Mobile/PDA About Us Advertise here
User User name Password  
  Not registered yet? Register here.
Lost your password? Click here. 		 
  Home   News   Guides   Downloads   Glossary   Hardware   Profiles   Forums   v4  
 Advertise at AfterDawn.com     Link to us!     Private messages     Compose a private message     List of all updated threads     Threads without replies     Search messages
Wednesday 22.1.2025 / 18:09
Search AfterDawn Forums:        In English   Suomeksi   På svenska
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > sysprotect virus?
Show topics
 
Forums
Forums
sysprotect virus?
  Jump to:
 
Posted Message
meganm
Newbie
_ 		25. August 2006 @ 11:55 _ Link to this message    Send private message to this user   
Hi all! I keep getting popups for "downloading the sysprotect program" There was also a new icon on my desktop the other day, which I believe was SysProtect (I deleted it, so I don't remember exactly). Any help you can give is greatly appreciated - this is a week old computer and I finally just got it updated with all of my programs. I'm crossing my fingers there is a simple solution. Here is my log file:

Logfile of HijackThis v1.99.1
Scan saved at 3:32:34 PM, on 8/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\MATLAB701\webserver\bin\win32\matlabserver.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Softwin\BitDefender8\bdmcon.exe
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\WINDOWS\system32\??pPatch\w?auclt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\ePrompter\ePrompter.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Megan Moran\Desktop\HijackThis_v1.99.1.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R3 - URLSearchHook: (no name) - {1ADCAB4D-62AA-4A7D-8DAC-1563771CD5CD} - C:\WINDOWS\system32\rll.dll
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1ADCAB4D-62AA-4A7D-8DAC-1563771CD5CD} - C:\WINDOWS\system32\rll.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {773E3A25-8D69-4EEF-BBE4-E60C602C26F3} - C:\WINDOWS\system32\pmnlk.dll
O2 - BHO: CleanMyPC Popup Blocker - {7A9BC6B1-7F27-47c6-A66D-13582E81E537} - C:\Program Files\CleanMyPC Popup Blocker\CleanBHO.dll
O2 - BHO: (no name) - {873eb32d-ae1a-4183-89bd-45a77f761be4} - C:\WINDOWS\system32\ixt0.dll (file missing)
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBarBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll
O3 - Toolbar: Safety Bar - {052b12f7-86fa-4921-8482-26c42316b522} - C:\Program Files\Safety Bar\Safety Bar.dll
O3 - Toolbar: CleanMyPC Toolbar - {04164EC4-1E48-4279-818E-3721931E7636} - C:\Program Files\CleanMyPC Popup Blocker\CleanBar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender8\bdnagent.exe"
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\Program Files\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ViewpointPhotosDeviceConnect] C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe
O4 - HKLM\..\Run: [cf945b12.exe] C:\WINDOWS\system32\cf945b12.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [cf945b12.exe] C:\Documents and Settings\Megan Moran\Local Settings\Application Data\cf945b12.exe
O4 - HKCU\..\Run: [Uaol] "C:\PROGRA~1\COMMON~1\ASKS~1\fast.exe" -vt yazr
O4 - HKCU\..\Run: [Crlhe] C:\WINDOWS\system32\??pPatch\w?auclt.exe
O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: pmnlk - C:\WINDOWS\system32\pmnlk.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winjyg32 - winjyg32.dll (file missing)
O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871} - C:\WINDOWS\system32\urroxtl.dll (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB701\webserver\bin\win32\matlabserver.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
[ + quote]
Advertisement
_ 		__
Niobis
Senior Member
_ 		26. August 2006 @ 00:26 _ Link to this message    Send private message to this user   
Go here http://www.atribune.org/ccount/click.php?id=4 download VundoFix.exe to your desktop.

Go here http://free.grisoft.com/doc/1 download Ewdio.
Install and update(do not run, will do in safe mode)

Open VundoFix.exe
Put a check next to Run VundoFix as a task.
Prompt about close adn reopen. Click OK.
After reopen, click Scan for Vundo.
When finish, click Remove Vundo.
Prompt - remove. Click OK.
Your desktop will go blank as it starts removal.
Prompt for shutdown. Click OK.
Restart computer.

