A few things happened when I tried running the smitfraudfix cleanup. They may be insignificant, but I just thought you should know. When I got the prompt: "Registry cleaning - Do you want to clean the registry?", a grey window popped up for "Disk Cleanup" and it said it was checking to see how much "space" could be gained from the cleanup or something like that. It had a progress bar showing how far along it was. I figured it wasn't related to smitfraudfix so I canceled the Disk Cleanup box, clicked back on the smitfraud window and continued on to say yes to the Registry cleaning. I was in Safe Mode when this happened and I hadn't started any other programs beside SmitFraud. Secondly it never gave me the prompt to replace the infected "wininet.dll" file though I'm pretty sure I saw that one at the bottom of one of the previous logs I posted. It didn't prompt me to restart the computer, but it did bring up the log in notepad. I restarted the computer and am now back in Normal Mode. I noticed the desktop background I had is now replaced with solid blue. Is all of this normal? Anyway here is my latest SmitFraudFix log: SmitFraudFix v2.148 Scan done at 18:43:20.65, Sat 03/17/2007 Run from C:\Documents and Settings\Daniel\Desktop\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT The filesystem type is NTFS Fix run in safe mode »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{aed6f6a3-183c-488d-9f90-23db99f56e7f}"="apathies" [HKEY_CLASSES_ROOT\CLSID\{aed6f6a3-183c-488d-9f90-23db99f56e7f}\InProcServer32] @="C:\WINDOWS\system32\geplxss.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{aed6f6a3-183c-488d-9f90-23db99f56e7f}\InProcServer32] @="C:\WINDOWS\system32\geplxss.dll" »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files C:\WINDOWS\system32\geplxss.dll Deleted C:\DOCUME~1\Daniel\FAVORI~1\Online Security Test.url Deleted »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning Registry Cleaning done. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» End Thanks again for all your help. Incase something didn't go right with the Registry Cleanup, I'll wait to hear back from you before doing anything further.

0

Something went wrong with the disk cleanup. Click start> my computer> right click "local disk c:"> properties> click "disk cleanup" and let it run untill it is finisheed then restart the computer. Then restart the computer and let me know if you got the desktop back.

0

I finished the Disk Cleanup successfully and restarted, but the desktop is still a plain blue. Any ideas?? Would it hurt if I just tried setting the desktop background back to the original image I had in "Appearances and Themes" under the control panel? Let me know your thoughts. P.S. I'm sticking close to the computer now so I can give you quicker response ;)

0

Set it back then go to start> control panel> display> desktop> customize desktop> web > if there is anythig there other than "my current home page" remove it. If that did not help go to this link http://www.geekstogo.com/forum/page-1-t38725-s0.html scroll down to GerryF's second post and download and run the two .reg files. You may have to join the forum by registering but it doesn't take but a minute.

0

I reapplied my desktop background and that seems to have done the trick. I checked under the Webs tab of Desktop Items and didn't see anything listed there so I'm assuming everything's okay. Shall I move on to disabling "mnew4win" and the other stuff then post the next log?

0

Yes continue with the virus removal.

0

Okay here's the scoop: I went into the services section of Administrative Tools and took a look at all the files you mentioned to stop. Each one of them were marked as already stopped and only gave me the option to "Start" them. So I bypassed that step. However I did notice that many of them were set to Manual or Automatic in the drop down list so I made sure to set each of those to "Disabled". Next when I ran the Hijack scan it only came up with the "04" HKLMs and none of the "023" Services. I figured it might have something to do with those being ones related to the files that were already stopped in Administrative Tools. I checked the ones that were there and had them fixed. I'm now trying to add the path files you recommended to Killbox from the clipboard, but everytime I use the "paste from clipboard" function it appears to do nothing. If I directly paste into the path dropdown list it will paste the first of the paths copied, but that's it. I have the "All Files" button selected but it appears it will only let me do one path at a time. I'm not really sure what to do. What's the best course of action? Should I just delete each path one by one? And if so should I still have "Delete on Reboot" checked? P.S. Thanks for sticking with me on this jabuck. I do notice a significant improvement on my PC's performance and stability.

0

I don't know what the problem with Killbox is but lets try a different tool. Please download “Avenger” by swandog46 to your desktop from this link http://swandog46.geekstogo.com/avenger.zip 1. Click on Avenger.zip to open the file Extract avenger.exe to your desktop 2. Copy all the text contained in the area between the X"s below to your Clipboard by highlighting it and pressing (Ctrl+C): XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Files to delete: C:\Documents and Settings\Daniel\Local Settings\Temp\winlogon.exe C:\WINDOWS\System32\win32bootcfg.exe C:\WINDOWS\System32\mssvcc.exe C:\WINDOWS\System32\mssecure.exe C:\WINDOWS\System32\msconfig32.exe C:\WINDOWS\system32\mnew4win.exe C:\WINDOWS\win32host.exe XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system. 3. Now, start The Avenger program by clicking on its icon on your desktop. Under "Script file to execute" choose "Input Script Manually". Now click on the Magnifying Glass icon which will open a new window titled "View/edit script" Paste the text copied to clipboard into this window by pressing (Ctrl+V). Click Done Now click on the Green Light to begin execution of the script Answer "Yes" twice when prompted. 4. The Avenger will automatically do the following: It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.) On reboot, it will briefly open a black command window on your desktop, this is normal. After the restart, it creates a log file that should open with the results of Avenger's actions. This log file will be located at C:\avenger.txt The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip. 5. Please copy/paste the content of c:\avenger.txt into your reply and the other logs please.

