New hijackthis report after Vundofix

  1. 05-01-2007  #1
    kevlar313
    kevlar313 is offline Newbie

    my hijack this log

    ]ogfile of HijackThis v1.99.1
    Scan saved at 10:50:03 PM, on 1/4/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Yahoo!\Antivirus\ISafe.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Promise Technology, Inc\Promise Array Management\MsgSvr.exe
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\Program Files\BroadJump\Client Foundation\CFD.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
    C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
    C:\PROGRA~1\Yahoo!\YOP\yop.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb1 2.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\devldr32.exe
    C:\PROGRA~1\Yahoo!\browser\ycommon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
    C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.sbc.yahoo.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O2 - BHO: (no name) - {09DB1F48-E50A-4A6E-ACD1-3435CAD4EEBC} - (no file)
    O2 - BHO: (no name) - {2A5E7BCB-0DCF-3273-5371-02918E01FBA0} - C:\WINDOWS\system32\bwqbfam.dll
    O2 - BHO: (no name) - {39f25b12-74ff-4079-a51f-1d70f5b08b84} - (no file)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {6D0E8A51-31CD-4f91-A38F-6A5639E766FB} - (no file)
    O2 - BHO: (no name) - {72441DC1-155B-8C4F-D672-072A7758430B} - C:\WINDOWS\system32\ozyvjan.dll
    O2 - BHO: (no name) - {754515CD-5059-4133-B6D5-3757DD84D6C0} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: (no name) - {C769E8AA-6E76-4F2B-B004-FA3DCBF3DF48} - (no file)
    O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
    O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O4 - HKLM\..\Run: [Ptipbmf] "rundll32.exe" ptipbmf.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [BJCFD] "C:\Program Files\BroadJump\Client Foundation\CFD.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [bwqbfam.dll] "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\bwqbfam.dll,zvtcukc
    O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
    O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
    O4 - HKLM\..\Run: [YOP] "C:\PROGRA~1\Yahoo!\YOP\yop.exe" /autostart
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb1 2.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: AT&T Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
    O16 - DPF: {0E4796D6-A990-4372-9069-72FBDB4AE868} - http://www.one2one.com/static/class/one2oneSvc.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://i.a.cnn.net/cnn/resources/cult3d/cult.cab
    O16 - DPF: {3E13AA37-352F-4E5F-91C4-08A0BA0C9541} (InSPECS2_0 Control) - http://161.58.155.13/cab_files/InSPECS2_0.cab
    O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aol.com/computercheckup/qdiagcc.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/18abfb1f...p/RdxIE601.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1096605223795
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1126533049935
    O16 - DPF: {7565A160-5C60-4866-A120-F4D5B2BA3AAE} (FSLoaderCtrl Class) - http://www.clickedyclick.com/Downloa...sloader_v3.cab
    O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemp...veSecurity.cab
    O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
    O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) -
    O16 - DPF: {CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_03) -
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://luckynugget.microgaming.com/...et/FlashAX.cab
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?322
    O16 - DPF: {FEC3E5A3-50F7-4B0C-97D8-01CF69DFBFC7} (Measurement Service Client) - http://ccon.madonion.com/global/msc.cab
    O18 - Filter: text/html - (no CLSID) - (no file)
    O20 - Winlogon Notify: ljhif - C:\WINDOWS\system32\ljhif.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: winhoq32 - winhoq32.dll (file missing)
    O20 - Winlogon Notify: winmiu32 - winmiu32.dll (file missing)
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (file missing)
    O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Promise Array Message Server (RAIDmSvr) - Unknown owner - C:\Program Files\Promise Technology, Inc.\Promise Array Management\MsgSvr.exe
    O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
    Last edited by Neal; 07-01-2007 at 11:05 PM.

  3. 05-01-2007  #2
    Neal
    Neal is offline Dedicated Member
    Welcome,


    1. Open Spysweeper and click on Options > Program Options and uncheck "load at windows startup".
    2. On the left click "shields" and then uncheck everything there.
    3. Uncheck "home page shield".
    4. Uncheck "automatically restore default without notification".
    5. Exit the program.




