my log, problems(RESOLVED)

**switch245** · 15-07-2007

okay so my buddy went on his computer, and he started IMing me about zango popups and another pop up near the toolbar from an unnamed spyware detector he didnt install. I told him to install AVG antispyware and hijackthis. He used add/remove programs and got rid of zango, but the pop up is still there. Now, he got a new one saying: Critical System warning Your system is likely to be infected with latest version of Spyware.CyberLog-X Click OK to download antispyware software. Should i post what he got on the avg scan? (not including cookies) EDIT: The scan hasnt finished, and he says it is taking a very very long time, while mine finishes in about 5 minutes. EDIT: okay this is strange, he cant choose to quarantine or delete any items on AVG.

EDIT: These items were found in AVG scan, heres everything that wasnt a cookie
not-a-virus-exploit.java.gimsh.a
downloader.openconnection.w
trojan.bho.bd
wormluder.e
downloader.zlob.bww
rookit.agent
adware.generic
adware.zango
adware.agent
adware.qworke
adware.viewpoint
__________________________________________________ __________
Here is the hijackthis llog:

sLogfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 2 PM, on 7/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Video ActiveX Access\imsmain.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\AOL\1132381646\ee\AOLSoftware.exe
C:\Program Files\Video ActiveX Access\imsmn.exe
C:\PROGRA~1\MYWEBS~1\bar\d.bin\mwsoemon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\MUSICM~1\MUSICM~2\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\VirusProtectPro 3.4\VirusProtectPro 3.4.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.e xe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Plaxo\2.12.1.1\PlaxoHelper.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
C:\Program Files\AIM\aim.exe
C:\Program Files\palmOne\Hotsync.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Sony\click to dvd 2\ctdatsvr.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Registry Defender\RegistryDefender.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\Java\jre1.5.0_08\bin\jucheck.exe
C:\Documents and Settings\Ryan Ng\Desktop\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.comcast.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = :0
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\d.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\d.bin\MWSSRCAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\d.bin\MWSBAR.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Pro

I really do hope you can help, hes freaking out

**Neal** · 16-07-2007

Welcome,

You did not post the entire hijackthis log please re-san and post a again.

Also in the meantime:

Please download http://siri.urz.free.fr/Fix/SmitfraudFix.zip (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.

Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Please do not run any other option until asked to do so, Thanks

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlogic.org/consulting/proc...processutil.htm

Please post the smitfraudfix log. Thanks.

And...

1. Download this file - COMBOFIX
2. Double click combofix.exe & follow the prompts.
3. When finished, it will produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

Post a new hijackthis log also please.

**switch245** · 17-07-2007

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 2

24 PM, on 7/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Video ActiveX Access\imsmain.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\AOL\1132381646\ee\AOLSoftware.exe
C:\Program Files\Video ActiveX Access\imsmn.exe
C:\PROGRA~1\MYWEBS~1\bar\d.bin\mwsoemon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\MUSICM~1\MUSICM~2\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\VirusProtectPro 3.4\VirusProtectPro 3.4.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.e xe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Plaxo\2.12.1.1\PlaxoHelper.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
C:\Program Files\AIM\aim.exe
C:\Program Files\palmOne\Hotsync.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Sony\click to dvd 2\ctdatsvr.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Registry Defender\RegistryDefender.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\Java\jre1.5.0_08\bin\jucheck.exe
C:\Documents and Settings\Ryan Ng\Desktop\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.comcast.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = :0
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\d.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\d.bin\MWSSRCAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\d.bin\MWSBAR.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll (file missing)
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\DOCUME~1\RYANNG~1\LOCALS~1\Temp\juan.dll (file missing)
O2 - BHO: (no name) - {E26CEADA-67B0-4543-BE8B-307F00265118} - C:\Program Files\Video ActiveX Access\iesplg.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: Seekmo Toolbar - {53E0B6E8-A51D-448B-B692-40B67B285543} - C:\Program Files\Seekmo Programs\Seekmo Toolbar\SeekmoTB.dll
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\d.bin\MWSBAR.DLL
O3 - Toolbar: Protection Bar - {29C5A3B6-9A8D-4FA0-B5AD-3E20F4AA5C00} - C:\Program Files\Video ActiveX Access\iesbpl.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1132381646\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\d.bin\mwsoemon.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [masqform.exe] C:\Program Files\PureEdge\Viewer 6.1\masqform.exe /RegServer -UpdateCurrentUser
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MMTray] C:\PROGRA~1\MUSICM~1\MUSICM~2\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [SecurityUpdate] rundll32.exe C:\WINDOWS\system32\vlmigin.dll,TurnOn2
O4 - HKLM\..\Run: [VirusProtectPro 3.4] "C:\Program Files\VirusProtectPro 3.4\VirusProtectPro 3.4.exe" /h
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.e xe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\d.bin\mwsoemon.exe
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.12.1.1\PlaxoHelper.exe -a
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Program Files\Video ActiveX Access\iesmn.exe
O4 - HKLM\..\Policies\Explorer\Run: [rare] C:\Program Files\Video ActiveX Access\imsmain.exe
O4 - Startup: Click to DVD Automatic Mode Launcher.lnk = C:\Program Files\Sony\click to dvd 2\ctdatsvr.exe
O4 - Startup: RegistryDefender.lnk = C:\Program Files\Registry Defender\RegistryDefender.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\palmOne\Hotsync.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCfox000
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Ryan Ng\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net
O15 - Trusted Zone: http://*.nwmls.com
O15 - Trusted Zone: http://*.rapmls.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {20050325-D35A-4233-926E-2E801AE25949} (NMJPStarter15 Class) - http://www.netmarble.jp/_common/cab/NMStarterJP5.cab
O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - http://file.nx.com/activex/public_new/nxpm.cab
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {6FC19219-C47E-4880-9A79-D218A1C374F9} (NMJTransX Control) - http://file.netmarble.jp/Control/NMJTransX.cab
O16 - DPF: {A2E05F45-F127-4092-B9F7-9A02C3E04C77} (HGPlugin7USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin7USA.cab
O16 - DPF: {BC5E698E-77CF-45EF-80A3-090A4B6AAF83} (HGPlugin8USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin8USA.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {CEA3052D-65B9-44E2-A501-5E14024BC66F} (TricksterActiveX Control) - http://www.tricksteronline.com/control/tricksterActiveX.cab
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} (Logout Class) - http://www.tricksteronline.com/control/KALogoutComponent.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: hydronephrosises - {5889f7b0-3277-4266-b4bd-1bf2d394aee6} - C:\WINDOWS\system32\wpchz.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHar dwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 16709 bytes