0

Hi Here are my results from running Avenger: Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\hdrfkuiv ******************* Script file located at: \??\C:\xcltkqqq.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: File C:\Documents and Settings\Daniel\Local Settings\Temp\winlogon.exe not found! Deletion of file C:\Documents and Settings\Daniel\Local Settings\Temp\winlogon.exe failed! Could not process line: C:\Documents and Settings\Daniel\Local Settings\Temp\winlogon.exe Status: 0xc0000034 File C:\WINDOWS\System32\win32bootcfg.exe not found! Deletion of file C:\WINDOWS\System32\win32bootcfg.exe failed! Could not process line: C:\WINDOWS\System32\win32bootcfg.exe Status: 0xc0000034 File C:\WINDOWS\System32\mssvcc.exe not found! Deletion of file C:\WINDOWS\System32\mssvcc.exe failed! Could not process line: C:\WINDOWS\System32\mssvcc.exe Status: 0xc0000034 File C:\WINDOWS\System32\mssecure.exe not found! Deletion of file C:\WINDOWS\System32\mssecure.exe failed! Could not process line: C:\WINDOWS\System32\mssecure.exe Status: 0xc0000034 File C:\WINDOWS\System32\msconfig32.exe not found! Deletion of file C:\WINDOWS\System32\msconfig32.exe failed! Could not process line: C:\WINDOWS\System32\msconfig32.exe Status: 0xc0000034 File C:\WINDOWS\system32\mnew4win.exe not found! Deletion of file C:\WINDOWS\system32\mnew4win.exe failed! Could not process line: C:\WINDOWS\system32\mnew4win.exe Status: 0xc0000034 File C:\WINDOWS\win32host.exe not found! Deletion of file C:\WINDOWS\win32host.exe failed! Could not process line: C:\WINDOWS\win32host.exe Status: 0xc0000034 Completed script processing. ******************* Finished! Terminate. It seems as if they are no longer on the computer. Unfortunately, that's all I can post for now, I've got to go to work. I'll be back at 8 tonight so don't worry about checking this thread for posts until then. I'll post the other logs when I get back. Talk to you then. Thanks.

0

Okay, here's my AVG report: AVG Anti-Spyware - Scan Report + Created at: 12:04:58 AM 3/19/2007 + Scan result: C:\WINDOWS\system32\c.bat -> Backdoor.BotGet.FtpA : Cleaned. C:\WINDOWS\browser.exe -> Hijacker.Small : Cleaned. :mozilla.125:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.126:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.127:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.128:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.129:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.130:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.131:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.132:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.133:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.134:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.135:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.136:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.138:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.139:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.140:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.141:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.321:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.341:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.372:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.457:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.520:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.567:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq1F.tmp -> TrackingCookie.2o7 : Cleaned. :mozilla.12:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.13:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.16:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.17:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.30:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.31:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.32:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.33:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.34:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.274:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.275:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.277:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.278:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.279:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.163:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.164:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq23.tmp -> TrackingCookie.Adtech : Cleaned. :mozilla.143:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.144:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.145:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.146:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.147:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq24.tmp -> TrackingCookie.Advertising : Cleaned. :mozilla.11:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.40:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq25.tmp -> TrackingCookie.Atdmt : Cleaned. :mozilla.37:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Bfast : Cleaned. :mozilla.40:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned. :mozilla.84:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq28.tmp -> TrackingCookie.Bluestreak : Cleaned. :mozilla.784:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned. :mozilla.368:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned. :mozilla.785:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2A.tmp -> TrackingCookie.Burstnet : Cleaned. :mozilla.224:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.227:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.228:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.229:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2B.tmp -> TrackingCookie.Casalemedia : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2C.tmp -> TrackingCookie.Clickbank : Cleaned. :mozilla.383:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Com : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2D.tmp -> TrackingCookie.Com : Cleaned. :mozilla.14:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.14:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.15:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.15:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.16:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.17:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.18:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.18:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.19:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.20:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.21:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.36:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.37:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.8:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2F.tmp -> TrackingCookie.Doubleclick : Cleaned. :mozilla.443:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Enhance : Cleaned. :mozilla.444:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Enhance : Cleaned. :mozilla.422:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.423:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.424:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.425:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.426:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.427:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.428:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.429:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.430:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.431:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.432:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.433:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.322:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.323:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.324:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.13:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.19:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.20:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.154:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.155:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.156:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.157:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.158:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.159:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.32:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.33:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. C:\Program Files\Enigma Software Group\SpyHunter\Backup\daniel@fastclick[2].txt.bak -> TrackingCookie.Fastclick : Cleaned. C:\Program Files\Enigma Software Group\SpyHunter\Backup\daniel@media.fastclick[2].txt.bak -> TrackingCookie.Fastclick : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq31.tmp -> TrackingCookie.Fastclick : Cleaned. :mozilla.216:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Gemius : Cleaned. :mozilla.217:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Gemius : Cleaned. :mozilla.240:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq35.tmp -> TrackingCookie.Hitbox : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq38.tmp -> TrackingCookie.Hitbox : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq39.tmp -> TrackingCookie.Hitbox : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3A.tmp -> TrackingCookie.Hitbox : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3B.tmp -> TrackingCookie.Hitslink : Cleaned. :mozilla.465:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned. :mozilla.737:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Information : Cleaned. :mozilla.729:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Live : Cleaned. :mozilla.730:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Live : Cleaned. :mozilla.731:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Live : Cleaned. :mozilla.740:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned. :mozilla.741:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned. :mozilla.742:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned. :mozilla.743:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned. :mozilla.744:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned. :mozilla.745:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned. :mozilla.746:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned. :mozilla.10:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned. :mozilla.10:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned. :mozilla.11:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned. :mozilla.9:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3C.tmp -> TrackingCookie.Mediaplex : Cleaned. :mozilla.38:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Netflame : Cleaned. :mozilla.39:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Netflame : Cleaned. :mozilla.750:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.751:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq44.tmp -> TrackingCookie.Onestat : Cleaned. :mozilla.247:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Overture : Cleaned. :mozilla.248:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Overture : Cleaned. :mozilla.249:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Overture : Cleaned. :mozilla.250:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Overture : Cleaned. :mozilla.251:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Overture : Cleaned. :mozilla.566:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned. :mozilla.101:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Paypal : Cleaned. :mozilla.328:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.329:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.330:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.331:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3D.tmp -> TrackingCookie.Pointroll : Cleaned. :mozilla.570:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned. :mozilla.571:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned. :mozilla.236:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned. :mozilla.237:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned. :mozilla.191:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.192:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.193:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3E.tmp -> TrackingCookie.Questionmarket : Cleaned. :mozilla.583:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned. :mozilla.584:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned. :mozilla.585:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned. :mozilla.586:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned. :mozilla.587:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3F.tmp -> TrackingCookie.Realmedia : Cleaned. :mozilla.763:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned. :mozilla.589:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Revenue : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq40.tmp -> TrackingCookie.Revenue : Cleaned. :mozilla.176:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.177:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.178:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.179:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.184:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.185:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.692:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.273:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned. :mozilla.276:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned. :mozilla.280:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned. :mozilla.281:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned. :mozilla.282:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned. :mozilla.283:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned. :mozilla.284:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq30.tmp -> TrackingCookie.Ru4 : Cleaned. :mozilla.262:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.263:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.264:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.265:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.266:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.267:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq41.tmp -> TrackingCookie.Serving-sys : Cleaned. :mozilla.88:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.89:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.90:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.91:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.92:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.93:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq42.tmp -> TrackingCookie.Sextracker : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq43.tmp -> TrackingCookie.Sextracker : Cleaned. :mozilla.219:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.220:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.325:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned. :mozilla.326:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned. :mozilla.327:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned. :mozilla.206:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.207:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.208:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq45.tmp -> TrackingCookie.Statcounter : Cleaned. :mozilla.214:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.65:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.66:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.67:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.68:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.694:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.69:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.70:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq46.tmp -> TrackingCookie.Tacoda : Cleaned. :mozilla.199:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned. :mozilla.200:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq47.tmp -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.624:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.625:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.626:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.627:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.628:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.629:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.630:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.631:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.632:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq48.tmp -> TrackingCookie.Trafficmp : Cleaned. :mozilla.6:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.6:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.7:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.7:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq49.tmp -> TrackingCookie.Tribalfusion : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4A.tmp -> TrackingCookie.Valueclick : Cleaned. :mozilla.119:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.47:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cs5p2sf0.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned. :mozilla.718:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4B.tmp -> TrackingCookie.Webtrendslive : Cleaned. :mozilla.681:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Yadro : Cleaned. :mozilla.170:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.171:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.172:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.173:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.174:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.175:C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\y7rudoee.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq20.tmp -> TrackingCookie.Yieldmanager : Cleaned. C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4D.tmp -> TrackingCookie.Zedo : Cleaned. ::Report end You weren't kidding when you said it might take a while, but man was I surprised. It found all kinds of wierd stuff. And I had JUST used my Spybot and Ad-Aware. Some of the finds were quite alarming. Especially that "Hijacker.Small" file. I've been using this computer for 4 years now. Who knows how long that thing's been hiding! I'd like to continue using this program in the future in conjunction with my other spyware and anti-virus programs. Does anyone out there know if there is a problem with having multiple anti spyware programs running their real-time protection simultaneously? Or is it better to choose one for real-time monitoring and keep the others around for manual scanning only? If anyone knowledgeable about the subject knows about conflict between multiple spyware programs, I'd love to hear your suggestions. Thanks.

