|
Windows Explorer keeps crashing
|
|
|
Wyrda
Newbie
|
16. September 2006 @ 17:45 |
Link to this message
|
|
I found the file thats been causing Windows Explorer, however when ever I try to delete the file the explorer automatically crashes. Ive tried running ati-virus programs, but they frezze whenever they scan the file.
|
|
Advertisement
|
|
|
|
|
maca1
Senior Member
|
16. September 2006 @ 17:57 |
Link to this message
|
Download HijackThis
Do a sytem scan and save a logfile
copy/paste the log here
|
|
Wyrda
Newbie
|
17. September 2006 @ 03:41 |
Link to this message
|
Logfile of HijackThis v1.99.1
Scan saved at 7:38:47 AM, on 09/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\Stacsv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\Program Files\Roxio\Roxio DVDMax Player\PDVDServ.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\BitLord\BitLord.exe
C:\Program Files\Opera\Opera.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\Paul Nauman\Desktop\HijackThis_v1.99.1.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.accoona.com/search_assistant/...=&utm_campaign=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.accoona.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://vgcats.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R3 - URLSearchHook: (no name) - <default> - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\Roxio\Roxio DVDMax Player\PDVDServ.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec Shared\SymProbe.exe -r "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [df94cf61.exe] C:\WINDOWS\system32\df94cf61.exe
O4 - HKLM\..\Run: [NI.UWA6P_0001_N822M1605] "C:\Documents and Settings\Paul Nauman\Local Settings\Temporary Internet Files\Content.IE5\O1UV8TE3\WinAntiVirusPro2006FreeInstall[1].exe" -nag
O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon
O4 - HKLM\..\Run: [dmunv.exe] C:\WINDOWS\system32\dmunv.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitLord\BitLord.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Belkin Wireless USB Utility.lnk = C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PlexTools Professional.lnk = C:\Program Files\Plextor\PlexTool.exe
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdat...b?1140187251000
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1149288456140
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{507B3355-8052-4535-A92F-1B235D2CC368}: NameServer = 85.255.115.2,85.255.112.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{A7C4B920-A379-4F38-AFAE-7220D646F9FE}: NameServer = 85.255.115.2,85.255.112.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{B4079CE4-1C16-452D-9929-E1892075D6C6}: NameServer = 85.255.115.2,85.255.112.6
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.2 85.255.112.6
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.2 85.255.112.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.2 85.255.112.6
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: lxcf_device - - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\Stacsv.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
|
|
maca1
Senior Member
|
17. September 2006 @ 05:47 |
Link to this message
|
download FixWareout
http://downloads.subratam.org/Fixwareout.exe
Run it. Click Next, then Install, then make sure "Run fixit" is checked and click Finish. The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.
When your system reboots, follow the prompts. Afterwards, Hijack This will launch. Close Hijack This, and click OK to proceed. )
Check these with HjT and click Fix checked
O17 - HKLM\System\CCS\Services\Tcpip\..\{507B3355-8052-4535-A92F-1B235D2CC368}: NameServer = 85.255.115.2,85.255.112.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{A7C4B920-A379-4F38-AFAE-7220D646F9FE}: NameServer = 85.255.115.2,85.255.112.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{B4079CE4-1C16-452D-9929-E1892075D6C6}: NameServer = 85.255.115.2,85.255.112.6
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.2 85.255.112.6
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.2 85.255.112.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.2 85.255.112.6
If you have connection problems after this
* Go to Control Panel. - If you are using Windows XP's Category View, select the Network and Internet Connections category. If you are in Classic View, go to the next step .
· Double-click the Network Connections icon
· Right-click the Local Area Connection icon and select Properties.
· Hilight Internet Protocol (TCP/IP) and click the Properties button.
· Be sure Obtain DNS server address automatically is selected.
· OK your way out.
* Go to Start > Run and type in cmd
· Click OK.
· This will open a commad prompt.
· Type or copy and paste the following line in the command window:
ipconfig /flushdns
· Hit Enter
· Exit the command window
Do that before you restart.
Finally, please post the contents of the logfile C:\fixwareout\report.txt, along with a new Hijack This log.
