« previous next »
Pages: [1]

Author Topic: Cannot run Regedit or Cmd  (Read 2174 times)

Offline Scavengergirl

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
    • http://www.myspace.com/scavengergirl
Cannot run Regedit or Cmd
« on: March 25, 2006, 02:30:01 PM »
http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' /> Hi-
I'm a pretty much a newbie, I don't know a whole lot but I'm trying to learn! I'm having an issue similar to this: http://www.thetechguide.com/forum/lofivers...php/t22573.html

It started like this: I read an article on MSN - how to speed up XP with registry changes, I tried it at work, liked it so I decided to do it at home. That's when I realized I had a problem. I attempting to run regedit; the black (dos?) screen popped up, then closed. Tried multiple times, same result.
 Tried to run cmd, thinking I could run regedit from there, the window pops up and I get this error message:

c:windows\system32\cmd.com
The NTVDM CPU has encountered an illegal instruction.
CS:0563 IP:0104 OP:fe a1 4b 02 a3 Choose 'Close' to terminate the application.

I'm given a choice of close & ignore but both just close the window.

Then I type command in run and get the window, try regedit, and the screen closes.

So I ran my Norton 2005 (trial) and came up with nothing.

I ran Ad-Aware SE Personal and noticed it was scanning a folder named "Complete" C:\Documents and Settings\Roz\Complete
Not a folder I created. I had to open it by typing the path - I can't see it even though I have show hidden files selected. It's filled with small, random zip files (14,000+) all saved within a matter of hours on the same day. I ran a Norton scan on 1 and came up with nothing. I deleted all the files but I can't delete the folder. It's really hidden, I tried changing it's properties to make it not hidden, and tried different permissions settings so I can delete it  but can't - even as an Administrator. From what I've read that appears to be something from Limewire. I already uninstalled Limewire, ran a search for all limewire files and deleted those.

So what I want to do is this:
Delete that 'Complete' folder - even if it doesn't matter -only because it doesn't want me to.
Find and fix whatever is keeping my cmd and regedit function from functioning properly.
Also maybe get rid of the Verizon stuff, no longer my isp, unless it really doesn't matter.

This is my log:

Logfile of HijackThis v1.99.1
Scan saved at 2:15:10 PM, on 3/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
c:\windows\system32\dllcache\win32\winlogon.exe
C:\Program Files\eM\Bay Reader\Shwicon2k.exe
C:\Program Files\Ahead\InCD\InCD.exe
c:\windows\system32\dllcache\win32\winlogon.exe
c:\windows\system32\dllcache\win32\csrss.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\HJT\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1;<local>
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CVirtualDNSObj Object - {86C510E9-97EF-4749-914F-0280247BE3A6} - C:\WINDOWS\VirtualDNS.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [showicon2k] C:\Program Files\\eM\Bay Reader\Shwicon2k.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\RunServices: [p2pnetworking] p2pnetworking.exe
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1128183872750
O16 - DPF: {776706AE-CACA-4EA3-93DF-BB83D9259DA9} (MailConfigure Class) - http://supportservices.msn.com/us/oeconfig/MailCfg.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} - http://www.verizon.net/checkmypc/includes/MotivePreQual.cab
O16 - DPF: {D06A22B4-6087-4D3D-B7AF-82B113E9ABD4} - http://www2.verizon.net/update/msnwebinsta...es/vzWebIns.CAB
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} - https://music.msn.com/client/msnmusax2525.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NTLOAD - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe
O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) -   - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Thanks!
http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' />
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Cannot run Regedit or Cmd
« Reply #1 on: March 25, 2006, 04:31:58 PM »
Can you do the following please

I'm not sure if you tried any of the steps outlined in that link you posted
But if you have p2pnetwork.bfu
Can you delete it please, let's update it

Can you open "MyComputer"
Double click to open Local Disk C: drive
Right click an empty spot  and left click NEW>>Folder
A new folder will be placed in the C: folder , name it BFU
So you now have C:\BFU

Please download Brute Force Uninstaller
Reminder, choose SAVE rather than OPEN
Then Extract (UNZIP) the contents to the (C:\BFU) folder you just made
So you now have C:\Bfu\bfu.exe

[color=\"#CC0000\"]RIGHT CLICK HERE[/color]
 and choose "Save As" (in IE it's "Save Target As") in order to download  [color=\"#3333FF\"]Alcra Remover[/color].
Save it in the folder you made earlier (c:\BFU)
So you now have C:\Bfu\alcanshorty.bfu

==Download and Install
Windows Cleanup! 4.0
Don't run it yet

==Download and then Install
Ewido anti-malware 3.5

When installing, under "Additional Options" Uncheck
 "Install background guard" and "Install scan via context menu".