0

Here is my "ComboScan.txt" file and "Supplementary.txt" file: ComboScan v20070306.20 run by Daniel on 2007-03-19 at 00:50:35 Computer is in Normal Mode. ---------------------- -- System Res--------- Successfully created ComboScan Restore Point. -- Last 2 Restore Point(s) -- 2: 2007-03-19 07:50:40 UTC - RP2 - ComboScan Restore Point 1: 2007-03-19 04:22:29 UTC - RP1 - System Checkpoint Performed disk cleanup. -- HijackThis (run as Daniel.---------------------- Logfile of HijackThis v1.99.1 Scan saved at 12:50:46 AM, on 3/19/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\System32\fryhser.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Tablet.exe C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\Yahoo!\browser\ycommon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.exe C:\PROGRA~1\Yahoo!\YOP\yop.exe C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\CleanMyPC\Registry Cleaner\RCScheduler.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\WTablet\TabUserW.exe C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe C:\Documents and Settings\Daniel\Desktop\comboscan.exe C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\HIJACK~1\Daniel.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [frymxins] frymxins O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.exe /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.exe /IMEName O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.exe /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600" O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [Registry Cleaner Scheduler] "C:\Program Files\CleanMyPC\Registry Cleaner\RCScheduler.exe" /startup O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" -quiet O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?lin... O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microso... O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microso... O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/download... O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{60F16BAA-5FF3-498B-9F38-CD56E189E4B8}: NameServer = 68.94.156.1,68.94.157.1 O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: FGLRYUTIL (FGLRYUtil) - ATI Technologies, Inc. - C:\WINDOWS\System32\fryhser.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe -- HijackThis Fixed Entries (C:\PROGRA~1\HIJACK~1\backups\) -------------------- backup-20070317-220020-300 O4 - HKLM\..\RunServices: [secures23] mssecure.exe backup-20070317-220020-365 O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u backup-20070317-220020-543 O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k backup-20070317-220020-632 O4 - HKLM\..\RunServices: [msconfig38] mssvcc.exe backup-20070317-220020-728 O4 - HKLM\..\Run: [secures23] mssecure.exe backup-20070317-220020-740 O4 - HKLM\..\Run: [msconfig38] mssvcc.exe backup-20070317-220020-960 O4 - HKLM\..\Run: [Windows Core Kernel Update] C:\WINDOWS\System32\win32bootcfg.exe backup-20070317-220020-962 O4 - HKCU\..\Run: [Firewall auto setup] C:\DOCUME~1\Daniel\LOCALS~1\Temp\winlogon.exe backup-20070317-220020-969 O4 - HKLM\..\RunServices: [Compaq32 Service Drivers] msconfig32.exe -- File Associat------ .bat - batfile - "%1" %* .chm - chm.file - "C:\WINDOWS\hh.exe" %1 .cmd - cmdfile - "%1" %* .com - comfile - "%1" %* .exe - exefile - "%1" %* .hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1 .inf - inffile - %SystemRoot%\System32\NOTEPAD.exe %1 .ini - inifile - %SystemRoot%\System32\NOTEPAD.exe %1 .js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %* .lnk - lnkfile - {00021401-0000-0000-C000-000000000046} .pif - piffile - "%1" %* .reg - regfile - regedit.exe "%1" .scr - scrfile - "%1" /S .txt - txtfile - %SystemRoot%\system32\NOTEPAD.exe %1 .vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %* -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- 3R aeaudio - C:\WINDOWS\system32\drivers\aeaudio.sys 3R ati2mtag - C:\WINDOWS\system32\drivers\ati2mtag.sys 3S atifglry - C:\WINDOWS\system32\drivers\fglrym.sys 1R AVG Anti-Spyware Driver - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys 1R Avg7Core (AVG7 Kernel) - C:\WINDOWS\system32\drivers\avg7core.sys 1R Avg7RsW (AVG7 Wrap Driver) - C:\WINDOWS\system32\drivers\avg7rsw.sys 1R Avg7RsXP (AVG7 Resident Driver XP) - C:\WINDOWS\system32\drivers\avg7rsxp.sys 1R AvgAsCln (AVG Anti-Spyware Clean Driver) - C:\WINDOWS\system32\drivers\AvgAsCln.sys 1R AvgClean (AVG7 Clean Driver) - C:\WINDOWS\system32\drivers\avgclean.sys 2R AvgTdi (AVG Network Redirector) - C:\WINDOWS\system32\drivers\avgtdi.sys 3S bvrp_pci - C:\WINDOWS\system32\drivers\bvrp_pci.sys 1R Cdr4_xp - C:\WINDOWS\system32\drivers\cdr4_xp.sys 1R Cdralw2k - C:\WINDOWS\system32\drivers\cdralw2k.sys 1R cdudf_xp - C:\WINDOWS\system32\drivers\cdudf_xp.sys 3R dvd_2K - C:\WINDOWS\system32\drivers\Dvd_2k.sys 3R E1000 (Intel(R) PRO/1000 Network Connection Driver) - C:\WINDOWS\system32\drivers\e1000325.sys 3R FETNDISB (D-Link PCI Fast Ethernet Adapter Driver Service) - C:\WINDOWS\system32\drivers\dlkfet5b.sys 3R GEARAspiWDM - C:\WINDOWS\system32\drivers\GEARAspiWDM.sys 3R hidusb (Microsoft HID Class Driver) - C:\WINDOWS\system32\drivers\hidusb.sys 3R HSFHWBS2 - C:\WINDOWS\system32\drivers\HSFHWBS2.sys 3R HSF_DP - C:\WINDOWS\system32\drivers\HSF_DP.sys 1R intelppm (Intel Processor Driver) - C:\WINDOWS\system32\drivers\intelppm.sys 2R mdmxsdk - C:\WINDOWS\system32\drivers\mdmxsdk.sys 3S mmc_2K - C:\WINDOWS\system32\drivers\Mmc_2k.sys 3R MODEMCSA (Unimodem