help, i have spyware on my computer

Discussion in 'Windows - Virus and spyware problems' started by caliph, Jun 22, 2006.

  1. caliph

    caliph Guest

    hey everyone i need some help please. okay i have spyware on my computer. i keep getting this yellow triangle sign on the lower-right corner on my xp toolbar(near the clock). it blinks and when i click on it, it takes to a website to fix the spyware on my cpu but doesnt help. Someon hlep me plzz. Thank you

    Heres my ewido log:
    ---------------------------------------------------------
    ewido anti-spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 1:14:47 PM 6/22/2006

    + Scan result:



    HKLM\SOFTWARE\Classes\CLSID\{736B5468-BDAD-41BE-92D0-22AE2DDF7BCB} -> Adware.Generic : No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{736b5468-bdad-41be-92d0-22ae2ddf7bcb} -> Adware.Generic : No action taken.
    HKU\S-1-5-21-507921405-115176313-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{736B5468-BDAD-41BE-92D0-22AE2DDF7BCB} -> Adware.Generic : No action taken.
    C:\Documents and Settings\All\Cookies\all@247realmedia[1].txt -> TrackingCookie.247realmedia : No action taken.
    :mozilla.201:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.202:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.203:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.204:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.281:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.289:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.318:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.6:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.7:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
    C:\Documents and Settings\All\Cookies\all@2o7[2].txt -> TrackingCookie.2o7 : No action taken.
    C:\Documents and Settings\All\Cookies\all@americanexpress.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
    C:\Documents and Settings\All\Cookies\all@entrepreneur.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
    C:\Documents and Settings\All\Cookies\all@millenniumhotels.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
    C:\Documents and Settings\All\Cookies\all@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
    :mozilla.100:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.101:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.126:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.127:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.128:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.129:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.130:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.131:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.132:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.133:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.134:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.209:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.210:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.49:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.98:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.99:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
    :mozilla.222:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Addynamix : No action taken.
    :mozilla.223:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Addynamix : No action taken.
    :mozilla.224:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Addynamix : No action taken.
    :mozilla.225:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Addynamix : No action taken.
    C:\Documents and Settings\All\Cookies\all@ads.addynamix[1].txt -> TrackingCookie.Addynamix : No action taken.
    C:\Documents and Settings\All\Cookies\all@adjuggler[1].txt -> TrackingCookie.Adjuggler : No action taken.
    C:\Documents and Settings\All\Cookies\all@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : No action taken.
    :mozilla.36:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
    :mozilla.37:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
    :mozilla.38:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
    :mozilla.39:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
    :mozilla.575:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
    :mozilla.576:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
    C:\Documents and Settings\All\Cookies\all@adrevolver[2].txt -> TrackingCookie.Adrevolver : No action taken.
    C:\Documents and Settings\All\Cookies\all@media.adrevolver[1].txt -> TrackingCookie.Adrevolver : No action taken.
    :mozilla.118:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Adserver : No action taken.
    :mozilla.119:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Adserver : No action taken.
    C:\Documents and Settings\All\Cookies\all@z1.adserver[1].txt -> TrackingCookie.Adserver : No action taken.
    :mozilla.68:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
    :mozilla.73:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
    C:\Documents and Settings\All\Cookies\all@adtech[2].txt -> TrackingCookie.Adtech : No action taken.
    :mozilla.109:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.110:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.168:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.169:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.170:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.171:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.172:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
    C:\Documents and Settings\All\Cookies\all@advertising[2].txt -> TrackingCookie.Advertising : No action taken.
    C:\Documents and Settings\All\Local Settings\Temp\Cookies\all@advertising[2].txt -> TrackingCookie.Advertising : No action taken.
    :mozilla.11:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
    :mozilla.38:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
    C:\Documents and Settings\Al\Cookies\al@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
    C:\Documents and Settings\All\Cookies\all@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
    :mozilla.194:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Bfast : No action taken.
    C:\Documents and Settings\All\Cookies\all@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.
    C:\Documents and Settings\All\Cookies\all@ads.bridgetrack[2].txt -> TrackingCookie.Bridgetrack : No action taken.
    :mozilla.616:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Burstbeacon : No action taken.
    C:\Documents and Settings\All\Cookies\all@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : No action taken.
    :mozilla.107:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
    :mozilla.108:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
    :mozilla.154:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
    :mozilla.155:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
    :mozilla.156:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
    C:\Documents and Settings\All\Cookies\all@burstnet[2].txt -> TrackingCookie.Burstnet : No action taken.
    C:\Documents and Settings\All\Cookies\all@www.burstnet[1].txt -> TrackingCookie.Burstnet : No action taken.
    :mozilla.42:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.43:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.44:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.55:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.56:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    :mozilla.57:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
    C:\Documents and Settings\Al\Cookies\al@casalemedia[2].txt -> TrackingCookie.Casalemedia : No action taken.
    C:\Documents and Settings\All\Cookies\all@clickbank[2].txt -> TrackingCookie.Clickbank : No action taken.
    :mozilla.58:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Clickhype : No action taken.
