first time user

Started by hgreen, Sep 15 2006 11:36 PM

You cannot reply to this topic

7 replies to this topic

#1 OFFLINE hgreen

Newbie

Members
4 posts

Posted 15 September 2006 - 11:36 PM

my computer has been running slowly for no reason apparently and it has been shutting off by itself while i am using it ... my partner had me download HJT and post a log ... he said you guys would know what to do cause you're computer savy ... please help me
please keep instructions simple i am a novice

#2 OFFLINE rridgely

I hate computers

Moderators
8,858 posts

Gender:Male

Posted 15 September 2006 - 11:56 PM

Welcome to the forum. I'll try to give as simple directions as possible.

First you need to paste the hijackthis log onto the forum.
Since you already have it just open it up and press "scan and save log file". A text file will appear in notepad. Copy that entire file onto the forum for us to see.

#3 OFFLINE hgreen

Newbie

Members
4 posts

Posted 16 September 2006 - 02:18 AM

Logfile of HijackThis v1.99.1
Scan saved at 10:11:00 PM, on 9/15/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\PROGRA~1\WINZIP\wzqkpick.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\download programs\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.n...lbar2.0/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/...rch/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.n...lbar2.0/search/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O1 - Hosts: 66.98.136.25 auto.search.msn.com
O1 - Hosts: 66.98.136.25 auto.search.msn.es
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee Privacy Service Popup Blocker - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~2.DLL
O2 - BHO: iMeshBar BHO - {5345A7A1-805A-4923-B505-86B2FEBA3FE0} - C:\Program Files\iMeshBar\bar\1.bin\IMESHBAR.DLL (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {8DA5457F-A8AA-4CCF-A842-70E6FD274094} - C:\PROGRA~1\COMMON~1\WinTools\WToolsT.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: (no name) - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - (no file)
O3 - Toolbar: iMeshBar - {5345A7A9-805A-4923-B505-86B2FEBA3FE0} - C:\Program Files\iMeshBar\bar\1.bin\IMESHBAR.DLL (file missing)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~2.DLL
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Otro] "C:\PROGRA~1\COMMON~1\DOBE~1\svchost.exe" -vt yazr
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://ka.bar.need2f...earch.html?p=KA
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: PopupFree - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - (no file)
O9 - Extra 'Tools' menuitem: PopupFree - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - (no file)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet6_98.dll' missing
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab
O16 - DPF: Yahoo! Pool 2 - http://download.game...ts/y/pote_x.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.c...es/MsnInstC.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguar...ion/Install.cab
O16 - DPF: {2871FC9B-5E34-4AAE-9E9C-EBD1652D5C92} (Rhapsody Player Engine) - http://forms.real.com/real/player/download...ne_Inst_Win.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/minibug/tr...Transporter.cab?
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games....GamesPlugin.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab
O16 - DPF: {70522FA0-4656-11D5-B0E9-0050DAC24E8F} - http://cc.iwon.com/c..._12_1,0,2,5.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab
O16 - DPF: {C432C4BD-3566-411C-8F3C-E5E0D3AE5D33} (CBrowser Class) - http://www.streamingfaith.com/common/mbrow...MINIBrowser.CAB
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O18 - Protocol: bw+0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: WinTools for IE service (WinToolsSvc) - Unknown owner - C:\Program Files\Common Files\WinTools\WToolsS.exe (file missing)

here you go

#4 OFFLINE rridgely

I hate computers

Moderators
8,858 posts

Gender:Male

Posted 16 September 2006 - 02:46 AM

Yep you have a couple pieces of spyware. Shouldn't be too hard to clean up. Lets start off with a spyware scanner.

Download Ewido Anti-Spyware

Load Ewido and then click the Update tab at the top. Under Manual Update click Start update.
After the update finishes (the status bar at the bottom will display "Update successful")
Click on the Scanner tab at the top and then click on Complete System Scan
Ewido will list any infections found on the left, when the scan has finished, it will automatically set the recommended action. Click the Apply all actions button. Ewido will then display "All actions have been applied" on the right.
Click on "Save Report", then "Save Report As". This will create a text file which you can then save to the Desktop.