From the main ewido screen, click on Update in the left menu, then click the Start update button.
After the update finishes (the status bar at the bottom will display "Update successful")
Close out Ewido for now, we'll need it later
If for some reason the Updater won't work can you manually download the
Updates from this link after you have Ewido installed
http://www.ewido.net/en/download/updates/

Please save these instructions to a Notepad file and save it to your Desktop for reference
or Print them out!
I recommend that you save the instructions to a text file so you can copy and paste some instructions below

Close down all browser windows please, including this one
Remain offline for the rest of these instructions please

Can you disable Norton's script blocking until we have you clean please
To disable Norton AntiVirus Script Blocking

   1. Start Norton AntiVirus.
      If Norton AntiVirus is installed as part of Norton SystemWorks or Norton Internet Security, then start that program.
   2. Click Options.
      If you see a menu, click Norton AntiVirus.
   3. In the left pane, click Script Blocking.
   4. In the right pane, uncheck Enable Script Blocking (recommended).
   5. Click OK.

Afterwards
Go to START>>>RUN>>>type in services.msc
Hit OK
In the next window, look on the right hand side for this service
name---- NTLOAD

Double click on it--- STOP the service--If running
In the drop down menu, change the startup type to Disabled
Do the same for this one please
NTSVCMGR
Exit  Service config window

We're going too do a few fixes with Hijackthis
Do a "System scan only" with Hijackthis and put a check next to these entries:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
O2 - BHO: CVirtualDNSObj Object - {86C510E9-97EF-4749-914F-0280247BE3A6} - C:\WINDOWS\VirtualDNS.dll
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} - http://www.verizon.net/checkmypc/includes/MotivePreQual.cab
O16 - DPF: {D06A22B4-6087-4D3D-B7AF-82B113E9ABD4} - http://www2.verizon.net/update/msnwebinsta...es/vzWebIns.CAB

After you have ticked the above entry, close All other open windows
Leave Hijackthis open and click FIX CHECKED
YES to the prompt
Afterwards, in Hijackthis>>Click on CONFIG under Other stuff on the bottom right
Then select MISC TOOLS
Open the "Delete File on Reboot" button
In the File name field, copy and paste, or type the following line below in bold
Then click the OPEN button

c:\windows\system32\dllcache\win32\winlogon.exe

Hijackthis should prompt that the file will be deleted and you need to reboot your computer
DON'T Reboot the computer yet>>Select NO at the prompt
Do exactly the same routine for these next paths to the file names below

c:\windows\system32\dllcache\win32\csrss.exe

and then this one
C:\WINDOWS\VirtualDNS.dll

Stay with Hijackthis>> select "Delete an NT Service" under System Tools
In the new box that opens, type the following and then hit OK afterwards

NTLOAD
Don't reboot the computer yet if prompted
Instead do the exact same routine for this next one
NTSVCMGR
Again, don't reboot the computer yet, you can now exit hijackthis

=Open the C:\BFU folder
Double click to run BFU.exe
Use the "Open Script file" button (the folder icon next to Scriptfile to execute)
Navigate to alcanshorty.bfu in the C:\BFU folder
Right click alcanshorty.bfu and choose Select
In Brute Force Uninstaller select Execute
Wait for the "complete script execution" box to pop up and press OK.
Press exit to terminate the BFU program.

REBOOT the computer now!