    :mozilla.59:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Clickhype : No action taken.
    :mozilla.81:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Clickhype : No action taken.
    C:\Documents and Settings\All\Cookies\all@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : No action taken.
    :mozilla.124:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Com : No action taken.
    :mozilla.179:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Com : No action taken.
    C:\Documents and Settings\All\Cookies\all@com[1].txt -> TrackingCookie.Com : No action taken.
    :mozilla.299:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Cpvfeed : No action taken.
    :mozilla.300:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Cpvfeed : No action taken.
    :mozilla.301:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Cpvfeed : No action taken.
    :mozilla.199:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Cqcounter : No action taken.
    :mozilla.27:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
    :mozilla.89:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
    C:\Documents and Settings\Al\Cookies\al@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
    C:\Documents and Settings\All\Cookies\all@doubleclick[2].txt -> TrackingCookie.Doubleclick : No action taken.
    C:\Documents and Settings\All\Local Settings\Temp\Cookies\all@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
    :mozilla.330:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Esomniture : No action taken.
    C:\Documents and Settings\All\Cookies\all@e-2dj6wjl4qoczwfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
    C:\Documents and Settings\All\Cookies\all@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : No action taken.
    :mozilla.149:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
    :mozilla.150:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
    :mozilla.151:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
    :mozilla.152:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
    :mozilla.153:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
    :mozilla.157:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
    :mozilla.158:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
    :mozilla.250:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
    :mozilla.251:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
    :mozilla.252:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
    :mozilla.253:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
    :mozilla.254:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
    :mozilla.255:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
    :mozilla.256:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
    :mozilla.257:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
    C:\Documents and Settings\All\Cookies\all@as-us.falkag[1].txt -> TrackingCookie.Falkag : No action taken.
    C:\Documents and Settings\All\Cookies\all@as1.falkag[2].txt -> TrackingCookie.Falkag : No action taken.
    :mozilla.29:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.30:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.31:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.49:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.50:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.53:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
    C:\Documents and Settings\Al\Cookies\al@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken.
    :mozilla.111:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.69:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.70:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.71:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.72:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.86:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.87:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.88:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.90:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.91:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.94:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
    :mozilla.586:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
    :mozilla.587:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
    :mozilla.588:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
    C:\Documents and Settings\All\Cookies\all@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : No action taken.
    :mozilla.568:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Masterstats : No action taken.
    :mozilla.47:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
    :mozilla.53:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
    C:\Documents and Settings\All\Cookies\all@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : No action taken.
    :mozilla.432:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Overture : No action taken.
    :mozilla.555:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Overture : No action taken.
    C:\Documents and Settings\All\Cookies\all@data1.perf.overture[1].txt -> TrackingCookie.Overture : No action taken.
    C:\Documents and Settings\All\Cookies\all@data2.perf.overture[1].txt -> TrackingCookie.Overture : No action taken.
    C:\Documents and Settings\All\Cookies\all@overture[2].txt -> TrackingCookie.Overture : No action taken.
    C:\Documents and Settings\All\Cookies\all@perf.overture[1].txt -> TrackingCookie.Overture : No action taken.
    :mozilla.427:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Paycounter : No action taken.
    :mozilla.226:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.227:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.228:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.229:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.230:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.87:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.88:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.89:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.90:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
    C:\Documents and Settings\All\Cookies\all@ads.pointroll[1].txt -> TrackingCookie.Pointroll : No action taken.
    :mozilla.441:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Qksrv : No action taken.
    :mozilla.442:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Qksrv : No action taken.
    :mozilla.40:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
    :mozilla.41:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
    :mozilla.443:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
    :mozilla.444:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
    :mozilla.445:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
    :mozilla.446:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
    C:\Documents and Settings\All\Cookies\all@questionmarket[1].txt -> TrackingCookie.Questionmarket : No action taken.
    :mozilla.111:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
    C:\Documents and Settings\All\Cookies\all@revenue[1].txt -> TrackingCookie.Revenue : No action taken.
    :mozilla.336:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
    :mozilla.337:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
    :mozilla.338:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
    C:\Documents and Settings\All\Cookies\all@edge.ru4[1].txt -> TrackingCookie.Ru4 : No action taken.
    :mozilla.60:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
    :mozilla.61:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
    :mozilla.62:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
    :mozilla.63:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
    C:\Documents and Settings\All\Cookies\all@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
    C:\Documents and Settings\All\Cookies\all@serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