This message has been edited since posting. Last time this message was edited on 17. September 2006 @ 05:49
|
|
Wyrda
Newbie
|
17. September 2006 @ 08:35 |
Link to this message
|
|
That fix it. Thx for the Help,Ill post the report here anyways:
Fixwareout ver 1.003
Last edited 8/11/2006
Post this report in the forums please
Reg Entries that were deleted
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}76D3F77125A8-F1AA-0434-87C2-4BBE7039{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}8E006B076679-BFBA-A9D4-7015-1A9A1C93{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\vnumd
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\1trap
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\2trap
...
Microsoft (R) Windows Script Host Version 5.6
Random Runs removed from HKLM
"dmunv.exe"=-
...
PLEASE NOTE, There WILL be LEGITIMATE FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.
»»»»» Searching by size/names...
* csr.exe C:\WINDOWS\System32\CSPSG.EXE
»»»»»
Search five digit cs, dm and jb files.
This WILL/CAN also list Legit Files, Submit them at Virustotal
C:\WINDOWS\SYSTEM32\CSPSG.EXE 51,277 2006-07-19
C:\WINDOWS\SYSTEM32\DMUNV.EXE 61,974 2004-08-04
Other suspects.
Directory of C:\WINDOWS\system32
»»»»» Misc files.
»»»»» Checking for older varients covered by the Rem3 tool.
|
|
maca1
Senior Member
|
17. September 2006 @ 09:21 |
Link to this message
|
|
|
|
Wyrda
Newbie
|
17. September 2006 @ 18:58 |
Link to this message
|
Logfile of HijackThis v1.99.1
Scan saved at 10:58:03 PM, on 09/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\Stacsv.exe
C:\WINDOWS\system32\qttask.exe
C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
C:\Program Files\BitLord\BitLord.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Apex\Apex Video Converter Free\ApexVideoConvertFree.exe
C:\Program Files\Google\Web Accelerator\googlewebaccwarden.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\Paul Nauman\Desktop\HijackThis_v1.99.1.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://vgcats.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NI.UWA6P_0001_N822M1605] "C:\Documents and Settings\Paul Nauman\Local Settings\Temporary Internet Files\Content.IE5\O1UV8TE3\WinAntiVirusPro2006FreeInstall[1].exe" -nag
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\Stacsv.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
|
|
maca1
Senior Member
|
18. September 2006 @ 04:46 |
Link to this message
|
|
go to Start - My computer
Double click local disk C and create a folder inside called "HJT"
Find your hijack this.exe here:
C:\Documents and Settings\Paul Nauman\Desktop\HijackThis_v1.99.1.exe
right click it and and rename it "scan.exe"
Then move into the folder you have created so it will be this:
C:\HJT\scan.exe
Hijackthis needs a safe folder for backups and
the reason for renaming is because it looks as if you have an infection that is hiding entries
Post a new log from the newly named tool.
This message has been edited since posting. Last time this message was edited on 18. September 2006 @ 04:48
|
|
Wyrda
Newbie
|
18. September 2006 @ 05:08 |
Link to this message
|
Logfile of HijackThis v1.99.1
Scan saved at 9:07:45 AM, on 09/18/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\Stacsv.exe
C:\WINDOWS\system32\qttask.exe
C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
C:\Program Files\BitLord\BitLord.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Apex\Apex Video Converter Free\ApexVideoConvertFree.exe
C:\Program Files\Google\Web Accelerator\googlewebaccwarden.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\WINDOWS\system32\DllHost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Opera\Opera.exe
C:\HJT\scan.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://vgcats.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NI.UWA6P_0001_N822M1605] "C:\Documents and Settings\Paul Nauman\Local Settings\Temporary Internet Files\Content.IE5\O1UV8TE3\WinAntiVirusPro2006FreeInstall[1].exe" -nag
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\Stacsv.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
|
|
maca1
Senior Member
|
18. September 2006 @ 06:00 |
Link to this message
|
Download Ewido Anti-Spyware http://www.ewido.net/en/download/
· Install and run ewido
· Click Scanner
· select the "Settings" tab.
· Once in the Settings screen click on "Recommended actions" and then select "Delete".
· Select "Automatically generate report after every scan"
· UnSelect "Only if threats were found"
· Click Complete System Scan and the scan will begin.
· When the scan is finished, Set all items to delete
· Click Apply all actions
· Click the Save report button.
· Save the report to your C: Drive
Reboot
Run ActiveScan online virus scan:
http://www.pandasoftware.com/products/activescan.htm
When the scan is finished, save the results from the scan!
Come back here and post a new Hijack This log along with the logs from the Ewido and Panda scans.