Back in Windows, don't open a browser yet, instead
==Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).
Set the program up as follows:
Click "Options..."
Move the arrow down to "Custom CleanUp!"
Put a check next to the following (Make sure nothing else is checked!):

    * Empty Recycle Bins
    * Delete Cookies
    * Delete Prefetch files
    * Cleanup! All Users

Click OK
Press the CleanUp! button to start the program.
When it's done, decline to log off or restart the computer

==Open Ewido Anti-malware
Click on the Scanner button on the left menu
Select Complete System Scan
*If Ewido finds something it will prompt you with "Infected Object found"
Ensure the following are Selected
  *1. Perform Action = Remove
  *2. Create Encrypted Backup in Quarantine (Recommended)
  *3. Perform action with all infections
  Then click OK
When Ewido has finished it's scan click the "Save Report" button
Save the report to the desktop or someplace you will remember
Exit Ewido
NOTE: When Ewido is running, don't open any other windows, let it run uninterrupted

Reboot the computer one more time

Come back here and post a fresh hijackthis log and the Whole report from Ewido's please
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline Scavengergirl

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
    • http://www.myspace.com/scavengergirl
Cannot run Regedit or Cmd
« Reply #2 on: March 26, 2006, 01:31:14 PM »
Ok- I followed all of the directions - after running BFU - Right before [the "complete script execution" box to pop up and press OK.] My Documents folder popped open with the folders displayed - Not my normal setting.

I might also mention I normally use Firefox for browsing and CCleaner to clean up my system.

This is what my logs have to say:

Logfile of HijackThis v1.99.1
Scan saved at 1:25:28 PM, on 3/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\eM\Bay Reader\Shwicon2k.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Eraser\eraser.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Roz\Desktop\BFU\HJT\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1;<local>
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [showicon2k] C:\Program Files\\eM\Bay Reader\Shwicon2k.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1128183872750
O16 - DPF: {776706AE-CACA-4EA3-93DF-BB83D9259DA9} (MailConfigure Class) - http://supportservices.msn.com/us/oeconfig/MailCfg.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} - https://music.msn.com/client/msnmusax2525.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) -   - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe


---------------------------------------------------------
 ewido anti-malware - Scan report
---------------------------------------------------------

 + Created on:         1:12:31 PM, 3/26/2006
 + Report-Checksum:      5E903662

 + Scan result:

   HKLM\SOFTWARE\PerfectNav -> Adware.KeenValue : Cleaned with backup
   C:\Documents and Settings\Roz\Desktop\BFU\HJT\backups\backup-20060325-225320-815.dll -> Adware.Webdir : Cleaned with backup
   :mozilla.38:C:\Documents and Settings\Roz\My Documents\Firefox\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
   :mozilla.40:C:\Documents and Settings\Roz\My Documents\Firefox\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
   :mozilla.41:C:\Documents and Settings\Roz\My Documents\Firefox\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
   :mozilla.47:C:\Documents and Settings\Roz\My Documents\Firefox\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
   :mozilla.48:C:\Documents and Settings\Roz\My Documents\Firefox\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
   :mozilla.57:C:\Documents and Settings\Roz\My Documents\Firefox\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
   :mozilla.58:C:\Documents and Settings\Roz\My Documents\Firefox\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
   :mozilla.6:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Masterstats : Cleaned with backup
   :mozilla.7:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.8:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.9:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.10:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.11:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
   :mozilla.12:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
   :mozilla.13:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
   :mozilla.14:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.15:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
   :mozilla.16:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
   :mozilla.17:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
   :mozilla.19:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
   :mozilla.20:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
   :mozilla.30:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
   :mozilla.31:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
   :mozilla.43:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.45:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.46:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.47:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.48:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.52:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.53:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.54:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.55:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.56:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.57:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.58:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.59:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.60:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.61:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.62:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.63:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.64:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.65:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.66:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.67:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.68:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.69:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.70:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.71:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.72:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.73:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.74:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.75:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.76:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.77:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.79:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.80:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.81:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.82:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.83:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.84:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.85:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.86:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.87:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.88:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.89:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.90:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.91:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.92:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.93:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.94:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.95:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.96:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.97:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.98:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.99:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.100:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.101:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.102:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.108:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.110:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.111:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.112:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.113:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.114:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.115:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.116:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.119:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.120:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.121:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.122:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.123:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.124:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.125:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.126:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.127:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.128:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.129:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.130:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.132:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.133:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.134:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.135:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.136:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.137:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.138:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.139:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.140:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.141:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.142:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.143:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.144:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.145:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.146:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.147:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.148:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.149:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.150:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.151:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.152:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.153:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.154:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.155:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.156:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.157:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.165:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
   :mozilla.166:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
   :mozilla.168:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
   :mozilla.169:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
   :mozilla.188:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
   :mozilla.189:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
   :mozilla.190:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
   :mozilla.191:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
   :mozilla.192:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
   :mozilla.200:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
   :mozilla.201:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
   :mozilla.202:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
   :mozilla.208:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.209:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.210:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.211:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.215:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.216:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.223:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.230:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
   :mozilla.231:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
   :mozilla.232:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
   :mozilla.233:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
   :mozilla.234:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
   :mozilla.235:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
   :mozilla.236:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
   :mozilla.237:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
   :mozilla.238:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
   :mozilla.239:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
   :mozilla.243:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.251:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
   :mozilla.252:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
   :mozilla.253:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.272:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.273:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.276:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
   :mozilla.278:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
   :mozilla.279:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
   :mozilla.280:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.281:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.282:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.283:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.284:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.285:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.286:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.287:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.290:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
   :mozilla.291:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
   :mozilla.293:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
   :mozilla.294:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
   :mozilla.295:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.296:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.304:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.342:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
   :mozilla.354:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
   :mozilla.355:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
   :mozilla.356:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
   :mozilla.365:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.374:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.375:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.376:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.381:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
   :mozilla.382:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
   :mozilla.384:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.385:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.390:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.394:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.395:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.396:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.402:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.404:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.414:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.419:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
   :mozilla.431:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
   :mozilla.445:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.446:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.447:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.448:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.449:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.450:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.451:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.452:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.462:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
   :mozilla.474:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
   :mozilla.475:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
   :mozilla.476:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
   :mozilla.477:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
   :mozilla.478:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.479:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.480:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.483:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
   :mozilla.484:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
   :mozilla.485:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
   :mozilla.486:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.487:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
   :mozilla.493:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.503:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.504:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.505:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.506:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.507:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.508:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.513:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.517:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.519:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
   :mozilla.520:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
   :mozilla.531:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
   :mozilla.532:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
   :mozilla.533:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
   :mozilla.534:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
   :mozilla.539:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.541:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Adviva : Cleaned with backup
   :mozilla.542:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Adviva : Cleaned with backup
   :mozilla.543:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.544:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
   :mozilla.549:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.550:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.551:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.552:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.553:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.554:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Com : Cleaned with backup
   :mozilla.555:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Com : Cleaned with backup
   :mozilla.558:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.559:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.560:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.561:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.568:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup
   :mozilla.581:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.582:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.588:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.589:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.591:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.592:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.617:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Trafic : Cleaned with backup
   :mozilla.620:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.627:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.628:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.683:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
   :mozilla.696:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
   :mozilla.697:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
   :mozilla.698:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
   :mozilla.699:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
   :mozilla.700:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
   :mozilla.701:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
   :mozilla.702:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
   :mozilla.709:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.710:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.711:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.712:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.713:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.714:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.715:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.716:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.717:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.718:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.719:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.720:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.721:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.722:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.724:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
   :mozilla.726:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.729:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.741:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
   :mozilla.744:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.746:C:\Documents and Settings\Roz\My Documents\I
Logged

Offline Scavengergirl

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
    • http://www.myspace.com/scavengergirl
Cannot run Regedit or Cmd
« Reply #3 on: March 26, 2006, 02:11:25 PM »
I didn't realize it was cut off so here is the end of the log:


mozilla.746:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
   :mozilla.747:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
   :mozilla.748:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
   :mozilla.757:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.765:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.766:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.771:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.772:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.773:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
   :mozilla.777:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.781:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.782:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.786:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.787:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.788:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.794:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.803:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
   :mozilla.810:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.811:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.815:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.816:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.817:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.818:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.822:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Clickhype : Cleaned with backup
   :mozilla.823:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.824:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.825:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.828:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.831:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.833:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.834:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.835:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.836:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.837:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.838:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.839:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.840:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.841:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.842:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.845:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.846:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.850:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.851:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.855:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.856:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.859:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.860:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.861:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.870:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
   :mozilla.871:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.874:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.877:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.883:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.884:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.887:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.890:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.894:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.900:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.901:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.902:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.903:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.904:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.905:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   :mozilla.907:C:\Documents and Settings\Roz\My Documents\Info\Firefox Profile\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
   C:\WINDOWS\system32\dllcache\win32\load.bat -> Trojan.Zapchast : Cleaned with backup
   C:\WINDOWS\system32\dllcache\win32\psshutdown.exe -> Not-A-Virus.HackTool.Win32.Brumer.e : Cleaned with backup
   C:\WINDOWS\system32\dllcache\win32\red.exe -> Not-A-Virus.RemoteAdmin.Win32.NirComLine.12 : Cleaned with backup
   C:\WINDOWS\system32\dllcache\win32\services.exe -> Backdoor.Iroffer.b : Cleaned with backup
   C:\WINDOWS\system32\ps.exe -> Dropper.Agent.mf : Cleaned with backup
   C:\WINDOWS\system32\wgse.exe -> Trojan.Runner.h : Cleaned with backup