**switch245** · 17-07-2007

These are his results from your download.

SmitFraudFix v2.204

Scan done at 17:07:50.10, Mon 07/16/2007
Run from C:\Documents and Settings\Ryan Ng\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Video ActiveX Access\imsmain.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Video ActiveX Access\imsmn.exe
C:\Program Files\Common Files\AOL\1132381646\ee\AOLSoftware.exe
C:\PROGRA~1\MYWEBS~1\bar\d.bin\mwsoemon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\MUSICM~1\MUSICM~2\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\VirusProtectPro 3.4\VirusProtectPro 3.4.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.e xe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Plaxo\2.12.1.1\PlaxoHelper.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
C:\Program Files\AIM\aim.exe
C:\Program Files\palmOne\Hotsync.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Sony\click to dvd 2\ctdatsvr.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Registry Defender\RegistryDefender.exe
C:\Program Files\Xfire\xfire.exe
C:\Documents and Settings\Ryan Ng\Desktop\w3hph.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Java\jre1.5.0_08\bin\jucheck.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
c:\program files\common files\aol\1132381646\ee\aexplore.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Ryan Ng

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Ryan Ng\Application Data

C:\Documents and Settings\Ryan Ng\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusProtectPro 3.4.lnk FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

»»»»»»»»»»»»»»»»»»»»»»»»

»»»»»»»»»»»»»»»»»»»»»»»» Desktop

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

C:\Program Files\Video ActiveX Access\ FOUND !
C:\Program Files\VirusProtectPro 3.4\ FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys

»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\SharedTaskScheduler]
"{5889f7b0-3277-4266-b4bd-1bf2d394aee6}"="hydronephrosises"

[HKEY_CLASSES_ROOT\CLSID\{5889f7b0-3277-4266-b4bd-1bf2d394aee6}\InProcServer32]
@="C:\WINDOWS\system32\wpchz.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{5889f7b 0-3277-4266-b4bd-1bf2d394aee6}\InProcServer32]
@="C:\WINDOWS\system32\wpchz.dll"

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Rustock

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Intel(R) PRO/100 VE Network Connection - Packet Scheduler Miniport
DNS Server Search Order: 192.168.15.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6027415F-54A5-4002-9B59-481F6A07BF25}: DhcpNameServer=192.168.15.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6027415F-54A5-4002-9B59-481F6A07BF25}: DhcpNameServer=192.168.15.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{6027415F-54A5-4002-9B59-481F6A07BF25}: DhcpNameServer=192.168.15.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.15.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.15.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.15.1

»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection

»»»»»»»»»»»»»»»»»»»»»»»» End

**Neal** · 17-07-2007

That is a heavily infected PC!

Please print out or copy these instructions/tutorial to Notepad as the internet will not be (while in Safe Mode) available to you at certain points of the removal process. Make sure to work through all the Steps in the exact order in which they are listed below. If there's anything that you don't understand, ask your question(s) before moving on with the fixes.[list=1]
[*]Reboot your computer in Safe Mode.

If the computer is running, shut down Windows, and then turn off the power.
Wait 30 seconds, and then turn the computer on.
Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
Ensure that the Safe Mode option is selected.
Press Enter. The computer then begins to start in Safe mode.
Login on your usual account.

[*]Run Smitfraud Open the SmitfraudFix Folder, then double-click smitfraudfix.cmd file to start the tool.
Select option #2 - Clean by typing 2 and press Enter.
Wait for the tool to complete and disk cleanup to finish.
You will be prompted : "Registry cleaning - Do you want to clean the registry ?" answer Yes by typing Y and hit Enter.
The tool will also check if wininet.dll is infected. If a clean version is found, you will be prompted to replace wininet.dll. Answer Yes to the question "Replace infected file ?" by typing Y and hit Enter.

A reboot may be needed to finish the cleaning process, if you computer does not restart automatically please do it yourself manually. Reboot in Safe Mode.

The tool will create a log named rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.