    INSTRUCTIONS FOR USING AVG ANTI-SPYWARE in "NORMAL MODE"

    Download and scan with AVG Anti-Spyware
    1. After download, double click on the file to launch the install process.
    2. Choose a language, click "OK" and then click "Next".
    3. Read the "License Agreement" and click "I Agree".
    4. Accept default installation path: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5, click "Next", then click "Install".
    5. After setup completes, click "Finish" to start the program automatically or launch AVG Anti-Spyware by double-clicking its icon on your desktop or in the system tray.
    6. The main "Status" menu will appear. Select "Change state" to inactivate 'Resident Shield' and 'Automatic Updates'.
    7. Then right click on AVG Anti-Spyware in the system tray and uncheck "Start with Windows".
    8. Go to Start > Run and type: services.msc

    * Press "OK".
    * Click the "Extended tab" and scroll down the list to find AVG Anti-Spyware guard.
    * When you find the guard service, double-click on it.
    * In the Properties Window > General Tab that opens, click the "Stop" button.
    * From the drop-down menu next to "Startup Type", click on "Manual".
    * Now click "Apply", then "OK" and close the Services window.

    9. Select the "Update" button and click "Start update". Wait until you see the "Update succesfull message". If you are having problems with the updater, manually update with the AVG Anti-Spyware Full database installer from HERE .

    Once the updates are installed do the following:
    1. Click on the "Scanner" button and choose the "Settings" tab.

    * Under "How to act?", click on "Recommended actions" and choose "Quarantine" to set default action for detected malware.
    * Under "How to Scan?" check all (default).
    * Under "Possibly unwanted software" check all (default).
    * Under "What to Scan?" make sure "Scan every file" is selected (default).
    * Under "Reports" select "Automatically generate report after every scan" and UNcheck "Only if threats were found".

    2. Click the "Scan" tab to return to scanning options.
    3. Click "Complete System Scan" to start.
    4. When the scan has finished you will be presented with a list of infected objects found. Click "Apply all actions" to place the files in Quarantine.

    IMPORTANT! Do not save the report before you have clicked the "Apply all actions button". If you do, the log that is created will indicate "No action taken", making it more difficult to interpret the report. So be sure you save it only AFTER clicking the "Apply all actions" button?

    5. Click on "Save Report" to view all completed scans. Click on the most recent scan you just performed and select "Save report as" - the default file name will be in date/time format as follows: Report-Scan-20060620-142816.txt. Save to your desktop. A copy of each report will also be saved in C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Reports\
    6. Exit AVG Anti-Spyware when done and submit the log report in your next response.

    Close all open windows, programs, and DO NOT USE the computer while AVG Anti-Spyware is scanning. If Explorer or other programs are open during the scan that means certain files will also be in use. Some malware will insert itself and hide in areas that are "protected" by Windows when the files are being used. This can hamper AVG Anti-Spyware's ability to clean properly and may result in reinfection.

    Please post a new hijackthis log also. Thanks.
  4. 07-01-2007  #3
    kevlar313
    kevlar313 is offline Newbie
    AVG Anti-Spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 10:33:22 AM 1/7/2007

    + Scan result:



    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1190\A0159315.exe -> Adware.BugDoctor : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1190\A0159316.exe -> Adware.BugDoctor : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1166\A0156712.dll -> Adware.CommAd : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1166\A0156713.exe -> Adware.CommAd : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157277.exe -> Adware.CommAd : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157278.dll -> Adware.CommAd : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1166\A0156699.dll -> Adware.Couponage : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1166\A0156700.dll -> Adware.Couponage : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157273.exe -> Adware.DollarRevenu : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157525.exe -> Adware.DollarRevenu : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1200\A0163512.exe -> Adware.DollarRevenu : Cleaned with backup (quarantined).
    C:\mpnaaq7.exe -> Adware.DollarRevenu : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157289.exe -> Adware.DollarRevenue : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157523.exe -> Adware.DollarRevenue : Cleaned with backup (quarantined).
    HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Ext\Stats\{052B12F7-86FA-4921-8482-26C42316B522} -> Adware.Generic : Cleaned with backup (quarantined).
    HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Ext\Stats\{39F25B12-74FF-4079-A51F-1D70F5B08B84} -> Adware.Generic : Cleaned with backup (quarantined).
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{052B12F7-86FA-4921-8482-26C42316B522} -> Adware.Generic : Cleaned with backup (quarantined).
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{39F25B12-74FF-4079-A51F-1D70F5B08B84} -> Adware.Generic : Cleaned with backup (quarantined).
    HKU\S-1-5-21-57989841-492894223-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{052B12F7-86FA-4921-8482-26C42316B522} -> Adware.Generic : Cleaned with backup (quarantined).
    HKU\S-1-5-21-57989841-492894223-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{39F25B12-74FF-4079-A51F-1D70F5B08B84} -> Adware.Generic : Cleaned with backup (quarantined).
    HKU\S-1-5-21-57989841-492894223-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{C5AF2622-8C75-4DFB-9693-23AB7686A456} -> Adware.Generic : Cleaned with backup (quarantined).
    C:\warebundlenewer.exe -> Adware.Look2Me : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1194\A0159594.exe -> Adware.Maxifiles : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1200\A0163554.exe -> Adware.Maxifiles : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157266.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
    C:\yz02.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1211\A0165206.DLL -> Adware.P2PNet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1211\A0165207.cpl -> Adware.P2PNet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1211\A0165208.exe -> Adware.P2PNet : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1208\A0164532.dll -> Adware.RXToolbar : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1209\A0164563.dll -> Adware.RXToolbar : Cleaned with backup (quarantined).
    HKU\S-1-5-21-57989841-492894223-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1165\A0156607.exe -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1166\A0156691.exe -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1166\A0156711.dll -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157281.dll -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157283.exe -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157511.exe -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157566.dll -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1204\A0164483.dll -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157268.exe -> Adware.Suggestor : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157269.dll -> Adware.Suggestor : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157272.exe -> Adware.Suggestor : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1179\A0158377.dll -> Adware.Suggestor : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1179\A0158378.exe -> Adware.Suggestor : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1180\A0158620.exe -> Adware.Suggestor : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1180\A0158610.dll -> Adware.SurfSide : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1180\A0158611.dll -> Adware.SurfSide : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1180\A0158612.exe -> Adware.SurfSide : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1180\A0158614.dll -> Adware.SurfSide : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1200\A0163510.exe -> Adware.VirusBurst.c : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1166\A0156704.exe -> Adware.ZenoSearch : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1170\A0156904.exe -> Adware.ZenoSearch : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1171\A0156976.exe -> Adware.ZenoSearch : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1171\A0157011.exe -> Adware.ZenoSearch : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1173\A0157120.exe -> Adware.ZenoSearch : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1173\A0157163.exe -> Adware.ZenoSearch : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157245.exe -> Adware.ZenoSearch : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157490.exe -> Adware.ZenoSearch : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157531.exe -> Adware.ZenoSearch : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157532.exe -> Adware.ZenoSearch : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1195\A0159823.exe -> Downloader.Adload.fu : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1195\A0159824.exe -> Downloader.Adload.fu : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1165\A0156610.exe -> Downloader.Adload.hr : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1173\A0157214.exe -> Downloader.Adload.hr : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157518.exe -> Downloader.Adload.hr : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157291.exe -> Downloader.Adload.ic : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157520.exe -> Downloader.Adload.ic : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157282.exe -> Downloader.Adload.id : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157284.exe -> Downloader.Adload.if : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157510.exe -> Downloader.Adload.if : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157267.exe -> Downloader.Adload.ncx : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157528.exe -> Downloader.Adload.ncx : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1166\A0156714.dll -> Downloader.Agent.br : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157290.exe -> Downloader.Agent.dz : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157530.exe -> Downloader.Agent.dz : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157533.exe -> Downloader.Agent.dz : Cleaned with backup (quarantined).
    C:\RDFX4.exe -> Downloader.Small.ctp : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157270.exe -> Downloader.Small.ctp : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1194\A0159595.dll -> Downloader.Small.ece : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157521.exe -> Downloader.Zlob : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157522.exe -> Downloader.Zlob : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1200\A0163518.dll -> Downloader.Zlob.akg : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1236\A0166662.exe -> Downloader.Zlob.awm : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1236\A0166663.exe -> Downloader.Zlob.ei : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1194\A0159593.exe -> Dropper.DollarR.b : Cleaned with backup (quarantined).
    C:\WINDOWS\browser.exe -> Hijacker.Small : Cleaned with backup (quarantined).
    C:\Program Files\HijackThis\backups\backup-20070105-064350-406.dll -> Not-A-Virus.VirTool.Win32.Collector : Cleaned with backup (quarantined).
    :mozilla.116:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.119:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.120:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.121:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.122:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.123:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.124:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.125:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.126:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.127:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.128:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.129:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.222:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.389:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.491:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@usatoday1.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.106:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Addynamix : Cleaned.
    :mozilla.102:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.103:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.104:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.105:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.17:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@citi.bridgetrack[1].txt -> TrackingCookie.Bridgetrack : Cleaned.
    C:\Program Files\Yahoo!\YPSR\Quarantine\ppq1C3.tmp -> TrackingCookie.Bridgetrack : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
    :mozilla.62:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Com : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@com[1].txt -> TrackingCookie.Com : Cleaned.
    C:\Program Files\Yahoo!\YPSR\Quarantine\ppq1CA.tmp -> TrackingCookie.Com : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned.
    :mozilla.19:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Doubleclick : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
    C:\Program Files\Yahoo!\YPSR\Quarantine\ppq1CB.tmp -> TrackingCookie.Doubleclick : Cleaned.