    :mozilla.302:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.303:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.304:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.305:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.306:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.307:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.308:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.309:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.310:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.311:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.312:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.313:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.314:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.315:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
    :mozilla.219:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.220:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.221:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    C:\Documents and Settings\All\Cookies\all@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.481:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Spylog : No action taken.
    :mozilla.482:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
    :mozilla.64:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
    C:\Documents and Settings\All\Cookies\all@statcounter[1].txt -> TrackingCookie.Statcounter : No action taken.
    :mozilla.102:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
    :mozilla.103:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
    :mozilla.104:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
    :mozilla.105:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
    :mozilla.106:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
    :mozilla.488:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
    :mozilla.489:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
    :mozilla.490:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
    :mozilla.491:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
    :mozilla.543:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
    :mozilla.544:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
    C:\Documents and Settings\All\Cookies\all@anad.tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
    C:\Documents and Settings\All\Cookies\all@anat.tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
    C:\Documents and Settings\All\Cookies\all@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
    :mozilla.64:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.65:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.66:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.67:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.68:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.69:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.70:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.71:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.72:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.74:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.75:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.76:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.77:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.78:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.79:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.80:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
    C:\Documents and Settings\All\Cookies\all@trafficmp[1].txt -> TrackingCookie.Trafficmp : No action taken.
    :mozilla.498:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Trafic : No action taken.
    :mozilla.23:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.24:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.25:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.26:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.29:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.39:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.40:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.41:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.42:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.43:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.44:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.46:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
    C:\Documents and Settings\All\Cookies\all@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : No action taken.
    :mozilla.112:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Valuead : No action taken.
    :mozilla.113:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Valuead : No action taken.
    :mozilla.114:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Valuead : No action taken.
    :mozilla.115:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Valuead : No action taken.
    :mozilla.116:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Valuead : No action taken.
    :mozilla.117:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Valuead : No action taken.
    C:\Documents and Settings\All\Cookies\all@reduxads.valuead[2].txt -> TrackingCookie.Valuead : No action taken.
    C:\Documents and Settings\All\Cookies\all@vdn.valuead[2].txt -> TrackingCookie.Valuead : No action taken.
    :mozilla.102:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.103:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.104:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.105:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.106:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.107:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.108:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.109:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.110:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.45:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.46:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.47:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.48:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
    C:\Documents and Settings\All\Cookies\all@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
    C:\Documents and Settings\All\Cookies\all@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
    :mozilla.159:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    :mozilla.160:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    :mozilla.161:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    :mozilla.162:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    :mozilla.163:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    :mozilla.164:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    :mozilla.165:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    :mozilla.166:C:\Documents and Settings\All\Application Data\Mozilla\Firefox\Profiles\wweck751.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    :mozilla.55:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    :mozilla.56:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    :mozilla.57:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    :mozilla.58:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    :mozilla.59:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    :mozilla.60:C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\h7v9tc18.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
    C:\Documents and Settings\All\Cookies\all@c2.zedo[1].txt -> TrackingCookie.Zedo : No action taken.
    C:\Documents and Settings\All\Cookies\all@zedo[1].txt -> TrackingCookie.Zedo : No action taken.
    C:\WINDOWS\system32\1024 -> Trojan.Small : No action taken.
    C:\WINDOWS\system32\1024\ld2BC8.tmp -> Trojan.Small : No action taken.
    C:\WINDOWS\system32\1024\ldBD81.tmp -> Trojan.Small : No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\\kernel32.dll -> Trojan.Small : No action taken.