::Report End
Logged

Offline Scavengergirl

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
    • http://www.myspace.com/scavengergirl
Cannot run Regedit or Cmd
« Reply #4 on: March 26, 2006, 05:21:11 PM »
I ran Edwido again - this time in safe mode - and came out clean.
I tried regedit & cmd again and now they both work! java script:emoticon('http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' />', 'smid_4')
smilie
The only thing I'd like to know now is how to get rid of that 'Complete' folder that I can't even see..
I figured I'd post one more log and see if there are any further suggestions.

Logfile of HijackThis v1.99.1
Scan saved at 5:19:04 PM, on 3/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\eM\Bay Reader\Shwicon2k.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Eraser\eraser.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Roz\Desktop\BFU\HJT\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1;<local>
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [showicon2k] C:\Program Files\\eM\Bay Reader\Shwicon2k.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1128183872750
O16 - DPF: {776706AE-CACA-4EA3-93DF-BB83D9259DA9} (MailConfigure Class) - http://supportservices.msn.com/us/oeconfig/MailCfg.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} - https://music.msn.com/client/msnmusax2525.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) -   - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe



---------------------------------------------------------
 ewido anti-malware - Scan report
---------------------------------------------------------

 + Created on:         5:00:40 PM, 3/26/2006
 + Report-Checksum:      44AB4732

 + Scan result:

   No infected objects found.


::Report End


Thanks for the help!
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Cannot run Regedit or Cmd
« Reply #5 on: March 26, 2006, 08:25:15 PM »
Can you try again resetting Windows to show hidden files and folders
* Click Start.
    * Open My Computer.
    * Select the Tools menu and click Folder Options.
    * Select the View Tab.
    * Under the Hidden files and folders heading select Show hidden files and folders.
    * Uncheck the Hide protected operating system files (recommended) option.
    * Uncheck the Hide Extensions for known file types
    * Click Yes to confirm.
    * Click OK.

then see if the Complete folder exists still
C:\Documents and Settings\Roz\Complete

Remove it if found and reverse to changes to rehide hidden files and folders
Your log looks good

*If everything is running better
Final Cleanup
We should clear all your restore points to ensure you don't restore any nasties that may be sitting idle
    Go to START>>RUN>>In the open field
    Type in
msconfig
Click OK
Click the "Launch System Restore" button
On the Left hand side click on "System Restore Settings"
Put a Check in "Turn off System Restore"
Apply it and OK out of there>>Reboot your computer
[/list]                          
Back in Windows, Go back and take the check out of "Turn off system restore"
This will reenable the System Restore feature and creates a new restore point

                *Install  SpywareBlaster 3.5.1 by JavaCool[/url]  
    *Will block bad ActiveX Controls
    *Block Malevolent cookies in Internet Explorer and Firefox
    *Restrict actions of potentially dangerous sites in Internet Explorer
After installation, Check for updates and then click the "Enable all protection"
"Check for updates every couple of weeks"
after every update just simply click the "enable protection on all unprotected items"
                   
*Make sure your Anti-Virus software is always kept up to date and actively running in the background

*Check for updates with your anti-spyware programs and run a scan on a regular basis
In addition>>Open Spybot 1.4
Click the Immunize button on the left
OK>>Immunize at the top green cross
Please use the Immunize feature in Spybot after every update

+You may also choose to hold onto Ewido
Ewido will become a Limited version in a couple weeks
It's still a very good scanner to update and run once a month

*Keep up to date on Windows updates
This is the most important step in keeping your system secure

In addition: If you have Microsoft's Office products installed
You will find a link at Windows Updates named "Office Family"
This will include security updates for the Office products

Stay safe  http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />
« Last Edit: March 26, 2006, 08:35:31 PM by guestolo »
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Pages: [1]
« previous next »