Author Topic: What Do I Do Now..... (Read 5348 times)

2-D · « **on:** January 16, 2006, 03:15:52 AM »

I turn on my computer...wait for it to log me in... everything loads up as it should and then i go to open something and everything freezes cant click, cant ctrl alt delete... nothing. so i run my computer in safe mode and go to msn config and disable some stuff from starting up. i restart and now im here.. the GUI is looking old, not the same blue interface that comes with XP.

i dont think posting a log would do much since almost all things that start up are disabled... but ill try to able everything and get the log... here is the log now.

Logfile of HijackThis v1.99.1
Scan saved at 12:15:05 AM, on 1/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Administrator\Desktop\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {22D003CE-6952-46C5-80B9-D19B479620AB} - (no file)
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O9 - Extra 'Tools' menuitem: Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - <a href='http://by112fd.bay112.Email Removed.msn.com/resources/MsnPUpld.cab' target='_blank' rel='nofollow'>http://by112fd.bay112.Email Removed.msn.com/resources/MsnPUpld.cab</a>
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppD...ap/DigWXMSN.cab
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/51/install/gtdownls.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

ill post another later..

EDIT: everything is the same... except some files come on startup.. everything looks the same..plz help...god....

Logfile of HijackThis v1.99.1
Scan saved at 12:19:57 AM, on 1/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Userinit.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Administrator\Desktop\markz shizit\New Folder\Spyware Doctor\swdoctor.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
C:\Documents and Settings\Administrator\Desktop\LimeWires\LimeWire.exe
C:\Program Files\Messenger\msmsgs.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\dumprep.exe
C:\Documents and Settings\Administrator\Desktop\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {22D003CE-6952-46C5-80B9-D19B479620AB} - (no file)
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSKExe] c:\PROGRA~1\mcafee\SPAMKI~1\spamkiller.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Documents and Settings\Administrator\Desktop\markz shizit\New Folder\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: LimeWire On Startup.lnk = C:\Documents and Settings\Administrator\Desktop\LimeWires\LimeWire.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O9 - Extra 'Tools' menuitem: Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by112fd.bay112.Email Removed.msn.com/resources/MsnPUpld.cab\' target=\'_blank\' rel=\'nofollow\'>http://by112fd.bay112.Email Removed.msn.com/resources/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppD...ap/DigWXMSN.cab
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/51/install/gtdownls.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

2-D · « **Reply #1 on:** January 16, 2006, 04:41:03 AM »

I ALSO CANNOT HEAR SOUND!!!!!!!!!!!!!!!!!!!!!

2-D · « **Reply #2 on:** January 16, 2006, 07:15:58 AM »

god jesus plz help i know its only been an hour or so but if this isnt fixed soon in gonna be in some deep [censored]

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/sleep.gif\' class=\'bbc_emoticon\' alt=\'-_-\' />

i cant print <-- BIG PROBLEM
cant hear anything from my computer, except a lil beep from the brain
cant play soldat (lol)
cant use webcam
cant use mic
cant choose XP theme

many other things, prolly everything
lucky i have internet connection, cuz i cant do anything else

2-D · « **Reply #3 on:** January 16, 2006, 04:56:54 PM »

bump...........

2-D · « **Reply #4 on:** January 16, 2006, 06:31:21 PM »

bump?

guestolo · « **Reply #5 on:** January 16, 2006, 06:34:52 PM »

Go back to msconfig
Under the Startup tab>>enable all
Under the General tab>>Select Normal

Apply and close, but Don't reboot the computer yet

Instead, come back here and post a fresh hijackthis log

2-D · « **Reply #6 on:** January 16, 2006, 07:42:17 PM »

those settings where already like that lol

Logfile of HijackThis v1.99.1
Scan saved at 4:42:09 PM, on 1/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Desktop\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSKExe] c:\PROGRA~1\mcafee\SPAMKI~1\spamkiller.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [Active Shield] C:\Program Files\Security Stronghold\Active Shield\ActiveShield.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Documents and Settings\Administrator\Desktop\markz shizit\New Folder\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: LimeWire On Startup.lnk = C:\Documents and Settings\Administrator\Desktop\LimeWires\LimeWire.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O9 - Extra 'Tools' menuitem: Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by112fd.bay112.Email Removed.msn.com/resources/MsnPUpld.cab\' target=\'_blank\' rel=\'nofollow\'>http://by112fd.bay112.Email Removed.msn.com/resources/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppD...ap/DigWXMSN.cab
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/51/install/gtdownls.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

guestolo · « **Reply #7 on:** January 16, 2006, 07:53:27 PM »

