Author Topic: Stuffed up PC !!! (Read 757 times)

thebigyin · « **on:** July 11, 2007, 06:21:22 PM »

Hi guys,
Iâ€™ve got a bit of a problem .... well not me but a friend has. She asked me to have a look at her PC as she couldnâ€™t connect to the internet to talk to her daughter who is in Australia and it s the only way she can keep in touch. So I had a look and was astonished to find that the pc had no antivirus software installed and she has had the PC for a least 2years! So I installed some AV software andâ€¦.. wellâ€¦.. it was full of adware, Trojans and spyware. So I deleted them all and then went about checking for more, but the software (AVG anti-spyware) did not find anything running although I only did a fast scan as I had already been there for 5 hours and I needed to get home

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/rolleyes.gif\' class=\'bbc_emoticon\' alt=\':rolleyes:\' /> . I know there is something still lurking in the background when you open IE7 it just sits using 99% cpu and does nothing else also task manager has no tabs but I think I know how to fix that. So I would like some of you experts to have a look at the HJT log and please point me in the right direction to help an old lady with her PC.

Many many thanks

brian

Here is the log.....

Logfile of HijackThis v1.99.1
Scan saved at 21:00:17, on 11/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\lxcccoms.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\zHotkey.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN\MSNCoreFiles\msn6.exe
C:\PROGRA~1\MSNMES~1\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Freeserve
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O1 - Hosts: 69.2.200.63 auto.search.msn.com
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_17_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_17_0.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [STManager] "C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe" -b
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [MyEmoticons] C:\Program Files\MyEmoticons\MYEMOTICONS.EXE
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: stdialup.exe
O4 - Global Startup: Digimax Viewer 2.1.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZCxdm342
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Money Viewer - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.freeserve.com/
O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int5.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28578.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwe...up1.0.0.8-2.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://jcs.chat.dcn.yahoo.com/v45/yacscom.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...s/yinst0401.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1135686084843
O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} - http://acceso.masminutos.com/laaplicacion.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab28578.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O16 - DPF: {F229AB32-7BF9-4225-B78F-B4680AE6FC23} (Snapfish File Upload ActiveX Control) - http://www.snapfish.com/SnapfishUpload.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{35B33E0C-0A93-4CC8-85AC-97DBDFECFC2E}: NameServer = 195.92.195.94 195.92.195.95
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

guestolo · « **Reply #1 on:** July 11, 2007, 06:49:11 PM »

Hi thebigyin
Sorry, but I have to step out for a bit, probably a few hours, when I get back I'll make sure to look over your log

thebigyin · « **Reply #2 on:** July 11, 2007, 06:55:34 PM »

No probs guestolo ill be going to sleep soon as it is 1am here atm so I wont be about for the next few hours, but cheers for the reply and ill hear from you soon

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/biggrin.gif\' class=\'bbc_emoticon\' alt=\'

\' />

Brian

guestolo · « **Reply #3 on:** July 11, 2007, 10:02:20 PM »

Do a "System scan only" with Hijackthis and put a check next to these entries:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O1 - Hosts: 69.2.200.63 auto.search.msn.com

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [MyEmoticons] C:\Program Files\MyEmoticons\MYEMOTICONS.EXE
08 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZCxdm342

O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int5.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwe...up1.0.0.8-2.cab
O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} - http://acceso.masminutos.com/laaplicacion.cab

After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis

If the user is not attached to MyEmoticons, I suggest that you uninstall it from add/remove programs if found
It typically comes bundled with Adware
Reboot the computer after doing any of the above

Back in Windows
Take the time and do the complete system scan with AVG
but please do these directions, since you just installed the program, I will assume you have the latest version
Avg-Antispyware

Start Avg-Antispyware
Click the Update tab at the top. Under Manual Update click Start update.
After the update finishes (the status bar at the bottom will display "Update successful")
Click on the Scanner tab at the top
Click the "Settings" tab and then change the recommended action under "How to Act" to Quarantine and ENSURE that "Do Not Automatically Generate Reports" IS selected

An AVG icon will be placed in your system tray next to your clock, can you right on it and uncheck
"Resident Shield" , "Automatic updates" and "Start with Windows"

Click back to the Scan tab at the top
Cick on Complete System Scan.
This scan can take a while to run, let it run uninterrupted
When the scan is complete it will list any infections found on the left hand side.
Click the Apply all actions button. AVG Anti-Spyware will display "All actions have been applied" on the right hand side.
Click on "Save Report", then "Save Report As". This will create a text file. Make sure you know where to find this file (like on the Desktop).