    ::Report end







    Heres my Hijack log:
    Logfile of HijackThis v1.99.1
    Scan saved at 12:33:15 PM, on 6/22/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files\AIM\aim.exe
    C:\WINDOWS\system32\devldr32.exe
    C:\WINDOWS\system32\dcomcfg.exe
    C:\WINDOWS\system32\atmclk.exe
    C:\Program Files\Steam\steam.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\All\Desktop\HijackThis.exe

    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: Nothing - {686a161d-5bd1-4999-8832-6393f41e564c} - C:\WINDOWS\system32\hp100.tmp
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: VS_IEHlprObj Class - {829CAB51-A4EA-4a15-87B6-4B7D0747939C} - C:\Program Files\Network Associates\VirusScan\bho.dll
    O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBarBHO.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll
    O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - C:\Program Files\Security Toolbar\Security Toolbar.dll
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
    O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
    O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll/CXTSEARCH.HTML
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://bltech.webex.com/client/v_mywebex-t20/support/ieatgpc.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FE92002D-7A50-4966-9125-114239D36457}: NameServer = 192.168.0.1
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
     
  2. tapiiri

    tapiiri Regular member

    Joined:
    Jun 11, 2005
    Messages:
    1,142
    Likes Received:
    0
    Trophy Points:
    46
    Hi caliph

    Download SmitfraudFix.zip to your desktop -> http://siri.urz.free.fr/Fix/SmitfraudFix.zip

    Unzip it (folder named SmitFraudFix) to your desktop:

    Open the folder SmitfraudFix and doubleclick smitfraudfix.cmd
    Choose option #1 - Search by typing 1 and pressing "Enter"; a textfile opens and lists the infected files (if those exist)

    Post the contents of this textfile to here.

    (Some antiviruses recognises process.exe as a malware. It is not malware, it is a program that stops processes)

    Send a fresh hijack log and rapport.txt
     
  3. caliph

    caliph Guest

    ok heres the smitfraudfix report:
    SmitFraudFix v2.64

    Scan done at 14:11:42.04, Thu 06/22/2006
    Run from C:\Documents and Settings\All\Desktop\SmitfraudFix
    OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
    Fix ran in normal mode

    »»»»»»»»»»»»»»»»»»»»»»»» C:\


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

    C:\WINDOWS\system32\dcomcfg.exe FOUND !
    C:\WINDOWS\system32\hp???.tmp FOUND !
    C:\WINDOWS\system32\hp????.tmp FOUND !
    C:\WINDOWS\system32\ld????.tmp FOUND !
    C:\WINDOWS\system32\ot.ico FOUND !
    C:\WINDOWS\system32\regperf.exe FOUND !
    C:\WINDOWS\system32\stdole3.tlb FOUND !
    C:\WINDOWS\system32\1024\ FOUND !

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\All\Application Data


    »»»»»»»»»»»»»»»»»»»»»»»» Start Menu


    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\All\FAVORI~1

    C:\DOCUME~1\All\FAVORI~1\Antivirus Test Online.url FOUND !

    »»»»»»»»»»»»»»»»»»»»»»»» Desktop

    C:\DOCUME~1\ALLUSE~1\Desktop\Online Security Guide.url FOUND !
    C:\DOCUME~1\ALLUSE~1\Desktop\Security Troubleshooting.url FOUND !

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

    C:\Program Files\Security Toolbar\ FOUND !

    »»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


    »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="My Current Home Page"


    »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    "{6af69c4d-420a-4c95-b34f-e4635f84f53b}"="forevouched"

    [HKEY_CLASSES_ROOT\CLSID\{6af69c4d-420a-4c95-b34f-e4635f84f53b}\InProcServer32]
    @="C:\WINDOWS\system32\viwpzla.dll"

    [HKEY_CURRENT_USER\Software\Classes\CLSID\{6af69c4d-420a-4c95-b34f-e4635f84f53b}\InProcServer32]
    @="C:\WINDOWS\system32\viwpzla.dll"


    »»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


    »»»»»»»»»»»»»»»»»»»»»»»» End





    Heres the hijack report:
    Logfile of HijackThis v1.99.1
    Scan saved at 2:13:10 PM, on 6/22/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\dcomcfg.exe
    C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\devldr32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Steam\steam.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\All\Desktop\HijackThis.exe

    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: Nothing - {686a161d-5bd1-4999-8832-6393f41e564c} - C:\WINDOWS\system32\hp100.tmp
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: VS_IEHlprObj Class - {829CAB51-A4EA-4a15-87B6-4B7D0747939C} - C:\Program Files\Network Associates\VirusScan\bho.dll
    O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBarBHO.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll
    O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - C:\Program Files\Security Toolbar\Security Toolbar.dll
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
    O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
    O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll/CXTSEARCH.HTML
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://bltech.webex.com/client/v_mywebex-t20/support/ieatgpc.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FE92002D-7A50-4966-9125-114239D36457}: NameServer = 192.168.0.1
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

     
  4. tapiiri

    tapiiri Regular member

    Joined:
    Jun 11, 2005
    Messages:
    1,142
    Likes Received:
    0
    Trophy Points:
    46
    Hi ,

    Restart your computer to the safemode and choose your normal user account -> http://www.pchell.com/support/safemode.shtml

    When in safemode, open SmitfraudFix folder and doubleclick the file smitfraudfix.cmd
    Choose option #2 - Clean by typing 2 and pressing "Enter" in order to remove the infected files.