Quote

those settings where already like that lol

I don't want to get too involved in your log
You now have McAfee's and Norton's installed
Or both were installed earlier
Having more than one active AV running in the background can cause conflicts and decrease system performance
I suggest you uninstall one or the other and then reboot your computer afterwards

Also: I didn't see Security Stronghold
I'm not familiar with this program, but can interfere with any fixes also, if we may have to do any

You appear to be installing what you don't need
Again, I'm not sure how much I want to get involved in this log

Having too many Security programs can cause interference with each other
and just be a waste of time attempting to help fix it

If you want to keep installing other programs, go ahead, you seem very impatient
But when your done, come back here and see if I can be of any help

2-D · « **Reply #8 on:** January 16, 2006, 08:03:43 PM »

i cant run anything. i cant connect printers or anything. im going to uninstal mcafee now because like you said i dont need it at all.

guestolo · « **Reply #9 on:** January 16, 2006, 08:05:44 PM »

That's not enough, is Security Stronghold something you paid for
If not, uninstall it for now too

2-D · « **Reply #10 on:** January 16, 2006, 08:08:00 PM »

no. ill uninstall that with mcafee.

uh.. sererity stronghold is already uninstalled, but the folder is still there with a few .dat files and one configuration setting..

and you can get into my log all you want, what ever will fix my computer ..k

guestolo · « **Reply #11 on:** January 16, 2006, 08:13:55 PM »

When you have the above uninstalled and reboot the computer
Come back here and post a fresh hijackthis log

2-D · « **Reply #12 on:** January 16, 2006, 08:19:03 PM »

Logfile of HijackThis v1.99.1
Scan saved at 5:18:50 PM, on 1/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Administrator\Desktop\markz shizit\New Folder\Spyware Doctor\swdoctor.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
C:\Documents and Settings\Administrator\Desktop\LimeWires\LimeWire.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Desktop\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [Active Shield] C:\Program Files\Security Stronghold\Active Shield\ActiveShield.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Documents and Settings\Administrator\Desktop\markz shizit\New Folder\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: LimeWire On Startup.lnk = C:\Documents and Settings\Administrator\Desktop\LimeWires\LimeWire.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O9 - Extra 'Tools' menuitem: Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - <a href='http://by112fd.bay112.Email Removed.msn.com/resources/MsnPUpld.cab' target='_blank' rel='nofollow'>http://by112fd.bay112.Email Removed.msn.com/resources/MsnPUpld.cab</a>
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppD...ap/DigWXMSN.cab
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/51/install/gtdownls.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

mcafee updater still installed..?

and since there isnt an active shield.exe anymore, or where it says it is then...wtf..

guestolo · « **Reply #13 on:** January 16, 2006, 08:30:11 PM »

Can you open Hijackthis>>Open Misc tools section>>Open Uninstall manager
Click the SAVE LIST button
Save this list too desktop then copy and paste back here the whole contents please

2-D · « **Reply #14 on:** January 16, 2006, 08:31:37 PM »

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/happy.gif\' class=\'bbc_emoticon\' alt=\'^_^\' />