Reboot the computer
Back in Windows

Download this file - Combofix.exe and save it ONLY to your desktop
Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you.
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Post all the following back here please
1. Post the log that opens in Combofix
2. Post a fresh hijackthis log
3. Post the report from AVG-Antispyware

P.S>

Quote

also task manager has no tabs

Double click on the outside grey border of the taskmanager

thebigyin · « **Reply #4 on:** July 12, 2007, 01:23:53 PM »

Hi guestolo thanks for the reply. First of all MyEmoticons does not appear in add/remove programs so is it ok to just delete the folder? Also I noticed that when in cmd and doing a net view command it returns with an error and when connected to the internet the PC is constantly sending informationâ€¦.. just thought I would let you know whatâ€™s going on.

Anyway here are the logs you asked for

combofix

"leanne coyle" - 2007-07-12 15:46:18 - ComboFix 07-07-12.3 - Service Pack 2

((((((((((((((((((((((((( Files Created from 2007-06-12 to 2007-07-12 )))))))))))))))))))))))))))))))

2007-07-12 15:45   51,200   --a------   C:\WINDOWS\nircmd.exe
2007-07-12 14:33   <DIR>   d--------   C:\WINDOWS\pss
2007-07-12 08:00   <DIR>   d--------   C:\DOCUME~1\test\APPLIC~1\Google
2007-07-11 21:06   <DIR>   d--------   C:\video
2007-07-11 20:52   <DIR>   d--------   C:\HijackThis
2007-07-11 20:01   10,872   --a------   C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-07-11 19:57   <DIR>   d--------   C:\clean up tools
2007-07-11 19:50   <DIR>   d--------   C:\DOCUME~1\test\APPLIC~1\MSN6
2007-07-11 19:44   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
2007-07-11 19:09   <DIR>   d--------   C:\DOCUME~1\test\APPLIC~1\Real
2007-07-11 19:05   1,835,008   --ah-----   C:\DOCUME~1\test\NTUSER.DAT
2007-07-11 19:05   <DIR>   d--------   C:\DOCUME~1\test\APPLIC~1\InterTrust
2007-07-11 19:05   <DIR>   d--------   C:\DOCUME~1\test\APPLIC~1\CyberLink
2007-07-11 17:06   91,856   --a------   C:\WINDOWS\system32\S32EVNT1.DLL
2007-07-11 17:06   123,488   --a------   C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-07-11 17:03   <DIR>   d--------   C:\Program Files\Symantec
2007-07-11 17:02   <DIR>   d--------   C:\Program Files\Symantec AntiVirus
2007-07-11 17:02   <DIR>   d--------   C:\Program Files\Common Files\Symantec Shared
2007-07-11 17:02   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-12 06:49:11   --------   d-----w   C:\Program Files\Google
2007-07-11 18:40:17   --------   d-----w   C:\Program Files\BigFix
2007-07-11 17:13:48   --------   d-----w   C:\Program Files\iMesh
2007-07-11 17:01:56   --------   d-----w   C:\Program Files\MSN Messenger
2007-07-11 17:01:31   --------   d--h--w   C:\Program Files\InstallShield Installation Information
2007-07-11 17:01:31   --------   d-----w   C:\Program Files\Kazaa
2007-07-11 16:53:23   --------   d-----w   C:\Program Files\MyEmoticons
2007-07-08 10:10:46   --------   d-----w   C:\DOCUME~1\LEANNE~1\APPLIC~1\ZangoToolbar
2007-06-30 17:52:04   --------   d-----w   C:\DOCUME~1\LEANNE~1\APPLIC~1\SpamBlockerUtility
2007-05-16 15:12:02   683,520   ----a-w   C:\WINDOWS\system32\inetcomm.dll
2007-04-25 14:21:15   144,896   ----a-w   C:\WINDOWS\system32\schannel.dll
2007-04-18 16:12:23   2,854,400   ----a-w   C:\WINDOWS\system32\msi.dll
2007-04-16 21:47:36   33,624   ----a-w   C:\WINDOWS\system32\wups.dll
2007-04-16 21:45:54   1,710,936   ----a-w   C:\WINDOWS\system32\wuaueng.dll
2007-04-16 21:45:48   549,720   ----a-w   C:\WINDOWS\system32\wuapi.dll
2007-04-16 21:45:42   325,976   ----a-w   C:\WINDOWS\system32\wucltui.dll
2007-04-16 21:45:36   203,096   ----a-w   C:\WINDOWS\system32\wuweb.dll
2007-04-16 21:45:28   92,504   ----a-w   C:\WINDOWS\system32\cdm.dll
2007-04-16 21:45:20   53,080   ----a-w   C:\WINDOWS\system32\wuauclt.exe
2007-04-16 21:45:20   43,352   ----a-w   C:\WINDOWS\system32\wups2.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
2004-03-16 12:26   275026   --a------   C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_17_0.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2001-04-16 17:39   37808   --a------   C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]
2004-08-13 17:42   155648   --a------   C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
2007-01-19 23:55   2403392   -ra------   c:\program files\google\googletoolbar2.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
2006-01-17 17:04   282624   --a------   C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\en-us\msntb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"="zHotkey.exe" [2003-06-03 12:01 C:\WINDOWS\zHotkey.exe]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2004-12-18 00:20]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-07-09 19:14]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 16:24]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 16:14]
"lxccmon.exe"="C:\Program Files\Lexmark 3300 Series\lxccmon.exe" [2005-07-21 01:16]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2005-06-02 09:21]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [2005-06-23 19:27]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"STManager"="C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe" [2003-10-16 13:25]
"Microsoft Works Update Detection"="c:\Program Files\Microsoft Works\WkDetect.exe" [2000-07-13 21:00]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\ypager.exe" []
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 15:44]
"RealPlayer"="C:\Program Files\Real\RealPlayer\realplay.exe" [2006-11-02 10:57]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 08:56]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-07-11 19:44]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-05-30 13:29]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard]