Follow those instructions carefully. When your done with the ewido scan come back to the forum and post a new hijackthis log, and the log from ewido. If you have any questions about my instructions or don't understand don't hesitate to tell me.

#5 OFFLINE hgreen

Newbie

Members
4 posts

Posted 16 September 2006 - 05:19 PM

Logfile of HijackThis v1.99.1
Scan saved at 1:08:32 PM, on 9/16/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\PROGRA~1\WINZIP\wzqkpick.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\download programs\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.n...lbar2.0/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/...rch/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.n...lbar2.0/search/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O1 - Hosts: 66.98.136.25 auto.search.msn.com
O1 - Hosts: 66.98.136.25 auto.search.msn.es
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee Privacy Service Popup Blocker - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~2.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {8DA5457F-A8AA-4CCF-A842-70E6FD274094} - C:\PROGRA~1\COMMON~1\WinTools\WToolsT.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: (no name) - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - (no file)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~2.DLL
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Otro] "C:\PROGRA~1\COMMON~1\DOBE~1\svchost.exe" -vt yazr
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://ka.bar.need2f...earch.html?p=KA
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: PopupFree - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - (no file)
O9 - Extra 'Tools' menuitem: PopupFree - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - (no file)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet6_98.dll' missing
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab
O16 - DPF: Yahoo! Pool 2 - http://download.game...ts/y/pote_x.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.c...es/MsnInstC.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguar...ion/Install.cab
O16 - DPF: {2871FC9B-5E34-4AAE-9E9C-EBD1652D5C92} (Rhapsody Player Engine) - http://forms.real.com/real/player/download...ne_Inst_Win.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/minibug/tr...Transporter.cab?
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games....GamesPlugin.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab
O16 - DPF: {70522FA0-4656-11D5-B0E9-0050DAC24E8F} - http://cc.iwon.com/c..._12_1,0,2,5.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab
O16 - DPF: {C432C4BD-3566-411C-8F3C-E5E0D3AE5D33} (CBrowser Class) - http://www.streamingfaith.com/common/mbrow...MINIBrowser.CAB
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O18 - Protocol: bw+0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {EBC42466-2099-46F6-A5AE-0D00DE401EA6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe

ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 1:06:21 PM 9/16/2006

+ Scan result:

C:\Program Files\INSTAFINK -> Adware.404Search : Cleaned with backup (quarantined).
C:\Program Files\kazaa_setup.exe -> Adware.Altnet : Cleaned with backup (quarantined).
C:\WINNT\Temp\Altnet -> Adware.Altnet : Cleaned with backup (quarantined).
C:\WINNT\Temp\Altnet\Atl.dll -> Adware.Altnet : Cleaned with backup (quarantined).
C:\WINNT\Temp\Altnet\DMinfo3.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\WINNT\Temp\Altnet\Setup.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\WINNT\Temp\Altnet\dminstall7.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\WINNT\Temp\Altnet\msvcirt.dll -> Adware.Altnet : Cleaned with backup (quarantined).
C:\WINNT\Temp\Altnet\pminstall.cab -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM25.ADM25 -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM25.ADM25.1 -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM25.ADM25\CurVer -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM4.ADM4 -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM4.ADM4.1 -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM4.ADM4\CurVer -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\TopSearch.TSLink -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\TopSearch.TSLink.1 -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\TopSearch.TSLink\CLSID -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\TopSearch.TSLink\CurVer -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\ComcastToolbar\comcasttoolbar.dll_0_ -> Adware.BHO : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RelevantKnowledge -> Adware.BroadCastPC : Cleaned with backup (quarantined).
C:\Program Files\Monaco Gold Casino\SetupCasino.exe -> Adware.Casino : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{5345A7A1-805A-4923-B505-86B2FEBA3FE0} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{5345A7A9-805A-4923-B505-86B2FEBA3FE0} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{5345A7A9-805A-4923-B505-86B2FEBA3FE0} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5345A7A1-805A-4923-B505-86B2FEBA3FE0} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Netsetter -> Adware.MarketScore : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Netsetter\OSMIM -> Adware.MarketScore : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Local Settings\Temp\MiniBug.exe -> Adware.Minibug : Cleaned with backup (quarantined).
C:\Program Files\NewDotNet -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\Program Files\NewDotNet\readme.html -> Adware.NewDotNet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\New.net Startup -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\Program Files\RXToolBar -> Adware.RXToolbar : Cleaned with backup (quarantined).
C:\Program Files\RXToolBar\CacheCatolog.rx -> Adware.RXToolbar : Cleaned with backup (quarantined).
HKU\S-1-5-21-484763869-706699826-1957994488-500\Software\RX Toolbar -> Adware.RXToolbar : Cleaned with backup (quarantined).
C:\Program Files\WebSearch -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\2c1bccp3.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\37v33trj.exe -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\733yu1e3.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\8kdxwkkt.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\8rjktkug.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\9s6255vz.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\9vpxw12v.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\awt4vt6y.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\cx5k7gzp.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\f266zv1f.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\f9g23cn7.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\fv4vyrep.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\g4g1m5ck.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\i9edvgy5.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\icgzdmwy.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\itkxp6la.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\jkp82yj6.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\jme8i173.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\q9v9tzd3.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\r2fw2idi.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\s9gxnpzp.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\tqquycwr.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\u96bfp6j.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\v73kqqkx.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\vwtl7b14.exe -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\WebSearch\Util\zawcicij.tmp -> Adware.TopMoxie : Cleaned with backup (quarantined).
C:\Program Files\ComcastToolbar\uninstall.exe -> Adware.VMN : Cleaned with backup (quarantined).
C:\Program Files\whInstall -> Adware.Webhancer : Cleaned with backup (quarantined).
C:\Program Files\whInstall\Sporder.dll -> Adware.Webhancer : Cleaned with backup (quarantined).
C:\Program Files\whInstall\license.txt -> Adware.Webhancer : Cleaned with backup (quarantined).
C:\Program Files\whInstall\readme.txt -> Adware.Webhancer : Cleaned with backup (quarantined).
C:\Program Files\whInstall\whAgent.ini -> Adware.Webhancer : Cleaned with backup (quarantined).
C:\Program Files\whInstall\whInstaller.ini -> Adware.Webhancer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\PROTOCOLS\Name-Space Handler\res -> Adware.WebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\STO -> Adware.WebSearch : Cleaned with backup (quarantined).
HKLM\SYSTEM\ControlSet002\Services\WinToolsSvc -> Adware.WebSearch : Cleaned with backup (quarantined).
HKLM\SYSTEM\ControlSet002\Services\WinToolsSvc\Security -> Adware.WebSearch : Cleaned with backup (quarantined).
HKLM\SYSTEM\CurrentControlSet\Services\WinToolsSvc -> Adware.WebSearch : Cleaned with backup (quarantined).
HKLM\SYSTEM\CurrentControlSet\Services\WinToolsSvc\Enum -> Adware.WebSearch : Cleaned with backup (quarantined).
HKLM\SYSTEM\CurrentControlSet\Services\WinToolsSvc\Security -> Adware.WebSearch : Cleaned with backup (quarantined).
C:\WINNT\system32\actskn45.ocx -> Downloader.IstBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{1FF04B25-0A23-4A12-960C-73F8B9950436} -> Hijacker.Generic : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrator\Cookies\administrator@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.38:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.39:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.40:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.41:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.44:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.45:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.46:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.47:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.48:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.49:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.50:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.51:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.52:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.53:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.54:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.557:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.55:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.56:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.57:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.666:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.673:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.703:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.726:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.847:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.918:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.929:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@bookspan.122.2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@cbs.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@embarq.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@entrepreneur.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@lsfnetwork.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@pch.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@planetout.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@snagajob.122.2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.84:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.85:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.86:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.595:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@ad.admarketplace[2].txt -> TrackingCookie.Admarketplace : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@admarketplace[1].txt -> TrackingCookie.Admarketplace : Cleaned.
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@ad.admarketplace[1].txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.921:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[3].txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.314:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.315:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.316:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.317:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.318:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.319:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.320:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.321:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.322:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.323:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@z1.adserver[2].txt -> TrackingCookie.Adserver : Cleaned.
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.498:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Adtrak : Cleaned.
:mozilla.533:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Adtrak : Cleaned.
:mozilla.534:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Adtrak : Cleaned.
:mozilla.535:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Adtrak : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@ugl.adtrak[1].txt -> TrackingCookie.Adtrak : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@www.adtrak[1].txt -> TrackingCookie.Adtrak : Cleaned.
:mozilla.182:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.183:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.184:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.185:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.62:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.147:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.602:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.906:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@citi.bridgetrack[2].txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@rccl.bridgetrack[1].txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@citi.bridgetrack[1].txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.307:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.308:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.144:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.145:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.146:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@as.casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.930:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Centrport : Cleaned.
:mozilla.931:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Centrport : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@centrport[2].txt -> TrackingCookie.Centrport : Cleaned.
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@centrport[2].txt -> TrackingCookie.Centrport : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@clickbank[2].txt -> TrackingCookie.Clickbank : Cleaned.
:mozilla.78:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.79:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@com[2].txt -> TrackingCookie.Com : Cleaned.
:mozilla.866:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Dbbsrv : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@dbbsrv[1].txt -> TrackingCookie.Dbbsrv : Cleaned.
:mozilla.14:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.942:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@c.enhance[2].txt -> TrackingCookie.Enhance : Cleaned.
:mozilla.853:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wgkowkdpgbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.139:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.140:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.141:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.142:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.143:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.127:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.955:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.125:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.126:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.175:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.75:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.251:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.252:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.253:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.254:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.302:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.815:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Hypertracker : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@hypertracker[1].txt -> TrackingCookie.Hypertracker : Cleaned.
:mozilla.554:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\eh336546.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.582:C:\Documents and Settings\