    You are asked: "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove your desktop wallpaper and the infected registry keys.

    The tool checks if wininet.dll file is infected. You might be asked to replace the infected .dll (if found); answer "Yes" by typing Y and press "Enter".

    The tool might have to restart your computer; if it won't do it, restart your computer back to normal mode.
    A textfile will appear after the cleaning process, copy this file and paste it to here.

    Tha log is saved to your local diskdrive, usually C:\rapport.txt.

    Warning : Running option 2 in a clean computer will delete your desktop wallpaper.

    Post a new HjT log and the contents of C:\Rapport.txt
     
  5. caliph

    caliph Guest

    okay heres the simth report:
    SmitFraudFix v2.64

    Scan done at 14:32:35.20, Thu 06/22/2006
    Run from C:\Documents and Settings\All\Desktop\SmitfraudFix
    OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
    Fix ran in safe mode

    »»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    "{6af69c4d-420a-4c95-b34f-e4635f84f53b}"="forevouched"

    [HKEY_CLASSES_ROOT\CLSID\{6af69c4d-420a-4c95-b34f-e4635f84f53b}\InProcServer32]
    @="C:\WINDOWS\system32\viwpzla.dll"

    [HKEY_CURRENT_USER\Software\Classes\CLSID\{6af69c4d-420a-4c95-b34f-e4635f84f53b}\InProcServer32]
    @="C:\WINDOWS\system32\viwpzla.dll"


    »»»»»»»»»»»»»»»»»»»»»»»» Killing process


    »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

    GenericRenosFix by S!Ri

    C:\WINDOWS\system32\viwpzla.dll -> Missing File


    »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

    C:\WINDOWS\system32\dcomcfg.exe Deleted
    C:\WINDOWS\system32\hp???.tmp Deleted
    C:\WINDOWS\system32\ld????.tmp Deleted
    C:\WINDOWS\system32\ot.ico Deleted
    C:\WINDOWS\system32\regperf.exe Deleted
    C:\WINDOWS\system32\stdole3.tlb Deleted
    C:\WINDOWS\system32\1024\ Deleted
    C:\DOCUME~1\ALLUSE~1\Desktop\Online Security Guide.url Deleted
    C:\DOCUME~1\All\FAVORI~1\Antivirus Test Online.url Deleted
    C:\Program Files\Security Toolbar\ Deleted

    »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


    »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

    Registry Cleaning done.

    »»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll


    »»»»»»»»»»»»»»»»»»»»»»»» End






    Heres the hijack report:
    Logfile of HijackThis v1.99.1
    Scan saved at 2:36:44 PM, on 6/22/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\ewido anti-spyware 4.0\ewido.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files\AIM\aim.exe
    C:\WINDOWS\system32\devldr32.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\All\Desktop\HijackThis.exe

    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: VS_IEHlprObj Class - {829CAB51-A4EA-4a15-87B6-4B7D0747939C} - C:\Program Files\Network Associates\VirusScan\bho.dll
    O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBarBHO.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
    O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
    O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll/CXTSEARCH.HTML
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://bltech.webex.com/client/v_mywebex-t20/support/ieatgpc.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FE92002D-7A50-4966-9125-114239D36457}: NameServer = 192.168.0.1
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

     
    Last edited by a moderator: Jun 22, 2006
  6. tapiiri

    tapiiri Regular member

    Joined:
    Jun 11, 2005
    Messages:
    1,142
    Likes Received:
    0
    Trophy Points:
    46
    Its look fine now
     
  7. caliph

    caliph Guest

    ok thanks for all your help man!! APPRECIATE IT!!
     
  8. tapiiri

    tapiiri Regular member

    Joined:
    Jun 11, 2005
    Messages:
    1,142
    Likes Received:
    0
    Trophy Points:
    46
    Your welcome
     

Share This Page