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-12 15:50:52
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-07-12 15:53:18

   --- E O F ---

AVG anti-spyware

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at:   15:40:36 12/07/2007

+ Scan result:

C:\Documents and Settings\leanne coyle\Local Settings\Temp\__unin__.exe -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Local Settings\Temp\asmfiles.cab/asm.exe -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Local Settings\Temp\asmfiles.cab/asmps.dll -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\alz.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\arc.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\arj.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\arj.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\bdcore.dll.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\bzip2.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\ceva_dll.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\ceva_dll.cvd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\ceva_emu.cvd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\ceva_vfs.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\ceva_vfs.cvd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.cvd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.ivd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.rvd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cran.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cran.cvd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cran.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\docfile.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\emalware.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\emalware.ivd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\emalware.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\epoc.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\ha.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\hlp.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\html.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\html.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\iso.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\iso.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\java.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\java.cvd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\jpeg.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\jpeg.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mdx.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mdx_97.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mdx_97.ivd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\na.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\na.cvd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\na.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\nelf.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\nelf.cvd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\nelf.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\nsis.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\rar.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\rar.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\rup.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\rup.cvd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\rup.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\sdx.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\sdx.ivd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\sfx.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\sfx.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\tar.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\tar.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\tnef.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\unpack.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\unpack.cvd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\unpack.ivd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\unpack.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\update.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\update.txt.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\ve.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\ve.cvd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\ve.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\z.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\zip.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\zip.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Local Settings\Temp\cd_clint.dll -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-3479639582-1597279403-768105007-1005\Software\Kazaa\Promotions\Cydoor -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-3479639582-1597279403-768105007-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-3479639582-1597279403-768105007-1005\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4 -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-3479639582-1597279403-768105007-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8EDB60C-951E-4130-93DC-FAF1AD25F8E7} -> Adware.Generic : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\cs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\cs\Config.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\cs\db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\cs\db\Aliases.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\cs\db\Sites.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\cs\persist.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\cs\report -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml.db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\cs\report\aggr_storage.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\cs\report\send_ShopperReports.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\cs\report\send_ShopperReports.xml.db -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\cs\report\send_storage.xml -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\cs\res1 -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\cs\res1\WhiteList.dbs -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\shprrprt.log -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\shprrprt_1164377690.log -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\shprrprt_1164377751.log -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Application Data\ShopperReports\shprrprt_1164377766.log -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Local Settings\Temp\ShprRprt.exe -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Local Settings\Temp\p2psetup.exe -> Adware.P2PNet : Cleaned with backup (quarantined).
C:\Program Files\PerfectNav -> Adware.PerfectNav : Cleaned with backup (quarantined).
C:\Program Files\PerfectNav\BHO -> Adware.PerfectNav : Cleaned with backup (quarantined).
HKU\S-1-5-21-3479639582-1597279403-768105007-1005\Software\zango -> Adware.Zango : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Local Settings\Temp\remove.exe -> Downloader.Keenval.f : Cleaned with backup (quarantined).