Ad-Aware SE Personal
Adobe Photoshop CS
Adobe Reader 7.0.5
All Video Converter 2.3
ArcSoft Multimedia Email
ArcSoft PhotoImpression 4
ArcSoft PhotoImpression 5
AviSynth 2.5
BCM V.92 56K Modem
BitTorrent 4.2.0
Camtasia Studio 3
ccCommon
ccCommon
Change Extension
Cheat Engine 5.1.1
Cheat Engine 5.2
CleanUp!
Creative WebCam Center
Creative WebCam Instant Driver (1.01.02.0729)
Creative WebCam Instant User's Guide (English)
Delete FXP Files
Ease Audio Converter 1.81
ewido security suite
EZ-Tracks Toolbar
Flash Decompiler
Gaim (remove only)
Game Maker 6.1
Get Yahoo! Messenger
Google Earth
Google Toolbar for Internet Explorer
GTA2
GTK+ Runtime 2.6.9 rev a (remove only) [color=\"#FF0000\"] (suposivly Gaim, messenger program..)[/color]
GunboundWC
Hide IP Platinum 2.0
HijackThis 1.99.1
Intel® Extreme Graphics Driver
Internet Worm Protection
iPod for Windows 2005-03-23
iPod for Windows 2005-10-12
iTunes
J2SE Runtime Environment 5.0 Update 3
J2SE Runtime Environment 5.0 Update 4
Kodak EasyShare software
Korean Language Support
Lernout & Hauspie TruVoice American English TTS Engine
Lexmark 4300 Series
Lexmark X74-X75
LimeWire PRO 4.9.23
Lineage II
LiveUpdate 2.5 (Symantec Corporation)
Macromedia Extension Manager
Macromedia Fireworks 8
Macromedia Flash 8
Macromedia Flash 8 Video Encoder
Macromedia Flash MX 2004
Macromedia Flash Player 8
Macromedia Flash Player 8
Macromedia Flash Player 8 Plugin
Macromedia Shockwave Player
MAIET Gunz
MapleStory
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft Office Standard Edition 2003
Microsoft Office XP Professional with FrontPage
Mozilla Firefox (1.5)
MSN Messenger 7.5
MSN Music Assistant
MSRedist
MSXML 4.0 SP2 Parser and SDK
NAVShortcut
Nero 6 Ultra Edition
NoAdware v4.0
Norton AntiVirus 2006
Norton AntiVirus 2006 (Symantec Corporation)
Norton AntiVirus Help
Norton AntiVirus Parent MSI
Norton AntiVirus SYMLT MSI
Norton Internet Security
Norton Personal Firewall 2005 (Symantec Corporation)
Norton Protection Center
Norton WMI Update
NVIDIA Windows 95/98/ME/2000/XP Stereo Drivers
Pivot Stickfigure Animator
PlayFKiSS
Project64 1.6
QuickTime
Rakion_International
RealPlayer
Remove Hidden Data Tool
Rhapsody Player Engine
Save Flash 3.0
Security Task Manager 1.6f
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB912919)
Softnyx Launcher
Soldat 1.3.1
Soldat 1.3.1
Soldat BOT Creator/Editor 1.2.0
Soldat BuddyList 2.0
Soldat Map Maker 1.2
Sony Sound Forge 8.0b
Sothink SWF Decompiler
SPBBC
Speakonia
Spybot - Search & Destroy 1.4
Spyware Doctor 3.2
SpywareBlaster v3.4
Stop Motion Pro v4
Swift 3D Version 1.00
Symantec
Symantec Script Blocking Installer
SymNet
TeamSpeak 2 RC2
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB910437)
Ventrilo Client
Videora iPod Converter 0.91
Viewpoint Manager (Remove Only)
Viewpoint Media Player
WarRock
Windows Driver Package - Argus (MR97310_VGA_DUAL_CAMERA) Image 04/27/2005 2.0.1.0
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinRAR archiver
WJ III Compuscore and Profiles Program
Xfire (remove only)
XoftSpy

guestolo · « **Reply #15 on:** January 16, 2006, 08:46:52 PM »

I'm not sure what Security Task Manager can do besides showing running processes
If it has the ability to disable bad processes on startup or any other time, disable it,
We want to see what bad guys are running, if any

Please disable Spyware Doctor's onguard tools, so it won't interfere with anything we have to do
To deactivate Spyware Doctor's OnGuard Tools

1. From within Spyware Doctor, click the "OnGuard" button on the left side.
2. Uncheck "Activate OnGuard".

If you didn't intentionally install Viewpoint
Access your add/remove programs via control panel and remove
Viewpoint Manager (Remove Only)
Viewpoint Media Player

Do a "System scan only" with Hijackthis and put a check next to these entries:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Active Shield] C:\Program Files\Security Stronghold\Active Shield\ActiveShield.exe
O18 - Filter: text/html - (no CLSID) - (no file)

After you have ticked the above entry, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis

Reboot the computer

Post back a fresh hijackthis log

2-D · « **Reply #16 on:** January 16, 2006, 10:16:33 PM »