This message has been edited since posting. Last time this message was edited on 18. September 2006 @ 06:02
|
|
Wyrda
Newbie
|
18. September 2006 @ 14:10 |
Link to this message
|
Incident Status Location
Adware:adware/securityerror Not disinfected c:\windows\system32\ot.ico
Potentially unwanted tool:application/regclean32 Not disinfected C:\Documents and Settings\Paul Nauman\Application Data\Registry Cleaner
Potentially unwanted tool:application/winantivirus2006 Not disinfected hkey_local_machine\software\WinAntiVirus Pro 2006
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt[.doubleclick.net/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt[.advertising.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt[.as-eu.falkag.net/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt[.questionmarket.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt[.serving-sys.com/]
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt[.statcounter.com/]
Spyware:Cookie/Hitslink Not disinfected C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt[counter.hitslink.com/]
Spyware:Cookie/OfferOptimizer Not disinfected C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt[.offeroptimizer.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt[.belnk.com/]
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@888[1].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@888[2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@adrevolver[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@belnk[1].txt
Spyware:Cookie/Cassava Not disinfected C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@cassava[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@dist.belnk[2].txt
Spyware:Cookie/Malwarewipe Not disinfected C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@malwarewipe[1].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@statcounter[2].txt
Spyware:Cookie/SecurityError Not disinfected C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@www.systemuptodate[2].txt
Virus:Trj/Ruins.MB Disinfected C:\WINDOWS\system32\dmunv.exe
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 1:46:50 PM 09/18/2006
+ Scan result:
HKU\S-1-5-21-235113891-561637946-2390752385-1006\Software\Classes\CLSID\{62eb0924-19d2-4226-b4b9-8ad1f70904c1} -> Adware.Generic : Cleaned.
HKU\S-1-5-21-235113891-561637946-2390752385-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{736B5468-BDAD-41BE-92D0-22AE2DDF7BCB} -> Adware.Generic : Cleaned.
HKU\S-1-5-21-235113891-561637946-2390752385-1006_Classes\CLSID\{62eb0924-19d2-4226-b4b9-8ad1f70904c1} -> Adware.Generic : Cleaned.
C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Cleaned.
HKU\S-1-5-21-235113891-561637946-2390752385-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Cleaned.
C:\Program Files\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : Cleaned.
C:\WINDOWS\system32\cspsg.exe -> Downloader.Agent.uj : Cleaned.
:mozilla.148:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.149:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.150:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.151:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.152:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.153:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.154:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.155:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.156:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.157:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.158:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.159:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.160:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.161:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.162:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.163:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.164:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.165:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.166:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.167:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.168:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.169:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.170:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.171:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.172:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.173:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.322:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.592:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.658:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.679:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.700:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.727:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.758:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.291:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.292:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.293:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.294:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.295:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.296:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.297:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.298:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.222:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.223:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.224:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.468:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.944:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.336:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.557:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.558:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.337:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Admarketplace : Cleaned.
C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@admarketplace[1].txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.242:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.243:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.244:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.248:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.249:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.250:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.251:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.252:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@adrevolver[3].txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.900:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.901:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.29:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.30:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.31:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.32:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.33:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.21:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.730:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.348:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.876:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.877:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.95:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.100:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.101:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.98:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.99:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.22:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.23:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.24:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.25:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.511:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned.
:mozilla.807:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.911:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.912:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.340:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.731:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Commission-junction : Cleaned.
:mozilla.732:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Commission-junction : Cleaned.
:mozilla.814:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.470:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.471:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.472:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.473:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.370:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned.
:mozilla.35:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.879:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.219:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.220:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.263:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.264:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.265:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.266:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.267:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.66:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.68:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.70:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.73:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.74:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.75:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.504:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.509:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.512:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.834:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.835:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.92:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.935:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.93:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.94:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.615:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.616:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.617:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.618:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.361:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.51:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.52:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.363:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.364:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.365:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.506:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.507:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.722:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.723:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.913:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.914:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.440:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.14:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.15:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.652:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.653:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.654:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.117:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.118:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.135:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.136:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.137:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.138:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.282:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.283:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.190:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.191:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.192:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.973:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned.