#6 OFFLINE rridgely

I hate computers

Moderators
8,858 posts

Gender:Male

Posted 16 September 2006 - 05:42 PM

Good job.

Lets do the same with another program.

Download Superantispyware

Load Superantispyware and click the check for updates button.
Once the update is finished click the scan your computer button.
Check Perform Complete Scan and then next.
Superantispyware will now scan your computer and when its finished it will list all the infections it has found.
Make sure that they all have a check next to them and press next.
Click finish and you will be taken back to the main interface.
Click Preferences and then click the statistics/logs tab. Click the dated log and press view log and a text file will appear.
Copy and paste the log onto the forum.

Follow the instructions like you did with ewido and then post the superantispyware log and a hijack this log.

#7 OFFLINE hgreen

Newbie

Members
4 posts

Posted 23 September 2006 - 06:52 AM

SUPERAntiSpyware Scan Log
Generated 09/23/2006 at 02:02 AM

Core Rules Database Version : 3090
Trace Rules Database Version: 1119

Memory threats detected : 0
Registry threats detected : 47
File threats detected : 273

Adware.MyWay
HKLM\Software\Classes\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10}
HKCR\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10}
HKCR\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10}
HKCR\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10}\InprocServer32
C:\Program Files\iMeshBar\bar\1.bin\IMESHBAR.DLL
HKLM\Software\MyWay
HKLM\Software\MyWay\myBar
HKLM\Software\MyWay\myBar#Dir
HKLM\Software\MyWay\myBar#pid
HKLM\Software\MyWay\myBar#CurInstall
HKLM\Software\MyWay\myBar#sr
HKLM\Software\MyWay\myBar#pl
HKLM\Software\MyWay\myBar#Id
HKLM\Software\MyWay\myBar#CacheDir
HKLM\Software\MyWay\myBar#HistoryDir
HKLM\Software\MyWay\myBar#Visible
HKLM\Software\MyWay\myBar#Maximized
HKLM\Software\MyWay\myBar#SettingsDir
HKLM\Software\MyWay\myBar#ConfigRevisionURL
HKLM\Software\MyWay\myBar#ConfigDateStamp
C:\Program Files\MyWay\myBar\History\search
C:\Program Files\MyWay\myBar\History
C:\Program Files\MyWay\myBar\Settings\prevcfg.htm
C:\Program Files\MyWay\myBar\Settings
C:\Program Files\MyWay\myBar
C:\Program Files\MyWay