    :mozilla.303:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.304:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.305:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.306:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.307:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.308:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.309:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.310:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.311:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.312:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.313:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.314:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.315:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.316:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.317:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.318:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.319:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.320:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.321:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.322:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.323:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.324:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.325:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.326:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.327:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.328:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.329:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.330:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.331:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.332:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.333:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.334:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.335:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.336:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wak4emdjwbp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wakysjdjwcq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6waliojdpceo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wfkoald5gcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wfkowicjelo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wfl4egczcfp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wfliehazoao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wflogjdpmep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wgkiogazkbo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wgkyqlczidq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wgl4sodpadq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wglikoazcap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wglioldzicq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wgmiajdpgeq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6whl4kjdpogp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6whl4wnazkeq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjk4alczgeq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjkoogdzecp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjkosjajsgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjkoslcpcko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjkospajicq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjkyahczskq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjkyegazgeo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjkyslcjacp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjl4qodzmbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjliehdjobp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjloamdzefq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjloogc5alo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjmisjd5egp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjmiwjajcbp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjny-1jczcc.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjny-1odjwa.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjnyajcjadp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjnyakdpkco.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjnycgcpehp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjnycidjkgq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjnycoc5kfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjnycoczoco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjnyepcziao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjnyooajmho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjnysid5egp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@e-2dj6wjnywkajaco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.108:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.109:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.110:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned.
    C:\Documents and Settings\LocalService\Cookies\system@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
    C:\Documents and Settings\LocalService\Cookies\system@media.fastcli ck[1].txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.980:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.640:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.956:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.957:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.958:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@sales.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.18:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Mediaplex : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.
    :mozilla.130:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.131:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.132:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Overture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@overture[2].txt -> TrackingCookie.Overture : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.177:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.178:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.179:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.180:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.583:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Pro-market : Cleaned.
    :mozilla.584:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Pro-market : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@pro-market[1].txt -> TrackingCookie.Pro-market : Cleaned.
    :mozilla.87:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Questionmarket : Cleaned.
    :mozilla.88:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Questionmarket : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
    :mozilla.628:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Revenue : Cleaned.
    C:\Program Files\Yahoo!\YPSR\Quarantine\ppq1CC.tmp -> TrackingCookie.Roispy : Cleaned.
    :mozilla.6:C:\Documents and Settings\Kevin\Application Data\Mozilla\Profiles\default\jvifapw4.slt\cookies .txt -> TrackingCookie.Ru4 : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned.
    :mozilla.672:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.673:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.674:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.675:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.676:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.90:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.91:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.92:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.93:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.94:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.73:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.82:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.83:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.86:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.89:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@login.tracking101[1].txt -> TrackingCookie.Tracking101 : Cleaned.
    :mozilla.100:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.101:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.17:C:\Documents and Settings\Kevin\Application Data\Mozilla\Profiles\default\jvifapw4.slt\cookies .txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.18:C:\Documents and Settings\Kevin\Application Data\Mozilla\Profiles\default\jvifapw4.slt\cookies .txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.19:C:\Documents and Settings\Kevin\Application Data\Mozilla\Profiles\default\jvifapw4.slt\cookies .txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.20:C:\Documents and Settings\Kevin\Application Data\Mozilla\Profiles\default\jvifapw4.slt\cookies .txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.21:C:\Documents and Settings\Kevin\Application Data\Mozilla\Profiles\default\jvifapw4.slt\cookies .txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.22:C:\Documents and Settings\Kevin\Application Data\Mozilla\Profiles\default\jvifapw4.slt\cookies .txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.23:C:\Documents and Settings\Kevin\Application Data\Mozilla\Profiles\default\jvifapw4.slt\cookies .txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.24:C:\Documents and Settings\Kevin\Application Data\Mozilla\Profiles\default\jvifapw4.slt\cookies .txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.25:C:\Documents and Settings\Kevin\Application Data\Mozilla\Profiles\default\jvifapw4.slt\cookies .txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.26:C:\Documents and Settings\Kevin\Application Data\Mozilla\Profiles\default\jvifapw4.slt\cookies .txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.95:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.96:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.97:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.98:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.99:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.164:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Trafic : Cleaned.
    :mozilla.14:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.15:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.16:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    C:\Documents and Settings\Kevin\Cookies\kevin@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
    C:\Program Files\Yahoo!\YPSR\Quarantine\ppq1CD.tmp -> TrackingCookie.Valueclick : Cleaned.
    :mozilla.36:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.37:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.38:C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\xh2vpe04.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1166\A0156683.vbs -> Trojan.Small : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157275.vbs -> Trojan.Small : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1174\A0157516.vbs -> Trojan.Small : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1166\A0156696.exe -> Trojan.VB.tg : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{A38B1868-DFC6-4FDD-9917-4E9477071E45}\RP1170\A0156911.exe -> Trojan.YourEnhancement : Cleaned with backup (quarantined).