Streaming Filter Device) - C:\WINDOWS\system32\drivers\MODEMCSA.sys 3R mouhid (Mouse HID Driver) - C:\WINDOWS\system32\drivers\mouhid.sys 3S NAVENG - C:\Program Files\Common Files\Symantec Shared\VirusDefs\20070314.017\NAVENG.SYS 3S NAVEX15 - C:\Program Files\Common Files\Symantec Shared\VirusDefs\20070314.017\NAVEX15.SYS 1R OMCI - C:\WINDOWS\system32\drivers\omci.sys 3S PCTINDIS5 (PCTINDIS5 NDIS Protocol Driver) - C:\WINDOWS\system32\PCTINDIS5.SYS (not found) 0R PenClass (Pen Class) - C:\WINDOWS\system32\drivers\penclass.sys 1R pwd_2k - C:\WINDOWS\system32\drivers\pwd_2K.sys 0R PxHelp20 - C:\WINDOWS\system32\drivers\PxHelp20.sys 3S RimSerPort (RIM Virtual Serial Port) - C:\WINDOWS\system32\drivers\RimSerial.sys 3S ROOTMODEM (Microsoft Legacy Modem Driver) - C:\WINDOWS\system32\drivers\rootmdm.sys 3S SAVRT - C:\WINDOWS\system32\drivers\SAVRT.SYS 2R SAVRTPEL - C:\WINDOWS\system32\drivers\SAVRTPEL.SYS 3R smwdm - C:\WINDOWS\system32\drivers\smwdm.sys 0R snapman (Acronis Snapshots Manager) - C:\WINDOWS\system32\drivers\snapman.sys 3R SymEvent - C:\Program Files\Symantec\SYMEVENT.SYS 3R SYMREDRV - C:\WINDOWS\system32\drivers\symredrv.sys 1R SYMTDI - C:\WINDOWS\system32\drivers\symtdi.sys 2R tifsfilter (Acronis True Image FS Filter) - C:\WINDOWS\system32\drivers\tifsfilt.sys 0R timounter (Acronis True Image Backup Archive Explorer) - C:\WINDOWS\system32\drivers\timntr.sys 1R UdfReadr_xp - C:\WINDOWS\system32\drivers\udfreadr_xp.sys 3S usbccgp (Microsoft USB Generic Parent Driver) - C:\WINDOWS\system32\drivers\usbccgp.sys 3R usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - C:\WINDOWS\system32\drivers\usbehci.sys 3S usbprint (Microsoft USB PRINTER Class) - C:\WINDOWS\system32\drivers\usbprint.sys 3S usbscan (USB Scanner Driver) - C:\WINDOWS\system32\drivers\usbscan.sys 3S USBSTOR (USB Mass Storage Driver) - C:\WINDOWS\system32\drivers\usbstor.sys 3R winachsf - C:\WINDOWS\system32\drivers\HSF_CNXT.sys 4S WS2IFSL (Windows Socket 2.0 Non-IFS Service Provider Support Environment) - C:\WINDOWS\system32\drivers\ws2ifsl.sys 3S WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - C:\WINDOWS\system32\drivers\WudfPf.sys 3S WudfRd (Windows Driver Foundation - User-mode Driver Framework Reflector) - C:\WINDOWS\system32\drivers\WudfRd.sys 3R YMIDUSB (YAMAHA Corporation USB MIDI Driver) - C:\WINDOWS\system32\drivers\ymidusb.sys -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- 2R AcrSch2Svc (Acronis Scheduler2 Service) - "C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe" 3S Adobe LM Service - "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe" 2R Ati HotKey Poller - C:\WINDOWS\system32\Ati2evxx.exe 2R AVG Anti-Spyware Guard - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe 2R Avg7Alrt (AVG7 Alert Manager Server) - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe 2R Avg7UpdSvc (AVG7 Update Service) - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe 2R AVGEMS (AVG E-mail Scanner) - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe 2R CCALib8 (Canon Camera Access Library 8) - C:\Program Files\Canon\CAL\CALMAIN.exe 2R ccEvtMgr (Symantec Event Manager) - "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" 3S ccPwdSvc (Symantec Password Validation Service) - "C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe" 2R FGLRYUtil - C:\WINDOWS\System32\fryhser.exe 3S IDriverT (InstallDriver Table Manager) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 3R iPodService - C:\Program Files\iPod\bin\iPodService.exe 4S mnew4win - C:\WINDOWS\system32\mnew4win.exe -s 3S navapsvc (Norton AntiVirus Auto Protect Service) - "C:\Program Files\Norton AntiVirus\navapsvc.exe" 3S ose (Office Source Engine) - "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.exe" 4S Pdfr10utu - 2S SBService (ScriptBlocking Service) - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe 3S SNDSrvc (Symantec Network Drivers Service) - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe 2R SymWSC (SymWMI Service) - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe 2R TabletService - C:\WINDOWS\system32\Tablet.exe 4S Win32Kernel (Win32 Kernel Update) - "C:\WINDOWS\win32host.exe" -- Scheduled T-------- 2007-03-19 00:18:51 414 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job<SYMANT~1.JOB> 2007-03-16 20:51:42 466 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer.job<NORTON~1.JOB> -- Files created between 2007-02-19 and 20--------- 2007-03-18 22:00:18 3968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-03-18 10:17:31 0 d-------- C:\avenger 2007-03-18 10:12:08 0 dr-h----- C:\$VAULT$.AVG 2007-03-17 22:01:51 0 d-------- C:\!KillBox 2007-03-17 21:32:53 0 d-------- C:\Documents and Settings\Daniel\Application Data\AVG7 2007-03-17 21:32:41 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7 2007-03-17 21:32:39 4960 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys 2007-03-17 21:32:39 19392 --a------ C:\WINDOWS\system32\drivers\avgmfx86.sys 2007-03-17 21:32:39 3968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys 2007-03-17 21:32:37 27776 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys 2007-03-17 21:32:37 4224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys 2007-03-17 21:32:35 775680 --a------ C:\WINDOWS\system32\drivers\avg7core.sys 2007-03-17 21:32:31 0 d-------- C:\Program Files\Grisoft 2007-03-17 21:32:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2007-03-17 21:32:31 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7 2007-03-17 