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.217.73.66.16 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne_coyle@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne_coyle@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\test\Cookies\test@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\test\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@7search[2].txt -> TrackingCookie.7search : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\[email protected][2].txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@admarketplace[1].txt -> TrackingCookie.Admarketplace : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@adrevolver[3].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne_coyle@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\test\Cookies\test@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Adserver : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne_coyle@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Adtrak : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne_coyle@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@adviva[2].txt -> TrackingCookie.Adviva : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne_coyle@adviva[1].txt -> TrackingCookie.Adviva : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne_coyle@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\leanne coyle\Local Settings\Temp\Cookies\leanne coyle@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\test\Cookies\test@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Belstat : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@bfast[2].txt -> TrackingCookie.Bfast : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne_coyle@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@centrport[1].txt -> TrackingCookie.Centrport : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@com[2].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne_coyle@connextra[1].txt -> TrackingCookie.Connextra : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne_coyle@connextra[2].txt -> TrackingCookie.Connextra : Cleaned.
C:\Documents and Settings\test\Cookies\test@connextra[1].txt -> TrackingCookie.Connextra : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@dealtime[1].txt -> TrackingCookie.Dealtime : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Dealtime : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne_coyle@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\leanne coyle\Local Settings\Temp\Cookies\leanne coyle@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\test\Cookies\test@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\leanne coyle\Local Settings\Temp\Cookies\leanne coyle@euniverseads[1].txt -> TrackingCookie.Euniverseads : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@findwhat[2].txt -> TrackingCookie.Findwhat : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Fortunecity : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.G3x : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Gator : Cleaned.
C:\Documents and Settings\leanne coyle\Local Settings\Temp\Cookies\leanne [email protected][1].txt -> TrackingCookie.Gator : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Goclick : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne_coyle@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Hitslink : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@hotlog[1].txt -> TrackingCookie.Hotlog : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@intelli-direct[1].txt -> TrackingCookie.Intelli-direct : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Intelli-tracker : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@linksynergy[1].txt -> TrackingCookie.Linksynergy : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\[email protected][1].txt -> TrackingCookie.Live : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\[email protected][3].txt -> TrackingCookie.Live : Cleaned.
C:\Documents and Settings\test\Cookies\[email protected][2].txt -> TrackingCookie.Live : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Masterstats : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne_coyle@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\leanne coyle\Local Settings\Temp\Cookies\leanne coyle@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Onestat : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne_coyle@overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\test\Cookies\test@overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@paycounter[1].txt -> TrackingCookie.Paycounter : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Paypal : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\[email protected][2].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\test\Cookies\[email protected][2].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@pro-market[1].txt -> TrackingCookie.Pro-market : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@qksrv[1].txt -> TrackingCookie.Qksrv : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne_coyle@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\test\Cookies\test@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@real[1].txt -> TrackingCookie.Real : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Real : Cleaned.
C:\Documents and Settings\leanne coyle\Local Settings\Temp\Cookies\leanne coyle@real[1].txt -> TrackingCookie.Real : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Realcastmedia : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@realmedia[2].txt -> TrackingCookie.Realmedia : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@revsci[2].txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\[email protected][1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne_coyle@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Sexcounter : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@sexlist[2].txt -> TrackingCookie.Sexlist : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@spylog[1].txt -> TrackingCookie.Spylog : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne_coyle@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@statistik-gallup[1].txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne_coyle@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne_coyle@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\test\Cookies\test@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@trafic[1].txt -> TrackingCookie.Trafic : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne_coyle@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][1].txt -> TrackingCookie.Valuead : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@valueclick[2].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Web-stat : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@web-stat[2].txt -> TrackingCookie.Web-stat : Cleaned.
C:\Documents and Settings\leanne coyle\Local Settings\Temp\Cookies\leanne [email protected][2].txt -> TrackingCookie.Web-stat : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\[email protected][1].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\[email protected][3].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\[email protected][1].txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Wegcash : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Wegcash : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@xxxcounter[2].txt -> TrackingCookie.Xxxcounter : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne [email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\leanne coyle\Cookies\leanne coyle@zedo[1].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\test\Cookies\test@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.