Go here http://free.grisoft.com/doc/1 download Ewdio.

Install and update.
Restart your compuer in safe mode(press F8 upon boot, select "Safe Mode" from menu).
Run full scan.
When finished, save log file.
Restart in normal mode.

Post a new HijackThis log along with the Ewdio log.

[ + quote]
Don't be fooled any longer.
http://www.youtube.com/watch?v=BUtbGYgsIu4&feature=related
meganm
Newbie
_ 		26. August 2006 @ 08:20 _ Link to this message    Send private message to this user   
Hi Thanks for your help. I did as you instructed, here is the Hijack This log file:

Logfile of HijackThis v1.99.1
Scan saved at 12:18:59 PM, on 8/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\MATLAB701\webserver\bin\win32\matlabserver.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Softwin\BitDefender8\bdmcon.exe
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\??pPatch\w?auclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ePrompter\ePrompter.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\Megan Moran\Desktop\HijackThis_v1.99.1(2).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R3 - URLSearchHook: (no name) - {1ADCAB4D-62AA-4A7D-8DAC-1563771CD5CD} - C:\WINDOWS\system32\rll.dll
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1ADCAB4D-62AA-4A7D-8DAC-1563771CD5CD} - C:\WINDOWS\system32\rll.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: CleanMyPC Popup Blocker - {7A9BC6B1-7F27-47c6-A66D-13582E81E537} - C:\Program Files\CleanMyPC Popup Blocker\CleanBHO.dll
O2 - BHO: (no name) - {873eb32d-ae1a-4183-89bd-45a77f761be4} - C:\WINDOWS\system32\ixt0.dll (file missing)
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBarBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: (no name) - {D6A4E31F-C208-432D-90EA-7F747D2A3E5E} - C:\WINDOWS\system32\pmnlk.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll
O3 - Toolbar: Safety Bar - {052b12f7-86fa-4921-8482-26c42316b522} - C:\Program Files\Safety Bar\Safety Bar.dll
O3 - Toolbar: CleanMyPC Toolbar - {04164EC4-1E48-4279-818E-3721931E7636} - C:\Program Files\CleanMyPC Popup Blocker\CleanBar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender8\bdnagent.exe"
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\Program Files\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ViewpointPhotosDeviceConnect] C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe
O4 - HKLM\..\Run: [cf945b12.exe] C:\WINDOWS\system32\cf945b12.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [cf945b12.exe] C:\Documents and Settings\Megan Moran\Local Settings\Application Data\cf945b12.exe
O4 - HKCU\..\Run: [Uaol] "C:\PROGRA~1\COMMON~1\ASKS~1\fast.exe" -vt yazr
O4 - HKCU\..\Run: [Crlhe] C:\WINDOWS\system32\??pPatch\w?auclt.exe
O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winjyg32 - winjyg32.dll (file missing)
O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871} - C:\WINDOWS\system32\urroxtl.dll (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB701\webserver\bin\win32\matlabserver.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)


Here is the Ewido log file:

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:09:33 PM 8/26/2006

+ Scan result:



C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Adware.Aws : No action taken.
C:\Program Files\Safety Bar -> Adware.Generic : No action taken.
C:\Program Files\Safety Bar\Safety Bar.dll -> Adware.Generic : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{052b12f7-86fa-4921-8482-26c42316b522} -> Adware.Generic : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{873eb32d-ae1a-4183-89bd-45a77f761be4} -> Adware.Generic : No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{052b12f7-86fa-4921-8482-26c42316b522} -> Adware.Generic : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{873eb32d-ae1a-4183-89bd-45a77f761be4} -> Adware.Generic : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Safety Bar -> Adware.Generic : No action taken.
HKU\S-1-5-21-2950273736-3773990564-3759124101-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{052B12F7-86FA-4921-8482-26C42316B522} -> Adware.Generic : No action taken.
HKU\S-1-5-21-2950273736-3773990564-3759124101-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{873EB32D-AE1A-4183-89BD-45A77F761BE4} -> Adware.Generic : No action taken.
C:\WINDOWS\system32\rll.dll -> Adware.PurityScan : No action taken.
C:\Program Files\SpyQuake2.com -> Adware.SpywareQuake : No action taken.
C:\Program Files\SpyQuake2.com\ignored.lst -> Adware.SpywareQuake : No action taken.
C:\Program Files\SpyQuake2.com\sq.ini -> Adware.SpywareQuake : No action taken.
C:\Program Files\ToolBar888 -> Adware.ToolBar888 : No action taken.
C:\Program Files\ToolBar888\Activate.exe -> Adware.ToolBar888 : No action taken.
C:\Program Files\ToolBar888\Uninst.exe -> Adware.ToolBar888 : No action taken.
C:\Documents and Settings\Megan Moran\Local Settings\Temporary Internet Files\Content.IE5\G9ENOD6N\anti4[1].exe -> Adware.Virtumonde : No action taken.
C:\VundoFix Backups\ssqqqnl.dll -> Adware.Virtumonde : No action taken.
C:\WINDOWS\g598265.dll -> Downloader.Delf.aeo : No action taken.
C:\Program Files\Softwin\BitDefender8\Quarantine\win37.tmp.exe -> Downloader.Obfuscated.a : No action taken.
C:\Program Files\Softwin\BitDefender8\Quarantine\fast.exe -> Downloader.PurityScan.da : No action taken.
C:\Program Files\Softwin\BitDefender8\Quarantine\ishost.exe -> Downloader.Zlob.agf : No action taken.
C:\Program Files\Softwin\BitDefender8\Quarantine\ismon.exe -> Downloader.Zlob.agf : No action taken.
C:\Program Files\Softwin\BitDefender8\Quarantine\issearch.exe -> Downloader.Zlob.agl : No action taken.
:mozilla.105:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.113:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.114:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.115:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.116:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.184:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.300:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.440:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
:mozilla.198:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.7search : No action taken.
:mozilla.199:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.7search : No action taken.
:mozilla.213:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.214:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.123:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.124:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.125:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.126:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.127:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.60:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.62:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.63:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.64:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.65:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.61:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.355:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.154:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Burstbeacon : No action taken.
:mozilla.151:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.155:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.156:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.95:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.96:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.97:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.98:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.99:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.173:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@com[1].txt -> TrackingCookie.Com : No action taken.
:mozilla.188:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Coremetrics : No action taken.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : No action taken.
:mozilla.53:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.256:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.208:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.209:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.210:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.211:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.212:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@as-us.falkag[2].txt -> TrackingCookie.Falkag : No action taken.
:mozilla.77:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.78:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.79:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.80:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.82:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.319:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.397:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.265:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.266:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.268:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.308:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.373:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.375:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.376:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.378:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.419:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.312:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.313:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.314:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.315:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.182:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hotlog : No action taken.
:mozilla.316:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.317:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.318:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.51:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.52:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.128:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.342:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.357:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.358:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.359:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.360:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.231:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.232:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.233:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.461:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.462:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.117:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.118:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.119:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.120:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@edge.ru4[2].txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.250:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.251:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.252:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.253:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.183:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Spylog : No action taken.
:mozilla.279:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.280:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.150:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.152:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.153:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.227:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.22:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.23:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.28:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.29:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.30:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.31:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.32:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.33:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.34:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.48:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.49:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.50:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.327:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.24:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.25:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.26:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.27:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.215:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.216:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.217:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@zedo[2].txt -> TrackingCookie.Zedo : No action taken.
C:\Program Files\Softwin\BitDefender8\Quarantine\Update.exe -> Trojan.Starter.65 : No action taken.