17:06:22 5792 --a------ C:\WINDOWS\system32\tmp.reg 2007-03-17 03:04:10 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun 2007-03-16 20:36:22 0 d-------- C:\I386 2007-03-16 14:10:16 0 d-------- C:\WINDOWS\pss 2007-03-15 03:49:24 0 d-------- C:\Program Files\Meridian Advance<MERIDI~1> 2007-03-14 22:49:14 0 d-------- C:\Documents and Settings\Daniel\Application Data\Lavasoft 2007-03-14 22:48:58 0 d-------- C:\Program Files\Lavasoft 2007-03-14 04:20:59 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy<SPYBOT~1> 2007-03-05 02:06:24 0 d-------- C:\Program Files\Apophysis 2.0<APOPHY~1.0> 2007-03-02 22:29:22 0 d-------- C:\Program Files\Blender Foundation<BLENDE~1> 2007-02-27 01:07:28 0 d-------- C:\Program Files\Neat Image<NEATIM~1> 2007-02-26 02:01:20 0 d-------- C:\WINDOWS\ie7updates<IE7UPD~1> -- Find3M Re---------- 2007-03-19 00:19:03 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1> 2007-03-19 00:18:24 0 d-------- C:\Program Files\Common Files\Symantec Shared<SYMANT~1> 2007-03-19 00:16:03 337 --a------ C:\WINDOWS\system32\tablet.dat 2007-03-14 22:47:19 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard<WISEIN~1> 2007-03-12 20:40:12 0 d-------- C:\Program Files\Winamp 2007-03-07 02:34:14 0 d-------- C:\Documents and Settings\Daniel\Application Data\Adobe 2007-02-08 07:24:57 0 d-------- C:\Program Files\Sayz Me<SAYZME~1> 2007-01-30 19:51:05 0 d-------- C:\Program Files\Celtx 2007-01-30 19:51:02 0 d-------- C:\Documents and Settings\Daniel\Application Data\Greyfirst<GREYFI~1> 2007-01-29 19:30:12 0 d-------- C:\Program Files\Movie Magic Screenwriter Demo<MOVIEM~2> 2007-01-29 19:15:15 0 d-------- C:\Documents and Settings\Daniel\Application Data\Final Draft<FINALD~1> 2007-01-29 19:13:33 0 d---s---- C:\Documents and Settings\Daniel\Application Data\Microsoft<MICROS~1> 2007-01-29 19:13:29 0 d-------- C:\Program Files\Final Draft Tagger<FINALD~2> 2007-01-29 19:13:29 0 d-------- C:\Program Files\Final Draft 7<FINALD~1> 2007-01-29 19:11:29 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1> 2007-01-29 01:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe 2007-01-12 10:27:42 232960 --a------ C:\WINDOWS\system32\webcheck.dll 2007-01-12 10:27:42 51712 -----n--- C:\WINDOWS\system32\msfeedsbs.dll<MSFEED~1.DLL> 2007-01-12 10:27:42 458752 -----n--- C:\WINDOWS\system32\msfeeds.dll 2007-01-12 10:27:42 6054400 -----n--- C:\WINDOWS\system32\ieframe.dll 2007-01-08 20:04:54 105984 --a------ C:\WINDOWS\system32\url.dll 2007-01-08 20:04:08 102400 --a------ C:\WINDOWS\system32\occache.dll 2007-01-08 20:02:04 266752 --a------ C:\WINDOWS\system32\iertutil.dll 2007-01-08 20:02:04 44544 --a------ C:\WINDOWS\system32\iernonce.dll 2007-01-08 20:02:02 384000 --a------ C:\WINDOWS\system32\iedkcs32.dll 2007-01-08 20:02:02 383488 -----n--- C:\WINDOWS\system32\ieapfltr.dll 2007-01-08 20:02:02 161792 --a------ C:\WINDOWS\system32\ieakui.dll 2007-01-08 20:02:02 230400 --a------ C:\WINDOWS\system32\ieaksie.dll 2007-01-08 20:02:02 153088 --a------ C:\WINDOWS\system32\ieakeng.dll 2007-01-08 20:01:14 17408 --a------ C:\WINDOWS\system32\corpol.dll 2007-01-08 20:00:48 124928 --a------ C:\WINDOWS\system32\advpack.dll 2007-01-08 19:08:14 56832 --a------ C:\WINDOWS\system32\ie4uinit.exe 2007-01-08 19:08:10 13824 --a------ C:\WINDOWS\system32\ieudinit.exe 2006-12-19 14:52:18 134656 --a------ C:\WINDOWS\system32\shsvcs.dll 2006-12-19 11:16:47 333824 --a------ C:\WINDOWS\system32\wiaservc.dll -- Registry ---------- [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "Registry Cleaner Scheduler"="\"C:\\Program Files\\CleanMyPC\\Registry Cleaner\\RCScheduler.exe\" /startup" "Yahoo! Pager"="\"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YAHOOM~1.EXE\" -quiet" "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "frymxins"="frymxins" "BJCFD"="C:\\Program Files\\BroadJump\\Client Foundation\\CFD.exe" "YBrowser"="C:\\PROGRA~1\\Yahoo!\\browser\\ybrwicon.exe" "Motive SmartBridge"="C:\\PROGRA~1\\SBCSEL~1\\SMARTB~1\\MotiveSB.exe" "ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\"" "ccRegVfy"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccRegVfy.exe\"" "Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32" "MSPY2002"="C:\\WINDOWS\\System32\\IME\\PINTLGNT\\ImScInst.exe /SYNC" "PHIME2002ASync"="C:\\WINDOWS\\System32\\IME\\TINTLGNT\\TINTSETP.exe /SYNC" "PHIME2002A"="C:\\WINDOWS\\System32\\IME\\TINTLGNT\\TINTSETP.exe /IMEName" "ATIPTA"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\"" "WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe" "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe" "EPSON Stylus CX6600 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATI9EA.exe /P26 \"EPSON Stylus CX6600 Series\" /O6 \"USB001\" /M \"Stylus CX6600\"" "YOP"="C:\\PROGRA~1\\Yahoo!\\YOP\\yop.exe /autostart" "AdaptecDirectCD"="\"C:\\Program Files\\Roxio\\Easy CD Creator 5\\DirectCD\\DirectCD.exe\"" "TrueImageMonitor.exe"="C:\\Program Files\\Acronis\\TrueImageHome\\TrueImageMonitor.exe" "AcronisTimounterMonitor"="C:\\Program Files\\Acronis\\TrueImageHome\\TimounterMonitor.exe" "Acronis Scheduler2 Service"="\"C:\\Program Files\\Common Files\\Acronis\\Schedule2\\schedhlp.exe\"" "AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP" "!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_USERS\.default\software\microsoft\windows\currentversion\runservices] "Compaq32 Service Drivers"="msconfig32.exe" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\runservices] "Compaq32 Service Drivers"="msconfig32.