:mozilla.810:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@ads1.revenue[1].txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.349:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.350:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.351:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.352:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.353:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.354:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.355:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.424:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.425:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.426:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.427:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.428:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.563:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.564:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.565:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.566:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.567:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.568:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.569:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.570:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.571:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.572:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.573:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.574:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.575:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.576:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.577:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.578:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.579:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.580:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.581:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.582:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.253:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.254:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.255:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.256:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.257:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.258:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.867:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.868:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.811:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.360:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.434:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.435:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.436:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.437:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.438:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.102:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.103:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.104:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.221:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@anat.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.794:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned.
:mozilla.878:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.194:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.195:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.196:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.197:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.198:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.199:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.200:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.76:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.761:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.762:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.763:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.764:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.765:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.766:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.559:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.560:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.503:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.505:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.374:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.968:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Xhit : Cleaned.
:mozilla.123:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.124:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.125:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.126:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Paul Nauman\Cookies\paul nauman@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.341:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.342:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.343:C:\Documents and Settings\Paul Nauman\Application Data\Mozilla\Firefox\Profiles\2a2saiyt.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\WINDOWS\system32\1024 -> Trojan.Small : Cleaned.
C:\WINDOWS\system32\1024\ld2D7.tmp -> Trojan.Small : Cleaned.
::Report end
Logfile of HijackThis v1.99.1
Scan saved at 6:07:21 PM, on 09/18/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\Stacsv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
C:\Program Files\Sony\SonicStage\SsAAD.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\BitLord\BitLord.exe
C:\Program Files\Opera\Opera.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Sony\SonicStage\Omgjbox.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SsDbConnection.exe
C:\HJT\scan.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://vgcats.com/
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NI.UWA6P_0001_N822M1605] "C:\Documents and Settings\Paul Nauman\Local Settings\Temporary Internet Files\Content.IE5\O1UV8TE3\WinAntiVirusPro2006FreeInstall[1].exe" -nag
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\Stacsv.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
|
|
maca1
Senior Member
|
18. September 2006 @ 14:46 |
Link to this message
|
rescan with HijackThis and check this, make sure all browser are closed and click Fix checked
O4 - HKLM\..\Run: [NI.UWA6P_0001_N822M1605] "C:\Documents and Settings\Paul Nauman\Local Settings\Temporary Internet Files\Content.IE5\O1UV8TE3\WinAntiVirusPro2006FreeInstall[1].exe" -nag
DownLoad http://www.downloads.subratam.org/KillBox.zip
Copy these instructions to Notepad for safe mode.
Restart your computer into safe mode now. (keep tapping F8 on startup)
Double-click on Killbox.exe to run it. Now put a tick by Standard File Kill. In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time then click on the X button after you enter each file. It will ask for confimation to delete the file. Click Yes.
Note:
It is possible that Killbox will tell you that one or more files do not
exist. If that happens, just continue on with all the files.
c:\windows\system32\ot.ico
C:\Documents and Settings\Paul Nauman\Local Settings\Temporary Internet Files\Content.IE5\O1UV8TE3
post another HijackThis log
|
|
Wyrda
Newbie
|
19. September 2006 @ 12:56 |
Link to this message
|
Logfile of HijackThis v1.99.1
Scan saved at 4:56:04 PM, on 09/19/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\Stacsv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
C:\Program Files\BitLord\BitLord.exe
C:\Program Files\Opera\Opera.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\HJT\scan.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://vgcats.com/
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NI.UWA6P_0001_N822M1605] "C:\Documents and Settings\Paul Nauman\Local Settings\Temporary Internet Files\Content.IE5\O1UV8TE3\WinAntiVirusPro2006FreeInstall[1].exe" -nag
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\Stacsv.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
|
|
Advertisement
|
|
|
|
maca1
Senior Member
|
19. September 2006 @ 13:29 |
Link to this message
|
Open Notepad. copy and paste all the text inside the quote box below , Paste into Notepad and save as newfix.reg and save as type "All Files" to your desktop
Quote:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NI.UWA6P_0001_N822M1605"=-
Now double click on newfix.reg on the desktop.When it asks to add to the registry, click yes.
Turn off System Restore:
click Start.
Right-click My Computer, and then click Properties.
On the System Restore tab, check Turn off System Restore
Click Apply and Ok
Turn back on System Restore:
click Start.
Right-click My Computer, and then click Properties.
On the System Restore tab, uncheck Turn off System Restore.
Click Apply and Ok
This will create a new clean restore point.
Let me know if you have any problems after that
This message has been edited since posting. Last time this message was edited on 19. September 2006 @ 13:30
|