Spyware.WebSearch (WinTools/HuntBar)
HKLM\Software\Classes\CLSID\{8DA5457F-A8AA-4CCF-A842-70E6FD274094}
HKCR\CLSID\{8DA5457F-A8AA-4CCF-A842-70E6FD274094}
HKCR\CLSID\{8DA5457F-A8AA-4CCF-A842-70E6FD274094}
HKCR\CLSID\{8DA5457F-A8AA-4CCF-A842-70E6FD274094}\InprocServer32
HKCR\CLSID\{8DA5457F-A8AA-4CCF-A842-70E6FD274094}\InprocServer32#ThreadingModel
C:\PROGRA~1\COMMON~1\WinTools\WToolsT.dll
C:\Program Files\Common Files\WinTools\iwuivj.wzg
C:\Program Files\Common Files\WinTools\rmhgxlmu.wzg
C:\Program Files\Common Files\WinTools\Update
C:\Program Files\Common Files\WinTools\WToolsC.cfg
C:\Program Files\Common Files\WinTools\WToolsD.cfg
C:\Program Files\Common Files\WinTools\WToolsP.cfg
C:\Program Files\Common Files\WinTools
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000#Service
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000#Legacy
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000#ConfigFlags
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000#Class
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000#ClassGUID
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000#DeviceDesc
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinTools_ESIES
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinTools_ESIES#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinTools_ESIES#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinTools_ESIES#Publisher
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinTools_ESIES#URLInfoAbout

Browser Hijacker.Internet Explorer Zone Hijack
HKU\S-1-5-21-484763869-706699826-1957994488-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\iwon.com
HKU\S-1-5-21-484763869-706699826-1957994488-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\iwon.com#*
HKU\S-1-5-21-484763869-706699826-1957994488-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\iwon.com#https