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "Compaq32 Service Drivers"="msconfig32.exe" "AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgw.exe /RUNONCE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "Compaq32 Service Drivers"="msconfig32.exe" "AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgw.exe /RUNONCE" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=dword:00000000 [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0 -- End of ComboScan: finished at 2007-03-19 at 00:5 And now the Supplementary text file: ComboScan v20070306.20 run by Daniel on 2007-03-19 at 00:50:35 Supplementary logfile - please post this as an attachment with your post. ---------------------- -- System Informa----- Microsoft Windows XP Professional (build 2600) SP 2.0 Architecture: X86; Language: English CPU 0: Intel(R) Pentium(R) 4 CPU 2.80GHz CPU 1: Intel(R) Pentium(R) 4 CPU 2.80GHz Percentage of Memory in Use: 41% Physical Memory (total/avail): 1023 MiB / 602.51 MiB Pagefile Memory (total/avail): 2461.2 MiB / 2105.74 MiB Virtual Memory (total/avail): 2047.88 MiB / 1990.82 MiB A: is Removable (No Media) C: is Fixed (NTFS) - 111.72 GiB total, 43.63 GiB free. D: is CDROM (No Media) -- Security Ce-------- AUOptions is set to notify before install. Windows Internal Firewall is enabled. AV: AVG 7.5.446 v7.5.446 (GRISOFT) AV: Norton AntiVirus v2003 (Symantec Corporation) [COLOR=RED]Disabled[/COLOR] -- Environment Varia-- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Daniel\Application Data CLASSPATH=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=KENSON ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Daniel LOGONSERVER=\\KENSON NUMBER_OF_PROCESSORS=2 OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\Common Files\Adaptec Shared\System;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\backburner 2\ PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel PROCESSOR_LEVEL=15 PROCESSOR_REVISION=0209 ProgramFiles=C:\Program Files PROMPT=$P$G QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\Daniel\LOCALS~1\Temp TMP=C:\DOCUME~1\Daniel\LOCALS~1\Temp USERDOMAIN=KENSON USERNAME=Daniel USERPROFILE=C:\Documents and Settings\Daniel windir=C:\WINDOWS -- User Prof---------- Daniel [I](admin)[/I] Administrator [I](admin)[/I] -- Add/Remove Prog---- --> C:\PROGRA~1\SBCSEL~1\CustomUninstall.exe SBC --> MsiExec.exe /I{0CDCA5CD-C404-41FD-9216-9B4B3D24A7AA} --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3C1B8CBC-9118-11D7-86D3-00055DF3561E}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{775FFF70-4A8C-4500-908D-3C34DBEB11D5}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83021AC3-086F-4B77-ACCD-1BD7C9AB211E}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FAD9402A-1A9B-4ABE-A410-393A3622FA5A}\setup.exe" -l0x9 --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 530TX+ --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{C71A1FD7-EB23-45AA-A9AA-8DFEC0881875} ABBYY FineReader 5.0 Sprint Plus --> MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2} Acronis True Image Home --> MsiExec.exe /X{419CF344-3D94-4DAD-99C8-EA7B00E5EA8B} Ad-Aware SE Personal --> MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747} Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.exe -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll" Adobe After Effects 6.0 --> MsiExec.exe /I{1EC60864-A294-44BF-984A-3E8867D74EA2} Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103} Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39} Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001} Adobe Illustrator CS --> RunDll32 "C:\Program Files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}\setup.exe" Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D} Adobe Stock Photos 1.0 --> MsiExec.exe /I{BC467935-A9A5-4D0F-BD89-94F36CDF0524} Adobe SVG Viewer 3.0 --> C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log Anvil Studio --> C:\WINDOWS\ST5UNST.exe -n "C:\Program Files\Anvil Studio\ST5UNST.LOG" Apophysis 2.0 --> "C:\Program Files\Apophysis 2.0\uninstall.exe" ArcSoft Software Suite --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66C8BE35-8BBB-472B-96C7-C7C9A499F988}\Setup.exe" -l0x9 AT&T Yahoo! Applications --> C:\PROGRA~1\Yahoo!\common\uninstall.exe ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean ATI FGL Display Component Uninstall --> fglrydel.exe rundll32.exe syssetup.dll,SetupInfObjectInstallAction DefaultUnInstall 1 C:\WINDOWS\fglrydel.in AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe Blender (remove only) --> "C:\Program Files\Blender Foundation\Blender\uninstall.exe" BroadJump Client Foundation --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\BroadJump\Client Foundation\Uninst.isu" -c"C:\Program Files\BroadJump\Client Foundation\RmvBJCFD.dll" -b"CFD" -h"CFD" -a Canon Camera Access Library --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{901F8ED7-13E8-43EF-B738-2FE89B0588EB} /l1033 Canon Camera Support Core Library --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A1D0D14A-B776-4907-BC00-5149F2298086} /l1033 Canon Camera Window DC_DV 5 for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F} Canon Camera Window DC_DV 6 for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D} Canon Camera Window DSLR 5 for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{0A146245-DB79-4197-BF5D-FE1A699A2CC7} Canon Camera Window MC 6 for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D} Canon