::Report end

HJT

Logfile of HijackThis v1.99.1
Scan saved at 15:42:02, on 12/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\zHotkey.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Lexmark 3300 Series\lxccmon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\lxcccoms.exe
C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Freeserve
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://localhost;<local>
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_17_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_17_0.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKCU\..\Run: [STManager] "C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe" -b
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Startup: stdialup.exe
O4 - Global Startup: Digimax Viewer 2.1.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Money Viewer - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.freeserve.com/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28578.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://jcs.chat.dcn.yahoo.com/v45/yacscom.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...s/yinst0401.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1135686084843
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab28578.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O16 - DPF: {F229AB32-7BF9-4225-B78F-B4680AE6FC23} (Snapfish File Upload ActiveX Control) - http://www.snapfish.com/SnapfishUpload.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{35B33E0C-0A93-4CC8-85AC-97DBDFECFC2E}: NameServer = 195.92.195.95 195.92.195.94
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\

guestolo · « **Reply #5 on:** July 12, 2007, 07:29:23 PM »

I just want to check and see what other entries may be in add/remove
Please supply an uninstall list from Hijackthis
Open Hijackthis>>Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents

thebigyin · « **Reply #6 on:** July 18, 2007, 10:28:18 AM »

sorry for the delay but I only got access to the PC today as the user was away on holiday but here is the uninstall list

Adobe Acrobat 5.0
AOL UK
ArcSoft PhotoImpression 4
AVG Anti-Spyware 7.5
Britannica Ready Reference
Conexant SoftK56 Modem(M)
Digimax Reader
Digimax Viewer 2.1
Dr SpeedTouch
Football Manager 2006
Full Marks Junior Topics
Full Marks Key Stage 3 English
Full Marks Key Stage 3 Science
Full Marks Mental Maths
Full Marks Shape and Colour
Full Marks Time
Google Earth
Google Toolbar for Internet Explorer
Gutterball
HijackThis 1.99.1
Hotfix for Windows XP (KB915865)
Intel® Extreme Graphics Driver
Intel® PRO Network Adapters and Drivers
Intel® PROSet
iPod for Windows 2005-03-23
iTunes
Java 2 Runtime Environment Standard Edition v1.3.1_03
Lexmark 3300 Series
LiveUpdate 2.6 (Symantec Corporation)
LiveUpdate BVRP Software
Logitech QuickCam Software
LogitechÂ® Camera Driver
Macromedia Flash Player 8
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money
Microsoft Money System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Works 6.0
MSN Messenger 7.5
MSN Toolbar
Multimedia Keyboard Driver
PowerDVD
QuickTime
RealPlayer
Realtek AC'97 Audio
Roxio PhotoSuite 5
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
SpeedTouch USB Software
Symantec AntiVirus
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB936357)
Viewpoint Media Player
Wanadoo Search Toolbar
Windows Backup Utility
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Player 9 Hotfix [See KB885492 for more information]
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Related
Windows XP Service Pack 2
Yahoo! Address AutoComplete
Yahoo! Companion
Yahoo! extras
Yahoo! Internet Mail

guestolo · « **Reply #7 on:** July 18, 2007, 09:07:28 PM »

[color=\"blue\"]Your Java Runtime Environment is out of date.[/color] Older versions have vulnerabilities that malware can use to infect your system.

Download the latest version of Java Runtime Environment (JRE) 6u2.
Scroll down to where it says "Java Runtime Environment (JRE) 6u2, The Java SE Runtime Environment (JRE) allows end-users to run Java applications".
Click the "Download" button to the right.
Check the box that says: "Accept License Agreement[/i]".
The page will refresh.
Click on the link to download Windows Offline Installation, Multi-language and save it to your desktop (13.90 MB).

DON'T install it yet

Access your Add/remove programs
I suggest that you uninstall
Viewpoint Media Player
It typically gets installed unintentionally when installing such things as AOL software

Also, remain in add/remove programs and remove
Java 2 Runtime Environment Standard Edition v1.3.1_03

Reboot the computer

Back in Windows, install the latest Java from the installer on desktop
You can delete the installer once successfully installed

==Download [color=\"#FF0000\"]ATF-Cleaner[/color] by Atribune.
Save it to your desktop
==Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

If you use Firefox browser
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.