    ::Report end
  5. 07-01-2007  #4
    kevlar313
    kevlar313 is offline Newbie
    Logfile of HijackThis v1.99.1
    Scan saved at 10:42:59 AM, on 1/7/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Yahoo!\Antivirus\ISafe.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Promise Technology, Inc\Promise Array Management\MsgSvr.exe
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
    C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
    C:\PROGRA~1\Yahoo!\YOP\yop.exe
    C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb1 2.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\devldr32.exe
    C:\PROGRA~1\Yahoo!\browser\ycommon.exe
    C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Adobe\Acrobat 5.0\Acrobat\Acrobat.exe
    C:\Program Files\Common Files\Adobe\Web\AOM.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.sbc.yahoo.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O2 - BHO: (no name) - {2A5E7BCB-0DCF-3273-5371-02918E01FBA0} - C:\WINDOWS\system32\bwqbfam.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {72441DC1-155B-8C4F-D672-072A7758430B} - C:\WINDOWS\system32\ozyvjan.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
    O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
    O4 - HKLM\..\Run: [YOP] "C:\PROGRA~1\Yahoo!\YOP\yop.exe" /autostart
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb1 2.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\GetFlash.exe
    O4 - Global Startup: AT&T Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/18abfb1f...p/RdxIE601.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1096605223795
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1126533049935
    O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
    O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) -
    O16 - DPF: {CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_03) -
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?322
    O16 - DPF: {FEC3E5A3-50F7-4B0C-97D8-01CF69DFBFC7} (Measurement Service Client) - http://ccon.madonion.com/global/msc.cab
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Promise Array Message Server (RAIDmSvr) - Unknown owner - C:\Program Files\Promise Technology, Inc.\Promise Array Management\MsgSvr.exe
    O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
  6. 07-01-2007  #5
    Neal
    Neal is offline Dedicated Member
    Go here to learn how to show hidden files/folders:

    http://www.xtra.co.nz/help/0,,4155-1916458,00.html#5

    Re-hide after we are done



    Go to next site:
    http://www.virustotal.com/en/indexf.html
    On top you'll find 'Browse'
    Click the browse button and browse to next file:


    C:\WINDOWS\system32\bwqbfam.dll



    Click open.
    Then click the 'Send' button next to it.
    This will scan the file. Please be patient.
    Once scanned, copy and paste the results as well in your next reply.


    If that one is to busy here is another option:


    http://virusscan.jotti.org

    And

    http://www.kaspersky.com/scanforvirus.html



    Scan this one also:

    C:\WINDOWS\system32\ozyvjan.dll
  7. 08-01-2007  #6
    kevlar313
    kevlar313 is offline Newbie
    AntiVir 7.3.0.21 01.08.2007 TR/Vundo.Gen
    Authentium 4.93.8 12.30.2006 Possibly a new variant of W32/Bongler-based
    Avast 4.7.892.0 12.30.2006 no virus found
    AVG 386 01.07.2007 no virus found
    BitDefender 7.2 01.08.2007 Trojan.Busky.1.Gen
    CAT-QuickHeal 9.00 01.08.2007 no virus found
    ClamAV devel-20060426 01.08.2007 no virus found
    DrWeb 4.33 01.08.2007 no virus found
    eSafe 7.0.14.0 01.08.2007 Win32.Polipos.sus
    eTrust-InoculateIT 23.73.107 01.06.2007 no virus found
    eTrust-Vet 30.3.3311 01.08.2007 no virus found
    Ewido 4.0 01.08.2007 no virus found
    Fortinet 2.82.0.0 01.08.2007 suspicious
    F-Prot 3.16f 01.05.2007 Possibly a new variant of W32/Bongler-based
    F-Prot4 4.2.1.29 01.05.2007 W32/Bongler-based
    Ikarus T3.1.0.27 01.08.2007 no virus found
    Kaspersky 4.0.2.24 01.08.2007 Trojan-Downloader.Win32.Busky.gen
    McAfee 4933 01.05.2007 no virus found
    Microsoft 1.1904 01.07.2007 Trojan:Win32/Busky.gen!dll
    NOD32v2 1962 01.08.2007 a variant of Win32/TrojanDownloader.Busky.AZ
    Norman 5.80.02 12.31.2007 no virus found
    Panda 9.0.0.4 01.07.2007 no virus found
    Prevx1 V2 01.08.2007 no virus found
    Sophos 4.13.0 01.05.2007 Troj/Busky-Gen
    Sunbelt 2.2.907.0 01.05.2007 VIPRE.Suspicious
    TheHacker 6.0.3.146 01.08.2007 no virus found
    UNA 1.83 01.06.2007 no virus found
    VBA32 3.11.1 01.08.2007 no virus found
    VirusBuster 4.3.19:9 01.08.2007 no virus found

    Aditional Information
    File size: 94720 bytes
    MD5: 2b8447fd57fa9f8ffb1666ea12a49b9a
    SHA1: 1f621aed8f3660c75f32195307da9b3367a3ff2e
    packers: embedded
    Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.
    VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
    > Go to: Home Contactar En Español
  8. 08-01-2007  #7
    Neal
    Neal is offline Dedicated Member
    Thanks,


    Please download VundoFix.exe to your desktop.
    • Double-click VundoFix.exe to run it.
    • Click the Scan for Vundo button.
    • Once it's done scanning, click the Remove Vundo button.
    • You will receive a prompt asking if you want to remove the files, click YES
    • Once you click yes, your desktop will go blank as it starts removing Vundo.
    • When completed, it will prompt that it will reboot your computer, click OK.
    • Please post the contents of C:\vundofix.txt and a new HiJackThis log.

    Note: It is possible that VundoFix encountered a file it could not remove.
    In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.
  9. 08-01-2007  #8
    kevlar313
    kevlar313 is offline Newbie
    VirusTotal
    VirusTotal is a free file analisys service that works using several antivirus engines.


    Select file :

    Distribute
    SSL


    Enter your email, choose the file to be scanned with multiple antivirus engines and click Send.
    Menu:

    * News Hot news in the virus/antivirus sector.
    * Estadisticas Statistics of VirusTotal procesing.
    * Virustotal More info about Virustotal.

    STATUS: FINISHED
    Complete scanning result of "ozyvjan.dll", received in VirusTotal at 01.08.2007, 17:22:23 (CET).