[*]Clean out your Temporary Internet files. Proceed like this:

Quit Internet Explorer and quit any instances of Windows Explorer.
Click Start, click Control Panel, and then double-click Internet Options.
On the General tab, click Delete Files under Temporary Internet Files.
In the Delete Files dialog box, tick the Delete all offline content check box , and then click OK.
On the General tab, click Delete Cookies under Temporary Internet Files, and then click OK.
Click on the Programs tab then click the Reset Web Settings button. Click Apply then OK.
Click OK.

Next Click Start, click Control Panel and then double-click Display. Click on the Desktop tab, then click the Customize Desktop button. Click on the Web tab. Under Web Pages you should see a checked entry called Security info or something similar. If it is there, select that entry and click the Delete button. Click Ok then Apply and Ok.

Empty the Recycle Bin by right-clicking the Recycle Bin icon on your Desktop, and then clicking Empty Recycle Bin.

Run a scan with AVG anti-spyware which you already have while still in safe mode, quarantine everything it finds, everything.

IMPORTANT : Don't click on the "Save Scan Report" button before you hit the "Apply all Actions" button.

Make sure that Set all elements to: shows Quarantine (1), if not click on the link and choose Quarantine from the popup menu. (2)
At the bottom of the window click on the Apply all Actions button.(3)

When done, click the Save Scan Report button. (4)
- Click the Save Report as button.
- Save the report to your Desktop. I will need you to post this in your next reply.
Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
Run SmitfraudFix. Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #3 - Delete Trusted zone by typing 3 and press Enter

Note, if you use SpywareBlaster and/or IE-SPYAD, it will be necessary to re-install the protection both afford. For SpywareBlaster, run the program and re-protect all items. For IE-SPYAD, run the batch file and reinstall the protection.
Post Logs. Please post:
1. c:\rapport.txt
2. AVG anti-spyware log
3. A new HijackThis log
Your may need several replies to post the requested logs, otherwise they might get cut off.

Also...

Open Hijackthis.

Click the "Open the Misc Tools" section Button.

Click the "Open Uninstall Manager" Button.

Click the "Save list..." Button.

Save it to your desktop. Copy and paste the contents into your reply.

Use several posts if needed that will be fine.

**switch245** · 17-07-2007

Rapport log

mitFraudFix v2.204

Scan done at 11:10:32.03, Tue 07/17/2007
Run from C:\Documents and Settings\Ryan Ng\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\SharedTaskScheduler]
"{5889f7b0-3277-4266-b4bd-1bf2d394aee6}"="hydronephrosises"

[HKEY_CLASSES_ROOT\CLSID\{5889f7b0-3277-4266-b4bd-1bf2d394aee6}\InProcServer32]
@="C:\WINDOWS\system32\wpchz.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{5889f7b 0-3277-4266-b4bd-1bf2d394aee6}\InProcServer32]
@="C:\WINDOWS\system32\wpchz.dll"

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

C:\WINDOWS\system32\wpchz.dll -> Hoax.Win32.Renos.gen.o
C:\WINDOWS\system32\wpchz.dll -> Deleted

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\Documents and Settings\Ryan Ng\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusProtectPro 3.4.lnk Deleted
C:\DOCUME~1\RYANNG~1\STARTM~1\VirusProtectPro 3.4.lnk Deleted
C:\DOCUME~1\ALLUSE~1\STARTM~1\Online Security Guide.url Deleted
C:\DOCUME~1\ALLUSE~1\STARTM~1\Security Troubleshooting.url Deleted
C:\DOCUME~1\RYANNG~1\Desktop\VirusProtectPro 3.4.lnk Deleted
C:\DOCUME~1\RYANNG~1\FAVORI~1\Online Security Test.url Deleted
C:\Program Files\Video ActiveX Access\ Deleted
C:\Program Files\VirusProtectPro 3.4\ Deleted

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6027415F-54A5-4002-9B59-481F6A07BF25}: DhcpNameServer=192.168.15.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6027415F-54A5-4002-9B59-481F6A07BF25}: DhcpNameServer=192.168.15.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{6027415F-54A5-4002-9B59-481F6A07BF25}: DhcpNameServer=192.168.15.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.15.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.15.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.15.1

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

**switch245** · 17-07-2007

AVG report

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 1:42:06 PM 7/17/2007

+ Scan result:

C:\Program Files\Seekmo Programs\Seekmo Toolbar\SeekmoTB.dll -> Adware.Agent : Cleaned with backup (quarantined).
C:\Program Files\Seekmo Programs\Seekmo Toolbar\SeekmoTBUninstaller.exe -> Adware.Agent : Cleaned with backup (quarantined).
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Ext\Stats\{5929CD6E-2062-44A4-B2C5-2C7E78FBAB38} -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{5929CD6E-2062-44A4-B2C5-2C7E78FBAB38} -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-3885593586-2362828862-2737973557-1005\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{5929CD6E-2062-44A4-B2C5-2C7E78FBAB38} -> Adware.Generic : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP631\A0265869.ini -> Adware.Qworke : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP629\A0263849.dll -> Adware.Viewpoint : Cleaned with backup (quarantined).
C:\Program Files\Netscape\Netscape\Plugins\npclntax.dll -> Adware.Zango : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP629\A0263830.dll -> Adware.Zango : Cleaned with backup (quarantined).
C:\Documents and Settings\Ryan Ng\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cla ssload.jar-1ef99a19-59adfbd6.zip/Installer.class -> Downloader.OpenConnection.w : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP631\A0265859.exe -> Downloader.Zlob.bww : Cleaned with backup (quarantined).
C:\Documents and Settings\Ryan Ng\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\ga me.class-506f6b50-69bd8404.class -> Not-A-Virus.Exploit.Java.Gimsh.a : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP572\A0210501.sys -> Rootkit.Agent : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP572\A0210512.sys -> Rootkit.Agent : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP603\A0232906.sys -> Rootkit.Agent : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP603\A0232917.sys -> Rootkit.Agent : Cleaned with backup (quarantined).
:mozilla.279:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.247realmedia : Ignored.
:mozilla.280:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.247realmedia : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@247realmedia[2].txt -> TrackingCookie.247realmedia : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@247realmedia[1].txt -> TrackingCookie.247realmedia : Ignored.
:mozilla.104:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.10:C:\Documents and Settings\Mom\Application Data\Mozilla\Profiles\default\eltx05f3.slt\cookies .txt -> TrackingCookie.2o7 : Ignored.
:mozilla.10:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Profiles\default\v4ptymsr.slt\cookies .txt -> TrackingCookie.2o7 : Ignored.
:mozilla.11:C:\Documents and Settings\Dad\Application Data\Mozilla\Profiles\default\tlpodnk2.slt\cookies .txt -> TrackingCookie.2o7 : Ignored.
:mozilla.12:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Profiles\default\v4ptymsr.slt\cookies .txt -> TrackingCookie.2o7 : Ignored.
:mozilla.205:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.206:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.209:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.214:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.216:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.217:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.218:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.306:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.307:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.7:C:\Documents and Settings\Dad\Application Data\Mozilla\Profiles\default\tlpodnk2.slt\cookies .txt -> TrackingCookie.2o7 : Ignored.
:mozilla.7:C:\Documents and Settings\Mom\Application Data\Mozilla\Profiles\default\eltx05f3.slt\cookies .txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@2o7[1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@homestore.122.2o7[1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@northwestairlines.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@reunioncom.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@2o7[2].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@palmone.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored.
:mozilla.725:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Aavalue : Ignored.
:mozilla.726:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Aavalue : Ignored.
:mozilla.727:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Aavalue : Ignored.
:mozilla.728:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Aavalue : Ignored.
:mozilla.729:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Aavalue : Ignored.
:mozilla.730:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Aavalue : Ignored.
:mozilla.731:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Aavalue : Ignored.
:mozilla.736:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Aavalue : Ignored.
:mozilla.737:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Aavalue : Ignored.
:mozilla.738:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Aavalue : Ignored.
:mozilla.110:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.111:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.118:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.354:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.417:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.278:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Adjuggler : Ignored.
:mozilla.749:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Adjuggler : Ignored.
:mozilla.750:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Adjuggler : Ignored.
:mozilla.751:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Adjuggler : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@adjuggler[2].txt -> TrackingCookie.Adjuggler : Ignored.
:mozilla.237:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.247:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.248:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.249:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.250:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.283:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.32:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.34:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.35:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.49:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Adrevolver : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@adrevolver[1].txt -> TrackingCookie.Adrevolver : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@track.adrevolver[1].txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.10:C:\Documents and Settings\Dad\Application Data\Mozilla\Profiles\default\tlpodnk2.slt\cookies .txt -> TrackingCookie.Advertising : Ignored.
:mozilla.13:C:\Documents and Settings\Dad\Application Data\Mozilla\Profiles\default\tlpodnk2.slt\cookies .txt -> TrackingCookie.Advertising : Ignored.
:mozilla.14:C:\Documents and Settings\Dad\Application Data\Mozilla\Profiles\default\tlpodnk2.slt\cookies .txt -> TrackingCookie.Advertising : Ignored.
:mozilla.304:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Advertising : Ignored.
:mozilla.305:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Advertising : Ignored.
:mozilla.310:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Advertising : Ignored.
:mozilla.311:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Advertising : Ignored.
:mozilla.312:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Advertising : Ignored.
:mozilla.8:C:\Documents and Settings\Mom\Application Data\Mozilla\Profiles\default\eltx05f3.slt\cookies .txt -> TrackingCookie.Advertising : Ignored.
:mozilla.8:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Profiles\default\v4ptymsr.slt\cookies .txt -> TrackingCookie.Advertising : Ignored.
:mozilla.9:C:\Documents and Settings\Dad\Application Data\Mozilla\Profiles\default\tlpodnk2.slt\cookies .txt -> TrackingCookie.Advertising : Ignored.
:mozilla.9:C:\Documents and Settings\Mom\Application Data\Mozilla\Profiles\default\eltx05f3.slt\cookies .txt -> TrackingCookie.Advertising : Ignored.
:mozilla.9:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Profiles\default\v4ptymsr.slt\cookies .txt -> TrackingCookie.Advertising : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@advertising[1].txt -> TrackingCookie.Advertising : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@advertising[1].txt -> TrackingCookie.Advertising : Ignored.
:mozilla.15:C:\Documents and Settings\Dad\Application Data\Mozilla\Profiles\default\tlpodnk2.slt\cookies .txt -> TrackingCookie.Atdmt : Ignored.
:mozilla.274:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Atdmt : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@atdmt[2].txt -> TrackingCookie.Atdmt : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@atdmt[2].txt -> TrackingCookie.Atdmt : Ignored.
:mozilla.248:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Bfast : Ignored.
:mozilla.261:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Bfast : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@bfast[1].txt -> TrackingCookie.Bfast : Ignored.
:mozilla.232:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Bluestreak : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@bluestreak[2].txt -> TrackingCookie.Bluestreak : Ignored.
:mozilla.282:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Bridgetrack : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@citi.bridgetrack[2].txt -> TrackingCookie.Bridgetrack : Ignored.
:mozilla.397:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Burstbeacon : Ignored.
:mozilla.152:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Burstnet : Ignored.
:mozilla.153:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Burstnet : Ignored.
:mozilla.154:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Burstnet : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@burstnet[1].txt -> TrackingCookie.Burstnet : Ignored.