::Report end
[ + quote]
Niobis
Senior Member
_ 		26. August 2006 @ 19:17 _ Link to this message    Send private message to this user   
Well, first thing you have to do is rescan with Ewdio. :( You didn't apply any actions.

Restart in safe mode.
Run Ewido.
When finish, set all items to delete and click "Apply All Actions".
Restart in normal mode.

Then, go to Add/Remove programs. Locate ViewPoint Tool Bar (or similar) and remove!

Then, download KillBox here http://www.downloads.subratam.org/KillBox.zip

Note: Print these instructions as you will be in safe mode.

Restart your computer in safe mode.
Open Killbox.exe.
Check "Standard File Kill".
In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time then click on the button that has the red circle with the X in the middle after you enter each file.
You will be prompted to confirm, click Yes.

C:\WINDOWS\system32\rll.dll

C:\Program Files\BAE\BAE.dll

C:\WINDOWS\system32\pmnlk.dll

C:\WINDOWS\system32\ixt0.dll

There are alot of things that need to be fixed but, let's get those first.

Post back with a new HijackThis log and the new Ewdio log.
[ + quote]
Don't be fooled any longer.
http://www.youtube.com/watch?v=BUtbGYgsIu4&feature=related
meganm
Newbie
_ 		26. August 2006 @ 20:53 _ Link to this message    Send private message to this user   
whoops, sorry about that! I reran Ewdio and took action this time! When I ran killbox, after I hit the red button and confirmed, a window popped up saying that these files didn't seem to exist:

C:\WINDOWS\system32\rll.dll
C:\WINDOWS\system32\pmnlk.dll
C:\WINDOWS\system32\ixt0.dll

It delted this file: C:\Program Files\BAE\BAE.dll

Thanks again for all of your help! I can't believe I screwed my computer up this much.


Here are the scans from Ewdio and Hijack this:

Ewdio:

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:36:11 AM 8/27/2006

+ Scan result:



C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Adware.Aws : Cleaned with backup (quarantined).
C:\Program Files\Safety Bar -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{052b12f7-86fa-4921-8482-26c42316b522} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{873eb32d-ae1a-4183-89bd-45a77f761be4} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{052b12f7-86fa-4921-8482-26c42316b522} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{873eb32d-ae1a-4183-89bd-45a77f761be4} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Safety Bar -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-2950273736-3773990564-3759124101-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{052B12F7-86FA-4921-8482-26C42316B522} -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-2950273736-3773990564-3759124101-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{873EB32D-AE1A-4183-89BD-45A77F761BE4} -> Adware.Generic : Cleaned with backup (quarantined).
C:\Program Files\SpyQuake2.com -> Adware.SpywareQuake : Cleaned with backup (quarantined).
C:\Program Files\SpyQuake2.com\ignored.lst -> Adware.SpywareQuake : Cleaned with backup (quarantined).
C:\Program Files\SpyQuake2.com\sq.ini -> Adware.SpywareQuake : Cleaned with backup (quarantined).
C:\Program Files\ToolBar888 -> Adware.ToolBar888 : Cleaned with backup (quarantined).
C:\Program Files\ToolBar888\Activate.exe -> Adware.ToolBar888 : Cleaned with backup (quarantined).
C:\Program Files\ToolBar888\Uninst.exe -> Adware.ToolBar888 : Cleaned with backup (quarantined).
C:\Documents and Settings\Megan Moran\Local Settings\Temporary Internet Files\Content.IE5\G9ENOD6N\anti4[1].exe -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\VundoFix Backups\ssqqqnl.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\WINDOWS\g598265.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined).
C:\Program Files\Softwin\BitDefender8\Quarantine\win37.tmp.exe -> Downloader.Obfuscated.a : Cleaned with backup (quarantined).
C:\Program Files\Softwin\BitDefender8\Quarantine\fast.exe -> Downloader.PurityScan.da : Cleaned with backup (quarantined).
C:\Program Files\Softwin\BitDefender8\Quarantine\ishost.exe -> Downloader.Zlob.agf : Cleaned with backup (quarantined).
C:\Program Files\Softwin\BitDefender8\Quarantine\ismon.exe -> Downloader.Zlob.agf : Cleaned with backup (quarantined).
C:\Program Files\Softwin\BitDefender8\Quarantine\issearch.exe -> Downloader.Zlob.agl : Cleaned with backup (quarantined).
:mozilla.112:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.119:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.120:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.121:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.122:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.123:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.124:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.125:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.126:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.127:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.128:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.129:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.130:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.167:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.353:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.369:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.413:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.528:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.547:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.638:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.559:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.7search : Cleaned.
:mozilla.560:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.7search : Cleaned.
:mozilla.378:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.379:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.380:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.381:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.382:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.383:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.384:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.385:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.386:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.387:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.388:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.389:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.390:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.391:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.392:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.393:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.394:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.395:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.568:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.569:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.302:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.304:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.44:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.45:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.46:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.47:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.48:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.280:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.281:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.282:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.38:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.39:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.40:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.41:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.42:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.63:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.92:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.205:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.204:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.206:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.207:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.513:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.514:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.515:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.516:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.517:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.518:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.536:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@com[1].txt -> TrackingCookie.Com : Cleaned.
:mozilla.255:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Commission-junction : Cleaned.
:mozilla.256:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Commission-junction : Cleaned.
:mozilla.295:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.453:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.303:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Directnetadvertising : Cleaned.
:mozilla.305:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Directnetadvertising : Cleaned.
:mozilla.306:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Directnetadvertising : Cleaned.
:mozilla.307:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Directnetadvertising : Cleaned.
:mozilla.308:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Directnetadvertising : Cleaned.
:mozilla.49:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.604:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.195:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.196:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.197:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.198:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.199:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.64:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.65:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.66:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.67:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.68:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.652:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.710:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.107:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.108:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.109:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.241:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.441:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.613:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.642:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.691:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.692:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.694:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.729:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.646:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.647:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.648:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.649:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.545:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.290:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Hypertracker : Cleaned.
:mozilla.347:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.348:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.349:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.320:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.321:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.322:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.323:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.333:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.334:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.418:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.419:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.650:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.651:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.102:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.103:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.140:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.141:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.142:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.476:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.170:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.171:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.172:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.173:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.147:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.148:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.149:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.770:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.771:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.472:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.473:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.474:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.475:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.509:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.510:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.511:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.512:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.546:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.250:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.251:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.252:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.253:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.201:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.202:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.203:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.582:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.13:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.14:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.15:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.16:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.17:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.18:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.19:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.20:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.21:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.50:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.51:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.52:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.53:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.143:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.69:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.70:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.71:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.72:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.73:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.75:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.570:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.571:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.572:C:\Documents and Settings\Megan Moran\Application Data\Mozilla\Firefox\Profiles\f0lzr4fs.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Megan Moran\Cookies\megan moran@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Megan Moran\Local Settings\Temporary Internet Files\Content.IE5\SPIZ85QN\UDefender_Installer[1].exe -> Trojan.Fakealert : Cleaned with backup (quarantined).
C:\Program Files\Softwin\BitDefender8\Quarantine\Update.exe -> Trojan.Starter.65 : Cleaned with backup (quarantined).