MovieEdit Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{4DBBF091-FACD-422C-B43C-786335BD5398} Canon PhotoRecord --> MsiExec.exe /X{BBBC2B89-E193-4348-A83C-C8DD8210A4AC} Canon RAW Image Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BAA43DA2-B6C5-46EC-B163-0E8EEAF975A4} Canon Utilities PhotoStitch 3.1 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6} Canon ZoomBrowser EX (E) --> MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2} Celtx (0.9.8) --> C:\Program Files\Celtx\uninstall\uninst.exe Chipamp --> C:\Program Files\Winamp\uninstall_chipamp.exe CleanMyPC - Registry Cleaner --> "C:\Program Files\CleanMyPC\Registry Cleaner\unins000.exe" Conexant D850 56K V.9x DFVc Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.exe -U -Idel200fk.inf Conexant SmartHSFi V.9x 56K DF PCI Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2702\HXFSETUP.exe -U -IDel8d8xk.INF D-Link PCI Fast Ethernet Adapter --> Rundll32.exe vuins32.dll,vuins32Ex $Rhine $D-Link Data Lifeguard Tools --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}\Setup.exe" Dell ResourceCD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D78653C3-A8FF-415F-92E6-D774E634FF2D}\setup.exe" DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN Easy CD Creator 5 Basic --> MsiExec.exe /I{609F7AC8-C510-11D4-A788-009027ABA5D0} EPSON CardMonitor --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\Setup.exe" -l0x9 uninst EPSON Copy Utility 3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\Setup.exe" -l0x9 -UnInstall EPSON CX6600 Reference Guide --> C:\Program Files\epson\guide\cx6600_e\uninstall.exe EPSON PhotoStarter3.2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AE704636-ECD0-426C-952E-05B8DABD1949}\Setup.exe" -l0x9 uninst EPSON Printer Software --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.exe /R EPSON Scan --> C:\Program Files\epson\escndv\setup\setup.exe /r EPSON Smart Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\Setup.exe" -l0x9 Uninstall EPSON Web-To-Page --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\Setup.exe" -l0x9 -anything Final Draft 7 --> MsiExec.exe /I{78D62D17-D970-42DA-B8CF-5E5576293B33} Hijackthis 1.99.1 --> "C:\Program Files\Hijackthis\unins000.exe" HijackThis 1.99.1 --> C:\Program Files\Hijackthis\HijackThis.exe /uninstall Intel(R) PRO Network Connections Drivers --> Prounstl.exe iTunes --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{59C4F14F-7590-45FC-BE9F-A67AB3590709} /l1033 J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060} LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE LiveUpdate 1.80 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.exe /U Macromedia Flash Player 8 --> C:\WINDOWS\System32\Macromed\Flash\UninstFl.exe Meridian Advance (remove only) --> "C:\Program Files\Meridian Advance\uninstall.exe" Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office Basic Edition 2003 --> MsiExec.exe /I{91130409-6000-11D3-8CFE-0150048383C9} Microsoft Text-to-Speech Engine 4.0 (English) --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msTTS.inf, Uninstall Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Movie Magic Screenwriter Demo --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{7311892A-5F8E-43EB-A251-87346F0CB2C3} Mozilla Firefox (1.5.0.10) --> C:\Program Files\Mozilla Firefox\uninstall\uninstall.exe /ua "1.5.0.10 (en-US)" MSN Music Assistant --> rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall Neat Image v5 Demo (with plug-in) --> "C:\Program Files\Neat Image\unins000.exe" Nokia Connectivity Adapter Cable DKU-5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F1BA3CD5-89DC-4273-8603-A75F33E9B335}\Setup.exe" -l0x9 Norton AntiVirus 2003 --> MsiExec.exe /I{47D5D869-FE57-4F2F-A358-83CFAA7B4968} Norton WMI Update --> MsiExec.exe /X{1526D87C-A955-4FAB-BF18-697BA457E352} PCFriendly --> C:\Program Files\PCFriendly\inuninst.exe Pcsx2 0.9.1 Watermoose --> "C:\Program Files\Pcsx2\unins000.exe" PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall QuickTime --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1033 Registry Sweeper Pro --> "C:\Program Files\Registry Sweeper - Pro\unins000.exe" Sayz Me --> "C:\Program Files\Sayz Me\Uninstall.exe" "C:\Program Files\Sayz Me\install.log" SBC Self Support Tool --> C:\WINDOWS\Motive\SBC\MCCUninst.exe ScanToWeb --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\setup.exe" ADDREMOVEDLG SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe" System Alert Popup --> C:\DOCUME~1\Daniel\LOCALS~1\Temp\laf25.tmp /del THOMSON mp3PRO Audio Player --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\THOMSON mp3PRO Audio Player\Uninst.isu" URGE --> MsiExec.exe /I{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AE} VFDS Ver 1.01 --> "C:\Program Files\VFDS\unins000.exe" VFDS_Male Ver 1.08a --> "C:\Program Files\VFDS_Male\unins000.exe" VHS Ver 1.04 --> "C:\Program Files\VHS\unins000.exe" Wacom Tablet Driver --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Wacom\Uninst.isu" -c"C:\WINDOWS\system32\TabUnst.dll" Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe" Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" -- End of ComboScan: finished at 2007-03-19 at 00:5 I think that's the last of them from my end. Let me know what you think after you get a chance to look them through. Also about all those programs I've downloaded from the links you provided like "ATF-Cleaner" and "Killbox".. Should I just delete them when this is all over? Thanks, Kenson