:mozilla.201:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.239:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.240:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.241:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.242:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.243:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.244:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.245:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.246:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Casalemedia : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@casalemedia[1].txt -> TrackingCookie.Casalemedia : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@casalemedia[2].txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.908:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Clickbank : Ignored.
:mozilla.360:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Clickhype : Ignored.
:mozilla.250:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Cnn : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@ads.cnn[1].txt -> TrackingCookie.Cnn : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@ads.cnn[2].txt -> TrackingCookie.Cnn : Ignored.
:mozilla.294:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Com : Ignored.
:mozilla.406:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Com : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@com[1].txt -> TrackingCookie.Com : Ignored.
:mozilla.211:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Coremetrics : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Ignored.
:mozilla.291:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Cpvfeed : Ignored.
:mozilla.293:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Cpvfeed : Ignored.
:mozilla.294:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Cpvfeed : Ignored.
:mozilla.295:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Cpvfeed : Ignored.
:mozilla.146:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Dealtime : Ignored.
:mozilla.225:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Dealtime : Ignored.
:mozilla.226:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Dealtime : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@dealtime[2].txt -> TrackingCookie.Dealtime : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Ignored.
:mozilla.11:C:\Documents and Settings\Mom\Application Data\Mozilla\Profiles\default\eltx05f3.slt\cookies .txt -> TrackingCookie.Doubleclick : Ignored.
:mozilla.11:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Profiles\default\v4ptymsr.slt\cookies .txt -> TrackingCookie.Doubleclick : Ignored.
:mozilla.12:C:\Documents and Settings\Dad\Application Data\Mozilla\Profiles\default\tlpodnk2.slt\cookies .txt -> TrackingCookie.Doubleclick : Ignored.
:mozilla.247:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Doubleclick : Ignored.
:mozilla.8:C:\Documents and Settings\Dad\Application Data\Mozilla\Profiles\default\tlpodnk2.slt\cookies .txt -> TrackingCookie.Doubleclick : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@doubleclick[2].txt -> TrackingCookie.Doubleclick : Ignored.
:mozilla.252:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Enhance : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@c.enhance[2].txt -> TrackingCookie.Enhance : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@c.enhance[1].txt -> TrackingCookie.Enhance : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@enhance[1].txt -> TrackingCookie.Enhance : Ignored.
:mozilla.499:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Euroclick : Ignored.
:mozilla.500:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Euroclick : Ignored.
:mozilla.365:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Falkag : Ignored.
:mozilla.236:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Fastclick : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@fastclick[1].txt -> TrackingCookie.Fastclick : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@fastclick[2].txt -> TrackingCookie.Fastclick : Ignored.
:mozilla.253:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Findwhat : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@findwhat[1].txt -> TrackingCookie.Findwhat : Ignored.
:mozilla.762:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Fortunecity : Ignored.
:mozilla.763:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Fortunecity : Ignored.
:mozilla.148:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Gamershell : Ignored.
:mozilla.149:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Gamershell : Ignored.
:mozilla.150:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Gamershell : Ignored.
:mozilla.151:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Gamershell : Ignored.
:mozilla.155:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Gamershell : Ignored.
:mozilla.156:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Gamershell : Ignored.
:mozilla.157:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Gamershell : Ignored.
:mozilla.158:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Gamershell : Ignored.
:mozilla.159:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Gamershell : Ignored.
:mozilla.160:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Gamershell : Ignored.
:mozilla.161:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Gamershell : Ignored.
:mozilla.162:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Gamershell : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@c.goclick[2].txt -> TrackingCookie.Goclick : Ignored.
:mozilla.219:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored.
:mozilla.285:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored.
:mozilla.286:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored.
:mozilla.287:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored.
:mozilla.313:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@ehg-autotrader.hitbox[2].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@ehg-comcast.hitbox[1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@ehg-directv.hitbox[1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@ehg-i21.hitbox[1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@ehg-lowermybills.hitbox[1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@ehg-netquote.hitbox[1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@ehg-traderpublishing.hitbox[2].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@ehg.hitbox[1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@hitbox[2].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@ehg-dig.hitbox[1].txt -> TrackingCookie.Hitbox : Ignored.
:mozilla.263:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Imrworldwide : Ignored.
:mozilla.264:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Imrworldwide : Ignored.
:mozilla.572:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Imrworldwide : Ignored.
:mozilla.573:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Imrworldwide : Ignored.
:mozilla.423:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Information : Ignored.
:mozilla.70:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Linksynergy : Ignored.
:mozilla.71:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Linksynergy : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@linksynergy[1].txt -> TrackingCookie.Linksynergy : Ignored.
:mozilla.873:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Liveperson : Ignored.
:mozilla.874:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Liveperson : Ignored.
:mozilla.924:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Liveperson : Ignored.
:mozilla.925:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Liveperson : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@sales.liveperson[3].txt -> TrackingCookie.Liveperson : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@sec1.liveperson[3].txt -> TrackingCookie.Liveperson : Ignored.
:mozilla.108:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Masterstats : Ignored.
:mozilla.140:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Mediaplex : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignored.
:mozilla.747:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Myaffiliateprogram : Ignored.
:mozilla.126:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Navrcholu : Ignored.
:mozilla.64:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Netflame : Ignored.
:mozilla.124:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Overture : Ignored.
:mozilla.125:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Overture : Ignored.
:mozilla.183:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Overture : Ignored.
:mozilla.67:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Overture : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@data2.perf.overture[1].txt -> TrackingCookie.Overture : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@overture[1].txt -> TrackingCookie.Overture : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@perf.overture[1].txt -> TrackingCookie.Overture : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@data1.perf.overture[1].txt -> TrackingCookie.Overture : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@overture[1].txt -> TrackingCookie.Overture : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@perf.overture[1].txt -> TrackingCookie.Overture : Ignored.
:mozilla.472:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Paypal : Ignored.
:mozilla.12:C:\Documents and Settings\Mom\Application Data\Mozilla\Profiles\default\eltx05f3.slt\cookies .txt -> TrackingCookie.Pointroll : Ignored.
:mozilla.13:C:\Documents and Settings\Mom\Application Data\Mozilla\Profiles\default\eltx05f3.slt\cookies .txt -> TrackingCookie.Pointroll : Ignored.
:mozilla.14:C:\Documents and Settings\Mom\Application Data\Mozilla\Profiles\default\eltx05f3.slt\cookies .txt -> TrackingCookie.Pointroll : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Ignored.
:mozilla.81:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Qksrv : Ignored.
:mozilla.82:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Qksrv : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@qksrv[2].txt -> TrackingCookie.Qksrv : Ignored.
:mozilla.177:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Questionmarket : Ignored.
:mozilla.178:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Questionmarket : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@questionmarket[2].txt -> TrackingCookie.Questionmarket : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@questionmarket[2].txt -> TrackingCookie.Questionmarket : Ignored.