::Report end

Hijack This:
Logfile of HijackThis v1.99.1
Scan saved at 12:50:23 AM, on 8/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\MATLAB701\webserver\bin\win32\matlabserver.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Softwin\BitDefender8\bdmcon.exe
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\WINDOWS\system32\??pPatch\w?auclt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\ePrompter\ePrompter.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Documents and Settings\Megan Moran\Desktop\HijackThis_v1.99.1.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R3 - URLSearchHook: (no name) - {1ADCAB4D-62AA-4A7D-8DAC-1563771CD5CD} - C:\WINDOWS\system32\rll.dll (file missing)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1ADCAB4D-62AA-4A7D-8DAC-1563771CD5CD} - C:\WINDOWS\system32\rll.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: CleanMyPC Popup Blocker - {7A9BC6B1-7F27-47c6-A66D-13582E81E537} - C:\Program Files\CleanMyPC Popup Blocker\CleanBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (file missing)
O2 - BHO: (no name) - {D6A4E31F-C208-432D-90EA-7F747D2A3E5E} - C:\WINDOWS\system32\pmnlk.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: CleanMyPC Toolbar - {04164EC4-1E48-4279-818E-3721931E7636} - C:\Program Files\CleanMyPC Popup Blocker\CleanBar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender8\bdnagent.exe"
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\Program Files\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [cf945b12.exe] C:\WINDOWS\system32\cf945b12.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [cf945b12.exe] C:\Documents and Settings\Megan Moran\Local Settings\Application Data\cf945b12.exe
O4 - HKCU\..\Run: [Uaol] "C:\PROGRA~1\COMMON~1\ASKS~1\fast.exe" -vt yazr
O4 - HKCU\..\Run: [Crlhe] C:\WINDOWS\system32\??pPatch\w?auclt.exe
O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winjyg32 - winjyg32.dll (file missing)
O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871} - C:\WINDOWS\system32\urroxtl.dll (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB701\webserver\bin\win32\matlabserver.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
[ + quote]
Niobis
Senior Member
_ 		26. August 2006 @ 21:56 _ Link to this message    Send private message to this user   
That's ok that KillBox said they were missing. HijackThis also said that, was just using caution. :)

Almost finished.

Run a HijackThis "Scan Only" check to fix these.

R3 - URLSearchHook: (no name) - {1ADCAB4D-62AA-4A7D-8DAC-1563771CD5CD} - C:\WINDOWS\system32\rll.dll (file missing)

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O2 - BHO: (no name) - {1ADCAB4D-62AA-4A7D-8DAC-1563771CD5CD} - C:\WINDOWS\system32\rll.dll (file missing)

O2 - BHO: CleanMyPC Popup Blocker - {7A9BC6B1-7F27-47c6-A66D-13582E81E537} - C:\Program Files\CleanMyPC Popup Blocker\CleanBHO.dll (ONLY if you do not use!)

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (file missing)

O2 - BHO: (no name) - {D6A4E31F-C208-432D-90EA-7F747D2A3E5E} - C:\WINDOWS\system32\pmnlk.dll (file missing)

O4 - HKLM\..\Run: [cf945b12.exe] C:\WINDOWS\system32\cf945b12.exe

O4 - HKCU\..\Run: [cf945b12.exe] C:\Documents and Settings\Megan Moran\Local Settings\Application Data\cf945b12.exe

O20 - Winlogon Notify: winjyg32 - winjyg32.dll (file missing)

O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871} - C:\WINDOWS\system32\urroxtl.dll (file missing)

Make sure all windows except HijackThis are closed and then click Fix.

Then, restart your computer.

Post a new HijackThis log.
[ + quote]
Don't be fooled any longer.
http://www.youtube.com/watch?v=BUtbGYgsIu4&feature=related

This message has been edited since posting. Last time this message was edited on 26. August 2006 @ 21:57
meganm
Newbie
_ 		27. August 2006 @ 07:09 _ Link to this message    Send private message to this user   
Ok - I did what you said and the new Hijack This log is below. When I started my computer this am I got a blue screen saying Windows didn't start up properly (this was before I did this last thing you instructed). When I restarted everything was fine.

Are there any programs that you suggest I get or remove from my computer so I can avoid this in the future? I am using Bitedefender as my anti-virus - how do you feel about this program? Is there a better one?

Thanksk again for everything!