0

Go to start> control panel>add/remove programs and scroll down to and delete this progam: System Alert Popup Go to start> run then type in the following commands and press "enter" after each entery. sc delete Pdfr10utu sc delete (Win32 Kernel Update) Then run a comboscan an see it these two are gone from the "services" section. 4S Pdfr10utu - 4S Win32Kernel (Win32 Kernel Update) - "C:\WINDOWS\win32host.exe" No need to post a new comboscan just let us know. You java is out of date and is probably how you got infected. Download the latest version of http://java.sun.com/javase/downloads/index.jsp Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications". Click the "Download" button to the right. Check the box that says: "Accept License Agreement". The page will refresh. Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop. Close any programs you may have running - especially your web browser. Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java. Check any item with Java Runtime Environment (JRE or J2SE) in the name. It should have the "coffee cup" icon next to it. Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions. Reboot your computer once all Java components are removed . Then from your desktop double-click on jre-1_6_0-windowsi586-p.exe to install the newest version. You should consider adding "Spywareblaster" to your arsenol of antispyware tools, just do a google search for spywareblaster, download it,install it, and update it. Its free and runs in the background, so you don't actually run it, and re-writes malicious script before it can install on your computer. Look for updates weekly as there is no auto-update on the free version. Only run one antivirus program and one realtime protection program. The av's will conflict as can the rt's and they use a lot of resources. As for the programs we installed you might want to keep AVG-Antispyware and run it once a week and keep ATF-Cleaner it is a great clean-up tool. You can uninstall the others, navigate to and delete this folder: C:\!KillBox.

0

Well I ran comboscan after deleting those two files in the run command, but now the scan only covers the following listings: Running processes Files created between Find3M Report and Registry Dump I tried restarting my computer and trying the scan again, but it was the same downsized listing. Also it doesn't produce a supplementary.txt anymore. Is that okay? I don't know if this has any relevance, but when I went to remove System Alert Popup from the programs list it gave me an error message saying that the program seemed to no longer be installed on my computer and asked me if I would like to remove System Alert Popup from the programs listing. I chose yes.

0

Yes that is ok. You can delete these: Killbox Comboscan Avenger Smitfraudfix How is the computer operating?

0

Well what can I say, not only did you help me get rid of that pesky alert popup, but you even went out of your way to deal with a lot of other system problems I didn't bother to mention. Pop up's gone and system is running very smoothly, I'm glad to say. If I hadn't come here I probably would have ended up resorting to wiping everything clean and reinstalling. I really can't thank you enough. P.S. Thanks for explaining about the AV/R-T conflicts. I changed my setup to have one Anti-Virus with one real-time protection and keep the rest for weekly manual scans to catch whatever's missed. Plus Spyware Blaster ;) Thank you for all your time. Take care, Kenson

0

Kenson, glad we could help.

0