:mozilla.149:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Realmedia : Ignored.
:mozilla.150:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Realmedia : Ignored.
:mozilla.254:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Realmedia : Ignored.
:mozilla.255:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Realmedia : Ignored.
:mozilla.256:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Realmedia : Ignored.
:mozilla.257:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Realmedia : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@realmedia[1].txt -> TrackingCookie.Realmedia : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@realmedia[2].txt -> TrackingCookie.Realmedia : Ignored.
:mozilla.769:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Reliablestats : Ignored.
:mozilla.770:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Reliablestats : Ignored.
:mozilla.771:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Reliablestats : Ignored.
:mozilla.772:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Reliablestats : Ignored.
:mozilla.775:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Reliablestats : Ignored.
:mozilla.776:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Reliablestats : Ignored.
:mozilla.777:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Reliablestats : Ignored.
:mozilla.778:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Reliablestats : Ignored.
:mozilla.779:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Reliablestats : Ignored.
:mozilla.780:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Reliablestats : Ignored.
:mozilla.781:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Reliablestats : Ignored.
:mozilla.782:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Reliablestats : Ignored.
:mozilla.783:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Reliablestats : Ignored.
:mozilla.784:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Reliablestats : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Ignored.
:mozilla.422:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Revenue : Ignored.
:mozilla.127:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Revsci : Ignored.
:mozilla.128:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Revsci : Ignored.
:mozilla.129:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Revsci : Ignored.
:mozilla.130:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Revsci : Ignored.
:mozilla.131:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Revsci : Ignored.
:mozilla.132:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Revsci : Ignored.
:mozilla.36:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Revsci : Ignored.
:mozilla.37:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Revsci : Ignored.
:mozilla.38:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Revsci : Ignored.
:mozilla.39:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Revsci : Ignored.
:mozilla.40:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Revsci : Ignored.
:mozilla.41:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Revsci : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@revsci[2].txt -> TrackingCookie.Revsci : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@revsci[1].txt -> TrackingCookie.Revsci : Ignored.
:mozilla.233:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Ru4 : Ignored.
:mozilla.234:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Ru4 : Ignored.
:mozilla.235:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Ru4 : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@edge.ru4[1].txt -> TrackingCookie.Ru4 : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@edge.ru4[1].txt -> TrackingCookie.Ru4 : Ignored.
:mozilla.157:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.158:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.159:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.160:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.161:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.298:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.426:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.427:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.428:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.429:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.430:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.431:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@serving-sys[1].txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.51:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Sexcounter : Ignored.
:mozilla.52:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Sexcounter : Ignored.
:mozilla.151:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Specificclick : Ignored.
:mozilla.221:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Specificclick : Ignored.
:mozilla.289:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Specificclick : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@specificclick[2].txt -> TrackingCookie.Specificclick : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Ignored.
:mozilla.11:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Starware : Ignored.
:mozilla.224:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Starware : Ignored.
:mozilla.275:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Starware : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@h.starware[1].txt -> TrackingCookie.Starware : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@try.starware[1].txt -> TrackingCookie.Starware : Ignored.
:mozilla.105:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.106:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.107:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.311:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.312:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.313:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.314:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.315:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.316:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.317:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.318:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.319:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.320:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.321:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.322:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.323:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.324:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@statcounter[1].txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.95:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Tacoda : Ignored.
:mozilla.96:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Tacoda : Ignored.
:mozilla.97:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Tacoda : Ignored.
:mozilla.98:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Tacoda : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@anat.tacoda[2].txt -> TrackingCookie.Tacoda : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@tacoda[1].txt -> TrackingCookie.Tacoda : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@anad.tacoda[2].txt -> TrackingCookie.Tacoda : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@tacoda[2].txt -> TrackingCookie.Tacoda : Ignored.
:mozilla.29:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Trafficmp : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@trafficmp[2].txt -> TrackingCookie.Trafficmp : Ignored.
:mozilla.28:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Tribalfusion : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Ignored.
:mozilla.101:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Webtrends : Ignored.
:mozilla.66:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Webtrends : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@m.webtrends[2].txt -> TrackingCookie.Webtrends : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@m.webtrends[2].txt -> TrackingCookie.Webtrends : Ignored.
:mozilla.175:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Webtrendslive : Ignored.
:mozilla.176:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Webtrendslive : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Ignored.
:mozilla.482:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Yadro : Ignored.
:mozilla.483:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Yadro : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@yadro[2].txt -> TrackingCookie.Yadro : Ignored.
:mozilla.15:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.19:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.20:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.21:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.22:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.23:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.271:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.272:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.273:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.366:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Zedo : Ignored.
:mozilla.367:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Zedo : Ignored.
:mozilla.368:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Zedo : Ignored.
:mozilla.369:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Zedo : Ignored.
:mozilla.370:C:\Documents and Settings\Ryan Ng\Application Data\Mozilla\Firefox\Profiles\igdeg51v.default\coo kies.txt -> TrackingCookie.Zedo : Ignored.
:mozilla.55:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Zedo : Ignored.
:mozilla.63:C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\zyont53s.default\coo kies.txt -> TrackingCookie.Zedo : Ignored.
C:\Documents and Settings\Dad\Cookies\dad@zedo[1].txt -> TrackingCookie.Zedo : Ignored.
C:\Documents and Settings\Mom\Cookies\mom@zedo[2].txt -> TrackingCookie.Zedo : Ignored.
C:\Program Files\PopsMedia Site Adviser\vm5_killer.exe -> Trojan.BHO.bd : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP629\A0263776.dll -> Trojan.BHO.bd : Cleaned with backup (quarantined).
C:\Program Files\MAIET\Gunz\XPatch.exe -> Worm.Luder.e : Cleaned with backup (quarantined).
C:\Program Files\Scions of Fate\Client\XPatch.exe -> Worm.Luder.e : Cleaned with backup (quarantined).