Logfile of HijackThis v1.99.1
Scan saved at 11:05:16 AM, on 8/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\MATLAB701\webserver\bin\win32\matlabserver.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Softwin\BitDefender8\bdmcon.exe
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\AIM\aim.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\WINDOWS\system32\??pPatch\w?auclt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\ePrompter\ePrompter.exe
C:\Documents and Settings\Megan Moran\Desktop\HijackThis_v1.99.1.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: CleanMyPC Toolbar - {04164EC4-1E48-4279-818E-3721931E7636} - C:\Program Files\CleanMyPC Popup Blocker\CleanBar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender8\bdnagent.exe"
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\Program Files\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [Uaol] "C:\PROGRA~1\COMMON~1\ASKS~1\fast.exe" -vt yazr
O4 - HKCU\..\Run: [Crlhe] C:\WINDOWS\system32\??pPatch\w?auclt.exe
O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB701\webserver\bin\win32\matlabserver.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
[ + quote]
meganm
Newbie
_ 		28. August 2006 @ 19:25 _ Link to this message    Send private message to this user   
My Anti-Virus program, Bitdefender, did a scan tonight and I've pasted the log below. It says there is still a trojan and that it can't move or disinfect it. Any suggestions?

Thanks!

Infected files : 2
Warnings : 0
Suspect files : 0
Disinfected files : 0
Deleted files : 0
Copied files : 0
Moved files : 0
Renamed files : 0
I/O errors : 31
Scan time : 01:19:37
Scan speed (files/sec) : 143

Virus definitions : 451233
Scan plugins : 13
Archive plugins : 39
Unpack plugins : 5
Mail plugins : 6
System plugins : 1

Scan options

Detection
[X] Scan boot sectors
[X] Scan archives
[X] Scan packed files
[X] Scan email

File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;

Action

Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Copy to quarantine
[ ] Move to quarantine
[ ] Rename
[ ] Prompt user

Second action
[ ] Ignore
[ ] Delete
[ ] Copy to quarantine
[X] Move to quarantine
[ ] Rename
[ ] Prompt user

Scan options
[ ] Enable warnings
[X] Enable heuristics
[ ] Show all files in log
[X] Report file: schedule.log
[ ] Append to existing report

Summary:

C:\Documents and Settings\Megan Moran\Desktop\old laptop back - go through\Jump Drive\NSLC Emails.pst=>[Subject: Hello][From: vinayfmt@iitr.ernet.in]=>gntduk.pif Infected Win32.Worm.Mytob.AC
C:\Documents and Settings\Megan Moran\Desktop\old laptop back - go through\Jump Drive\NSLC Emails.pst=>[Subject: Hello][From: vinayfmt@iitr.ernet.in]=>gntduk.pif Disinfection failed
C:\Documents and Settings\Megan Moran\Desktop\old laptop back - go through\Jump Drive\NSLC Emails.pst=>[Subject: Hello][From: vinayfmt@iitr.ernet.in]=>gntduk.pif Move failed
C:\Documents and Settings\Megan Moran\Local Settings\Temporary Internet Files\Content.IE5\8DEB85AR\wlzip32[1].exe=>(NSIS o)=>lzma_solid_nsis0003 Infected Trojan.Starter.V
C:\Documents and Settings\Megan Moran\Local Settings\Temporary Internet Files\Content.IE5\8DEB85AR\wlzip32[1].exe=>(NSIS o)=>lzma_solid_nsis0003 Disinfection failed
C:\Documents and Settings\Megan Moran\Local Settings\Temporary Internet Files\Content.IE5\8DEB85AR\wlzip32[1].exe=>(NSIS o)=>lzma_solid_nsis0003 Move failed
[ + quote]
Advertisement
_ 		__
 
_
Niobis
Senior Member
_ 		30. August 2006 @ 01:18 _ Link to this message    Send private message to this user   
Windows Malicious Antivirus will rid Mytob. It can be downloaded here http://www.microsoft.com/security/malwareremove/default.mspx

Note: your Windows has to be legit in order to download.

As for Trojan.Starter.V, Spybot Search and Destroy will rid it. Get it here http://www.safer-networking.org/en/download/

Run Spybot in safe mode.

After that, rescan with BitDefender.
[ + quote]
Don't be fooled any longer.
http://www.youtube.com/watch?v=BUtbGYgsIu4&feature=related
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > sysprotect virus?
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2025 by AfterDawn Ltd.

  IDG TechNetwork