    Antivirus Version Update Result
    AntiVir 7.3.0.21 01.08.2007 TR/Vundo.Gen
    Authentium 4.93.8 12.30.2006 Possibly a new variant of W32/Bongler-based
    Avast 4.7.892.0 12.30.2006 no virus found
    AVG 386 01.08.2007 no virus found
    BitDefender 7.2 01.08.2007 Trojan.Busky.2.Gen
    CAT-QuickHeal 9.00 01.08.2007 no virus found
    ClamAV devel-20060426 01.08.2007 no virus found
    DrWeb 4.33 01.08.2007 Trojan.DownLoader.based
    eSafe 7.0.14.0 01.08.2007 Win32.Polipos.sus
    eTrust-InoculateIT 23.73.107 01.06.2007 no virus found
    eTrust-Vet 30.3.3311 01.08.2007 no virus found
    Ewido 4.0 01.08.2007 no virus found
    Fortinet 2.82.0.0 01.08.2007 suspicious
    F-Prot 3.16f 01.05.2007 Possibly a new variant of W32/Bongler-based
    F-Prot4 4.2.1.29 01.05.2007 W32/Bongler-based
    Ikarus T3.1.0.27 01.08.2007 no virus found
    Kaspersky 4.0.2.24 01.08.2007 Trojan-Downloader.Win32.Busky.gen
    McAfee 4934 01.08.2007 no virus found
    Microsoft 1.1904 01.07.2007 Trojan:Win32/Busky.gen!dll
    NOD32v2 1963 01.08.2007 a variant of Win32/TrojanDownloader.Busky.AZ
    Norman 5.80.02 12.31.2007 no virus found
    Panda 9.0.0.4 01.07.2007 no virus found
    Prevx1 V2 01.08.2007 no virus found
    Sophos 4.13.0 01.05.2007 no virus found
    Sunbelt 2.2.907.0 01.05.2007 VIPRE.Suspicious
    TheHacker 6.0.3.146 01.08.2007 no virus found
    UNA 1.83 01.06.2007 no virus found
    VBA32 3.11.1 01.08.2007 no virus found
    VirusBuster 4.3.19:9 01.08.2007 no virus found

    Aditional Information
    File size: 72704 bytes
    MD5: c97de5d46d995d100b15eeb61a33c56a
    SHA1: 4865167a46887a8c6645f17661d6bba16ceb9498
    packers: embedded
    Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.
    VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
    > Go to: Home Contactar En Español
    www.virustotal.com :: ©Hispasec Sistemas 2004-06:: e-mail info@virustotal.com
  10. 09-01-2007  #9
    kevlar313
    kevlar313 is offline Newbie
    Logfile of HijackThis v1.99.1
    Scan saved at 4:31:17 PM, on 1/8/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Yahoo!\Antivirus\ISafe.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Promise Technology, Inc\Promise Array Management\MsgSvr.exe
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
    C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
    C:\PROGRA~1\Yahoo!\YOP\yop.exe
    C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb1 2.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\WINDOWS\system32\devldr32.exe
    C:\PROGRA~1\Yahoo!\browser\ycommon.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.sbc.yahoo.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
    O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
    O4 - HKLM\..\Run: [YOP] "C:\PROGRA~1\Yahoo!\YOP\yop.exe" /autostart
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb1 2.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: AT&T Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/18abfb1f...p/RdxIE601.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1096605223795
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1126533049935
    O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
    O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) -
    O16 - DPF: {CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_03) -
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?322
    O16 - DPF: {FEC3E5A3-50F7-4B0C-97D8-01CF69DFBFC7} (Measurement Service Client) - http://ccon.madonion.com/global/msc.cab
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Promise Array Message Server (RAIDmSvr) - Unknown owner - C:\Program Files\Promise Technology, Inc.\Promise Array Management\MsgSvr.exe
    O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
  11. 09-01-2007  #10
    Neal
    Neal is offline Dedicated Member
    Save 20% on AVG Internet Security 2012 Suite!
    how's it behaving now?
    Last edited by Neal; 09-01-2007 at 05:06 AM.
+ Reply to Thread
« DL.exe probs. my Hijackthis log. | HELP! Keep getting redirected to unpleasent sites »