Logfile of HijackThis v1.99.1
Scan saved at 7:16:10 PM, on 1/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Administrator\Desktop\markz shizit\New Folder\Spyware Doctor\swdoctor.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
C:\Documents and Settings\Administrator\Desktop\LimeWires\LimeWire.exe
C:\Documents and Settings\Administrator\Desktop\hijackthis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Documents and Settings\Administrator\Desktop\markz shizit\New Folder\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: LimeWire On Startup.lnk = C:\Documents and Settings\Administrator\Desktop\LimeWires\LimeWire.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O9 - Extra 'Tools' menuitem: Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\PROGRA~1\ELTIMA~1\FLASHD~1\iebt.dll (HKCU)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by112fd.bay112.Email Removed.msn.com/resources/MsnPUpld.cab\' target=\'_blank\' rel=\'nofollow\'>http://by112fd.bay112.Email Removed.msn.com/resources/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppD...ap/DigWXMSN.cab
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/51/install/gtdownls.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

guestolo · « **Reply #17 on:** January 16, 2006, 10:59:56 PM »

Open Ewido
From the main ewido screen, click on Update in the left menu, then click the Start update button.
After the update finishes (the status bar at the bottom will display "Update successful")
Close out Ewido for now, we'll need it later
If for some reason the Updater won't work can you manually download the
Updates from this link
http://www.ewido.net/en/download/updates/

Click on the Scanner button on the left menu
Select Complete System Scan
*If Ewido finds something it will prompt you with "Infected Object found"
Ensure the following are Selected
*1. Perform Action = Remove
*2. Create Encrypted Backup in Quarantine (Recommended)
*3. Perform action with all infections

Then click OK
When Ewido has finished it's scan click the "Save Report" button
Save the report to desktop
Exit Ewido
NOTE: When Ewido is running, don't open any other Windows

Post back here the report from Ewido's
Let me know of any problems, if any

2-D · « **Reply #18 on:** January 17, 2006, 12:38:59 AM »

oops... i opend firefox and flash while it was running... sorry didnt read the note... my bad...

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on:         9:37:47 PM, 1/16/2006
+ Report-Checksum:      ED8DE45

+ Scan result:

   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Need2FindBar Uninstall -> Spyware.Need2Find : Cleaned with backup
   :mozilla.14:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Xxxcounter : Cleaned with backup
   :mozilla.18:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
   :mozilla.21:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
   :mozilla.22:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
   :mozilla.23:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
   :mozilla.26:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
   :mozilla.27:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
   :mozilla.46:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
   :mozilla.47:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
   :mozilla.48:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
   :mozilla.49:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
   :mozilla.50:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
   :mozilla.53:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
   :mozilla.62:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.63:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.64:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.65:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.66:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.67:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.68:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.69:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.70:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.72:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.73:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.74:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.75:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.76:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.79:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.80:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.92:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.93:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.94:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.95:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.96:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.97:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.98:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.100:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.102:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.105:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.113:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.116:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.120:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.121:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.122:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.124:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.125:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
   :mozilla.126:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.127:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.128:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.129:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.130:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.131:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.132:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.133:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.134:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.135:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.136:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.137:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.138:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.139:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.140:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.141:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.142:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.143:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.144:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.145:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.146:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.147:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
   :mozilla.148:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.150:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.154:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.170:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
   :mozilla.171:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Com : Cleaned with backup
   :mozilla.172:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Com : Cleaned with backup
   :mozilla.176:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.177:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.178:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.179:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.180:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
   :mozilla.191:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.192:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.193:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.194:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.195:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.196:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.197:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.199:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.201:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.202:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.203:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.204:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.205:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.206:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.207:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.208:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.209:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.210:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup
   :mozilla.218:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
   :mozilla.224:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
   :mozilla.257:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Centrport : Cleaned with backup
   :mozilla.258:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Centrport : Cleaned with backup
   :mozilla.268:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.269:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.270:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.271:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adserver : Cleaned with backup
   :mozilla.272:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
   :mozilla.278:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
   :mozilla.279:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
   :mozilla.288:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
   :mozilla.289:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
   :mozilla.290:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
   :mozilla.291:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
   :mozilla.292:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
   :mozilla.293:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
   :mozilla.294:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
   :mozilla.295:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
   :mozilla.298:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
   :mozilla.299:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
   :mozilla.303:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
   :mozilla.304:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
   :mozilla.309:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
   :mozilla.325:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
   :mozilla.326:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
   :mozilla.340:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adition : Cleaned with backup
   :mozilla.341:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adition : Cleaned with backup
   :mozilla.344:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Overture : Cleaned with backup
   :mozilla.345:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Overture : Cleaned with backup
   :mozilla.346:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Revenue : Cleaned with backup
   :mozilla.360:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
   :mozilla.361:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
   :mozilla.362:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
   :mozilla.363:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
   :mozilla.364:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
   :mozilla.378:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hotlog : Cleaned with backup
   :mozilla.387:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.388:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.389:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.390:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.391:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.392:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.393:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.394:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.416:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Findwhat : Cleaned with backup
   :mozilla.417:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.418:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.419:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.424:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Overture : Cleaned with backup
   :mozilla.425:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hypertracker : Cleaned with backup
   :mozilla.456:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.457:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.459:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.460:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.461:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.462:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.463:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.464:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
   :mozilla.466:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.473:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.474:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.475:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.476:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.498:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.499:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.500:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.501:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.522:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Realtracker : Cleaned with backup
   :mozilla.523:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Realtracker : Cleaned with backup
   :mozilla.527:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
   :mozilla.530:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
   :mozilla.531:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
   :mozilla.538:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.539:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.540:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
   :mozilla.755:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
   :mozilla.763:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adocean : Cleaned with backup
   :mozilla.764:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adocean : Cleaned with backup
   :mozilla.784:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Paycounter : Cleaned with backup
   :mozilla.792:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Euroclick : Cleaned with backup
   :mozilla.796:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.815:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
   :mozilla.822:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adtech : Cleaned with backup
   :mozilla.823:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adtech : Cleaned with backup
   :mozilla.834:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
   :mozilla.837:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
   :mozilla.838:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
   :mozilla.839:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
   :mozilla.843:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
   :mozilla.844:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
   :mozilla.850:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
   :mozilla.858:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.859:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.908:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
   :mozilla.935:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Bfast : Cleaned with backup
   :mozilla.936:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Bfast : Cleaned with backup
   :mozilla.944:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Estat : Cleaned with backup
   :mozilla.965:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
   :mozilla.974:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Onestat : Cleaned with backup
   :mozilla.975:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Onestat : Cleaned with backup
   :mozilla.985:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies-1.txt -> Spyware.Cookie.Trafic : Cleaned with backup
   :mozilla.26:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.27:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.28:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.29:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.30:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
   :mozilla.31:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.32:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.33:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.34:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.35:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.36:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.39:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.40:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.41:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.42:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
   :mozilla.43:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.44:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.45:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.46:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.47:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.48:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.49:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.50:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   :mozilla.62:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.63:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.64:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.65:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.66:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.67:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.68:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.69:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.70:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.71:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.72:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.73:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.74:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.75:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.76:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.77:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.78:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
   :mozilla.79:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.80:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.81:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.82:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.83:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
   :mozilla.84:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
   :mozilla.92:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
   :mozilla.95:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
   :mozilla.119:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.120:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.121:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.122:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.123:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.124:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.125:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.126:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.127:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.128:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.129:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.130:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.131:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.132:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.133:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.134:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.135:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.136:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.137:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.138:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.139:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.140:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.141:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
   :mozilla.142:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
   :mozilla.143:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
   :mozilla.146:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.147:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.148:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.149:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.150:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.151:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.152:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
   :mozilla.170:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
   :mozilla.171:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
   :mozilla.177:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.178:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.179:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.180:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.181:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.182:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.183:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.184:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.185:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\34d8kfhl.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
   :mozilla.186:C:\Documents and Settings\Administrator\Application Data\Mozilla\

guestolo · « **Reply #19 on:** January 17, 2006, 01:29:30 AM »

You didn't post the whole log from Ewido's

Please post the remainder
Use multiple replies if you have too
Post back anything below this point in the log

:mozilla.186:C:\Documents and Settings\Administrator\Application Data\Mozilla\

News:

Author Topic: What Do I Do Now..... (Read 5348 times)