::Report end

**switch245** · 17-07-2007

hijack this log

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 1:45:42 PM, on 7/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Xfire\xfire.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Ryan Ng\Desktop\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = :0
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\d.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\d.bin\MWSSRCAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\d.bin\MWSBAR.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll (file missing)
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\DOCUME~1\RYANNG~1\LOCALS~1\Temp\juan.dll (file missing)
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: Seekmo Toolbar - {53E0B6E8-A51D-448B-B692-40B67B285543} - C:\Program Files\Seekmo Programs\Seekmo Toolbar\SeekmoTB.dll (file missing)
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\d.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1132381646\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\d.bin\mwsoemon.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [masqform.exe] C:\Program Files\PureEdge\Viewer 6.1\masqform.exe /RegServer -UpdateCurrentUser
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MMTray] C:\PROGRA~1\MUSICM~1\MUSICM~2\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [SecurityUpdate] rundll32.exe C:\WINDOWS\system32\vlmigin.dll,TurnOn2
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.e xe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\d.bin\mwsoemon.exe
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.12.1.1\PlaxoHelper.exe -a
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Startup: Click to DVD Automatic Mode Launcher.lnk = C:\Program Files\Sony\click to dvd 2\ctdatsvr.exe
O4 - Startup: RegistryDefender.lnk = C:\Program Files\Registry Defender\RegistryDefender.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\palmOne\Hotsync.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCfox000
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Ryan Ng\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net
O15 - Trusted Zone: http://*.nwmls.com
O15 - Trusted Zone: http://*.rapmls.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {20050325-D35A-4233-926E-2E801AE25949} (NMJPStarter15 Class) - http://www.netmarble.jp/_common/cab/NMStarterJP5.cab
O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - http://file.nx.com/activex/public_new/nxpm.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {6FC19219-C47E-4880-9A79-D218A1C374F9} (NMJTransX Control) - http://file.netmarble.jp/Control/NMJTransX.cab
O16 - DPF: {A2E05F45-F127-4092-B9F7-9A02C3E04C77} (HGPlugin7USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin7USA.cab
O16 - DPF: {BC5E698E-77CF-45EF-80A3-090A4B6AAF83} (HGPlugin8USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin8USA.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {CEA3052D-65B9-44E2-A501-5E14024BC66F} (TricksterActiveX Control) - http://www.tricksteronline.com/control/tricksterActiveX.cab
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} (Logout Class) - http://www.tricksteronline.com/control/KALogoutComponent.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHar dwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 13794 bytes

**switch245** · 17-07-2007

save list:

µTorrent
7-Zip 4.32
Ad-Aware SE Personal
Adobe Flash Player 9 ActiveX
Adobe Reader 7.0.9
Agere Systems AC'97 Modem
AIM 6.0
AOL Instant Messenger
AOL Setup
AOL Uninstaller (Choose which Products to Remove)
Apple Software Update
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
AVG Anti-Spyware 7.5
CC_ccProxyMSI
CC_ccStart
ccCommon
Click to DVD 2.0 Menu Data
Click to DVD 2.0.02
Comcast PhotoShow Deluxe 4
Comcast Rhapsody
CONNECT
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
Drag'n Drop CD+DVD
DVgate Plus
Gaim (remove only)
Google Toolbar for Firefox
GTK+ Runtime 2.6.8 rev a (remove only)
Gunbound Revolution
Haali Media Splitter
Hamachi 0.9.9.9
HijackThis 2.0.0
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
IExplorer Security Plug-in
ijji - Gunz
Intel(R) Extreme Graphics Driver
Intel(R) PRO Network Adapters and Drivers
Internet Explorer Q903235
Internet Explorer Secure Bar
InterVideo WinDVD 5 for VAIO
IrfanView (remove only)
iTunes
J2SE Runtime Environment 5.0 Update 8
Java 2 Runtime Environment, SE v1.4.2_01
KSignAccessToolkit v1.0
LastChaos
LimeWire 4.12.6
LiveReg (Symantec Corporation)
LiveUpdate 1.90 (Symantec Corporation)
Logitech Desktop Messenger
Logitech SetPoint
Macromedia Shockwave Player
Magellan RoadMate Manager North America
MapleStory
Memory Stick Formatter
Messenger Service
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft Works 7.0
MoodLogic
Mozilla Firefox (2.0.0.4)
MSN Music Assistant
MSRedist
Musicmatch® Jukebox
My Web Search (Zwinky)
Netscape Internet Service Setup
Norton AntiSpam
Norton AntiSpam
Norton AntiVirus
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security (Symantec Corporation)
OpenMG Limited Patch 4.0-04-11-28-01
OpenMG Secure Module 4.0.05
palmOne
Panda TotalScan
PictureGear Studio 2.0
Plaxo Toolbar for Outlook (with AIM Enhancements)
PureEdge Viewer 6.1
Quicken 2004
QuickTime
Registry Defender
Rhapsody Player Engine
Scions of Fate
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Seekmo Toolbar
SonicStage 2.3.00
Sony Certificate PCH
Sony Video Shared Library
Starcraft
Trickster Online
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB936357)
VAIO Entertainment Platform
VAIO Help and Support
VAIO Media 3.0
VAIO Media Integrated Server 3.0
VAIO Media Redistribution 3.0
VAIO music transfer 1.2
VAIO Registration
VAIO SLIT Pattern Wallpaper
VAIO SLIT-C Screen Saver
VAIO Survey Standalone
VAIO System Information
VAIO Update 2
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Viewpoint Toolbar (Remove Only)
Welcome to VAIO life
Windows Driver Package - MSN (usbccgp) USB (04/19/2006 1.1.0.2)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Messenger
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 9 Hotfix [See KB885492 for more information]
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinPcap 3.1
WinRAR archiver
Xfire (remove only)
XviD 1.1 final uninstall
Zoom Player (remove only)

**Neal** · 18-07-2007

Remove Bad Services

Go to Start->Run and type in notepad and hit OK.
Then copy and paste the contents of the following Quote box into Notepad:

sc stop Viewpoint Manager Service
sc delete Viewpoint Manager Service
del delete.bat
Save the file as "delete.bat". <== Make sure to save it with the quotes.
Double click delete.bat.

Then...

1. Start HijackThis
2. Click on the Config button
3. Click on the Misc Tools button
4. Click on the Open Uninstall Manager button.

Click on: One at a time

My Web Search (Zwinky)
Seekmo Toolbar
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Viewpoint Toolbar (Remove Only)

Click on Delete this entry

Reboot your computer.

Do the same for the others

Next...

Run hijackthis and click on system scan button only and put checks next to these:

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\d.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\d.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\d.bin\MWSBAR.DLL
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll (file missing)
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\DOCUME~1\RYANNG~1\LOCALS~1\Temp\juan.dll (file missing)

O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: Seekmo Toolbar - {53E0B6E8-A51D-448B-B692-40B67B285543} - C:\Program Files\Seekmo Programs\Seekmo Toolbar\SeekmoTB.dll (file missing)
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\d.bin\MWSBAR.DLL

O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\d.bin\mwsoemon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\d.bin\mwsoemon.exe

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...tml?p=ZCfox000
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache...up1.0.0.15.cab

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

Nothing open but hijackthis and click on "fix checked"

Now reboot into safe mode by tapping your F8 key upon restart and safe mode screen appears, select safe mode and press enter.

Navigate to these files or folders using Windows Explorer (OR Start -> Search) and delete (if present):

DELETE FOLDERS

C:\Program Files\MyWebSearch
C:\Program Files\Viewpoint
C:\Program Files\Seekmo Programs

Reboot normal mode and...

1. Download this file - COMBOFIX
2. Double click combofix.exe & follow the prompts.
3. When finished, it will produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

Post a new hijackthis log also please from normal mode.

my log, problems(RESOLVED)

my log, problems(RESOLVED)

Similar Threads

Malware problems

[RESOLVED] Internet Problems

having a few problems with msn(RESOLVED)

I have LOP problems (RESOLVED)

A few problems(RESOLVED)