Download [color=\"blue\"]OTMoveIt[/color] by OldTimer:

Save it to your desktop.
Please double-click OTMoveIt.exe to run it.
Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose "Copy"):
================================================

C:\Program Files\iMesh
C:\Program Files\Kazaa
C:\Program Files\MyEmoticons
C:\DOCUME~1\LEANNE~1\APPLIC~1\ZangoToolbar
C:\DOCUME~1\LEANNE~1\APPLIC~1\SpamBlockerUtility

======================================================
Return to OTMoveIt, right-click on the "Paste List of Files/Folders to be Moved" window and choose "Paste".
Click the red "[color=\"red\"]MoveIt![/color]" button.
Close OTMoveIt.

[color=\"red\"]Note[/color]: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose "Yes".

OTMoveIt will create a log here
C:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log

Can I see one more fresh hijackthis log
Also the log from OTMoveIt please

If you still have problems with IE
Can you also close IE and click START>>All Programs>>Accessories>>System Tools>>Internet Explorer(No Addons)
Does it run better without any addons?

thebigyin · « **Reply #8 on:** August 10, 2007, 06:20:50 AM »

soz for the delay but ive been on holiday for a few weeks

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'

\' />

anyway IE works just fine with no addons but what i did notice is that when connected to the internet the PC is constantly sending traffic upstream

here are the logs you aske for

C:\Program Files\iMesh moved successfully.
C:\Program Files\Kazaa\My Shared Folder moved successfully.
C:\Program Files\Kazaa\Db moved successfully.
C:\Program Files\Kazaa\BGP2P\plugins moved successfully.
C:\Program Files\Kazaa\BGP2P moved successfully.
C:\Program Files\Kazaa moved successfully.
C:\Program Files\MyEmoticons\DATA moved successfully.
C:\Program Files\MyEmoticons moved successfully.
C:\DOCUME~1\LEANNE~1\APPLIC~1\ZangoToolbar\IESkins moved successfully.
C:\DOCUME~1\LEANNE~1\APPLIC~1\ZangoToolbar moved successfully.
C:\DOCUME~1\LEANNE~1\APPLIC~1\SpamBlockerUtility\IESkins moved successfully.
C:\DOCUME~1\LEANNE~1\APPLIC~1\SpamBlockerUtility\eskin moved successfully.
C:\DOCUME~1\LEANNE~1\APPLIC~1\SpamBlockerUtility moved successfully.

Created on 08/9/2007 17:03:26

Logfile of HijackThis v1.99.1
Scan saved at 17:04:41, on 09/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\lxcccoms.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\MSN\MSNCoreFiles\msn6.exe
C:\PROGRA~1\MSNMES~1\msnmsgr.exe
C:\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_17_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_17_0.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [STManager] "C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe" -b
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Startup: stdialup.exe
O4 - Global Startup: Digimax Viewer 2.1.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Money Viewer - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.freeserve.com/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28578.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://jcs.chat.dcn.yahoo.com/v45/yacscom.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...s/yinst0401.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1135686084843
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab28578.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O16 - DPF: {F229AB32-7BF9-4225-B78F-B4680AE6FC23} (Snapfish File Upload ActiveX Control) - http://www.snapfish.com/SnapfishUpload.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{35B33E0C-0A93-4CC8-85AC-97DBDFECFC2E}: NameServer = 195.92.195.95 195.92.195.94
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

kon · « **Reply #9 on:** August 11, 2007, 07:03:29 PM »

wow, i have a mac, so ya i dont ahve to deal with all that [censored].

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'

\' /> have fun fixing that thing. I remember having trouble with my old comp, it was a compaq.

thebigyin · « **Reply #10 on:** August 21, 2007, 03:45:12 AM »

any update questolo or should i just got for a format/reinstall

guestolo · « **Reply #11 on:** August 25, 2007, 09:15:30 AM »

Sorry for the delay
Can you have her do a clean boot and see if problems persist
Could be a legit entry causing problems
Do Steps 1,2, and 3
See if you can track down anything

http://support.microsoft.com/kb/310353

TheTechGuide Forum

News:

Author Topic: Stuffed up PC !!! (Read 757 times)

thebigyin

Stuffed up PC !!!

guestolo

Stuffed up PC !!!

thebigyin

Stuffed up PC !!!

guestolo

Stuffed up PC !!!

thebigyin

Stuffed up PC !!!

guestolo

Stuffed up PC !!!

thebigyin

Stuffed up PC !!!

guestolo

Stuffed up PC !!!

thebigyin

Stuffed up PC !!!

kon

Stuffed up PC !!!

thebigyin

Stuffed up PC !!!

guestolo

Stuffed up PC !!!