Adware.Tracking Cookie
C:\Documents and Settings\Administrator\Cookies\administrator@apmebf[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@i.screensavers[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@maxserving[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@roiservice[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@c.enhance[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@web4.realtracker[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.reunion[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@superstats[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@snagajob.122.2o7[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@valueclick[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@partypoker[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@clickbank[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@hisfirstgaysex[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@tradedoubler[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.pricescan[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@hurricanedigitalmedia[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@bluestreak[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@experclick[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@azjmp[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@77102531[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.specificmedia[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@planetout.122.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@xiti[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@metareward[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@z1.adserver[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.starpulse[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@vhost.oddcast[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ath.belnk[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.screensavers[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@1[3].txt
C:\Documents and Settings\Administrator\Cookies\administrator@pch.122.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@hypertracker[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@as.adwave[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adbrite[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@pacificpoker[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@35487201[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@kanoodle[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@cgi-bin[4].txt
C:\Documents and Settings\Administrator\Cookies\administrator@revsci[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.adsag[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@cgi-bin[5].txt
C:\Documents and Settings\Administrator\Cookies\administrator@cbs.112.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adprofile[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@perf.overture[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@tribalfusion[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@qksrv[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.admarketplace[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.imesh[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@entrepreneur.122.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@citi.bridgetrack[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@exitexchange[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@1.primaryads[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@hbmediapro[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@508[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@888[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@gateway.fundsexpress[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.asexstories[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@as-us.falkag[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@0[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@cassava[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[3].txt
C:\Documents and Settings\Administrator\Cookies\administrator@bs.serving-sys[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@qnsr[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@cgi-bin[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.addynamix[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@rccl.bridgetrack[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@stats1.reliablestats[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads2.drivelinemedia[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@edge.ru4[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@611[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@sexsearchcom[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@276[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adecn[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@leadgenetwork[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@as1.falkag[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@1071841107[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@nextag[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@0[3].txt
C:\Documents and Settings\Administrator\Cookies\administrator@bookspan.122.2o7[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@paypopup[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@interclick[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@image.masterstats[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@revenue[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adopt.hbmediapro[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.jackpot[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@xxxcounter[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@a.websponsors[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.glispatrack[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@questionmarket[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@indextools[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@735[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@rotator.adjuggler[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@valuead[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@trafficmp[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@serving-sys[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@counter.relmaxtop[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@gaymilitaryxxx[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@statcounter[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@belnk[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@partner2profit[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@icc.intellisrv[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.entrepreneur[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@fastclick[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@server.iad.liveperson[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@80503492[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adlegend[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@42435556[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@1[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@dynamicsitestats[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ss[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.cashclicks[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@winfixer[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@premiumnetworkrocks.valuead[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@banner[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.azoogleads[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.adserv[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adknowledge[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.stopzilla[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adtrack.wildwabbit[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@offeroptimizer[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.pno[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.realcastmedia[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.pointroll[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@zedo[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@partypoker.touchclarity[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@hits.clickandtrack[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adopt.specificclick[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adv.webmd[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@realcastmedia[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adopt.euroclick[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.monster[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@247realmedia[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@bizrate[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@tacoda[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.adtrak[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@creativeby.viewpoint[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@imp.partner2profit[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@sav.coolsavings[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@embarq.112.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@realmedia[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.us.e-planning[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@login.tracking101[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@server.cpmstar[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.cc214142[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@nbads[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@html[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.realtechnetwork[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@cgi-bin[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@74613876[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.rowise[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.incentaclick[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ifriends[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@network.realmedia[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@admarketplace[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@s1[4].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.adtrust[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@click.cashengines[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@webpower[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@clickaction[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@41397737[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.newgrounds[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@LPBofA1[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.zanox[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@emarketmakers[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.metareward[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@xxxbookies[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@clickauditor[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@lsfnetwork.122.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adultfriendfinder[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@pro-market[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@reduxads.valuead[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.burstbeacon[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@entrepreneur[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@track.powweb[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@server3.web-stat[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@entrepreneur.us.intellitxt[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ugl.adtrak[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@atwola[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@1071401469[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@tracking[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@smileycentral[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@microsofteup.112.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adserver.filefront[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.888[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wgkowkdpgbp.stats.esomniture[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@s1[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@starware[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@burstnet[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@fortunecity[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@as-eu.falkag[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@gayblinddatesex[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@data4.perf.overture[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@conversiontracker[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@drugs[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@data3.perf.overture[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.winfixer[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@da-tracking[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@stats.calphalon[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.chatxxxmag[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.sexspies[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@589.sex-gay-vids[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@sales.liveperson[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@cgi[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@publishers.clickbooth[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@clicksmartaffiliates[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@anad.tacoda[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@32849030[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@tagworld[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@1070411734[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@roi.clicklab[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@cgi-bin[6].txt
C:\Documents and Settings\Administrator\Cookies\administrator@1071399691[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@cs.sexcounter[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@60426941[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@paycounter[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@stat.dealtime[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@keywordmax[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@1068640503[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@sec1.liveperson[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.burstnet[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@anat.tacoda[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@mb[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@gayhentaixxx[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@advertpro[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@as.adwave[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@banners[1].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@a.websponsors[1].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@adknowledge[1].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@adopt.hbmediapro[2].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@ads.asexstories[1].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@ads.cc214142[2].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@ads.jackpot[2].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@as.adwave[2].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@banners[1].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@belnk[1].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@cgi.gaysexswap[1].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@dist.belnk[2].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@hbmediapro[2].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@hits.clickandtrack[1].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@hurricanedigitalmedia[2].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@icc.intellisrv[2].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@maxserving[1].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@nextag[1].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@offeroptimizer[2].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@pacificpoker[1].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@partypoker.touchclarity[1].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@partypoker[2].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@realmedia[1].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@server.cpmstar[2].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@winfixer[2].txt
C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@xiti[1].txt

Registry Cleaner Trial
HKCR\Install.Install
HKCR\Install.Install\CLSID
HKCR\Install.Install\CurVer
HKCR\Install.Install.1
HKCR\Install.Install.1\CLSID

Adware.ClickSpring/Yazzle
HKLM\Software\Cowabanga
C:\Program Files\Cowabanga\License.txt
C:\Program Files\Cowabanga

#8 OFFLINE rridgely

I hate computers

Moderators
8,858 posts

Gender:Male

Posted 23 September 2006 - 05:39 PM

Nice job now post a new hijackthis log.

Back to Spyware Hell