HAVE A BUNCH OF FOLDERS MARKED " BACKUPS" , I THINK I RAN IT TWICE BY ACCIDENT BECAUSE AN ERROR MESSAGE CAME UP SAYING SOMETHING ABOUT WORKING IN SAVE MODE OR DO I WANT TO RESTORE , SO I DID BOTH. OOPS! PLEASE HELP, I THOUGHT I DID THIS RIGHT CUZ IT TOOK ABOUT 3 HOURS, THANKS!

Tech Clinic / spy sherrif

« on: February 04, 2006, 10:41:34 PM »

thanks for your quick response; I work all weekend so I am going to try to do this tonight or tomorrow. will let you know how it goes, thanks!

Tech Clinic / spy sherrif

« on: February 03, 2006, 11:16:11 PM »

Logfile of HijackThis v1.99.1
Scan saved at 10:12:02 PM, on 2/3/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\wanmpsvc.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\windows\eee2.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Michelle\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.dellnet.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {56B27C99-B174-BE88-2C06-BDCE69BCE2BA} - C:\WINDOWS\System32\msiocvv.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [ahub] C:\WINDOWS\ahub.exe
O4 - HKLM\..\Run: [edebqf] C:\WINDOWS\edebqf.exe
O4 - HKLM\..\Run: [hknuj] C:\WINDOWS\hknuj.exe
O4 - HKLM\..\Run: [ncrmvep] C:\WINDOWS\ncrmvep.exe
O4 - HKLM\..\Run: [ajah] C:\WINDOWS\ajah.exe
O4 - HKLM\..\Run: [ybsrylkj] C:\WINDOWS\ybsrylkj.exe
O4 - HKLM\..\Run: [bcpwfaz] C:\WINDOWS\bcpwfaz.exe
O4 - HKLM\..\Run: [dofuhgl] C:\WINDOWS\dofuhgl.exe
O4 - HKLM\..\Run: [oxwz] C:\WINDOWS\oxwz.exe
O4 - HKLM\..\Run: [hTm2lb] C:\documents and settings\tony\local settings\temp\hTm2lb.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [C] C:\windows\C.exe
O4 - HKLM\..\Run: [K3] C:\windows\K3.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [inrh95] C:\WINDOWS\System32\inrh95
O4 - HKLM\..\Run: [igfxsrvs] C:\WINDOWS\System32\igfxsrv.exe
O4 - HKLM\..\Run: [tm~*] C:\windows\eee2.exe
O4 - HKLM\..\Run: [loader.exe] C:\WINDOWS\System32\loader.exe
O4 - HKLM\..\Run: [Ad-aware] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe" +c
O4 - HKLM\..\Run: [wahm] C:\windows\eee2.exe
O4 - HKLM\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\HJT\AdwareAlert.Exe -boot
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Startup: WkCalRem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0\aoltray.exe
O4 - Global Startup: MA521 Configuration Utility.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O15 - Trusted Zone: *.media-motor.net
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O20 - AppInit_DLLs: C:\WINDOWS\System32\UDHISAPI804h.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

THIS IS MY FIRST LOG FILE; THANKS FOR YOUR HELP!

Tech Clinic / spy sherrif

« on: February 03, 2006, 03:16:42 PM »

can someone help me? a few days ago a warning appeared on my laptop saying my computer was infected. on my desktop this red and black spy sherrif message appeared. a couple of days later, i couldn't even get onto the internet. this thing also apparently sent out e-mails to all of my contacts, and about 80 to myself. i bought spy sweeper and performed the scan/ sweep. now everything appears fine, i can get onto the internet, no more e-mails to myself from this thing ( i deleted them) but my desktop is still blue, and my favorites list is different; it;s not my updated one, and my microsoft works calendar does not open automatically with my reminders, and it should because it was still opening when i had the spy sherrif on there. can anyone help? i'm really new to all of this! thanks!

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'

\' />

Pages: [1]

TheTechGuide Forum

News:

Show Posts

Messages - amp

Tech Clinic / spy sherrif

Tech Clinic / spy sherrif

Tech Clinic / spy sherrif

Tech Clinic / spy sherrif

Tech Clinic / spy sherrif

Tech Clinic / spy sherrif

Tech Clinic / spy sherrif

Tech Clinic / spy sherrif

Tech Clinic / spy sherrif

Tech Clinic / spy sherrif

Tech Clinic / spy sherrif

Tech Clinic / spy sherrif

Tech Clinic / spy sherrif