Ok, so i have norton interent securities and xoftspy. Somehow this torjan got passed it all and is impossible to rid my computer of. My norton keeps saying "c:\windows\win32\users32.exe" has been deleted, etc etc. I went into the register and all that good stuff and still cant find the source trojan to delete to make it all stop. I have done a thousand system scans they all come up clean but yet users32.exe keeps getting pasted in my win32 folder. here is my HIJACKTHIS...please help!
Logfile of HijackThis v1.99.1
Scan saved at 12:47:55 AM, on 6/10/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Apache2\Apache2\bin\Apache.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Cpqdiag\Cpqdfwag.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\NICServ.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Apache2\Apache2\bin\Apache.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Compaq\EAB\EabServr.exe
C:\WINDOWS\System32\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\AOL\1136953971\ee\AOLSoftware.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Widcomm\Bluetooth Software\BTTray.exe
C:\Apache2\Apache2\bin\ApacheMonitor.exe
C:\Program Files\Widcomm\Bluetooth Software\BTStackServer.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\OdHost.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\WPC54Cfg.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Justin Davis\Local Settings\Temp\Temporary Directory 4 for hijackthis_199.zip\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.bgsu.edu
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: adobepnl.ADOBE_PANEL - {5E8FA924-DEF0-4E71-8A82-A11CA0C1413B} - C:\WINDOWS\System32\adobepnl.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\Compaq\EAB\EabServr.exe /Start
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\RunServices: [CPQDFWAG] C:\WINDOWS\Cpqdiag\CpqDfwAg.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: titanshield.lnk = C:\Program Files\TitanShield Antispyware\titanshield.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Monitor Apache Servers.lnk = C:\Apache2\Apache2\bin\ApacheMonitor.exe
O4 - Global Startup: Wireless-G Notebook Adapter with SpeedBooster Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\Startup.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\Party** Game for big ones **\RunApp.exe
O9 - Extra 'Tools' menuitem: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\Party** Game for big ones **\RunApp.exe
O9 - Extra button: Royal Vegas ** Game for big ones ** - {FA4904B4-1FAF-4afd-886C-C19D2297BA62} - C:\Program Files\royalvegasMPP\MP** Game for big ones **.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O23 - Service: Apache2 - Unknown owner - C:\Apache2\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Compaq Remote Diagnostics Enabling Agent (CpqDfwWebAgent) - Compaq Computer Corporation - C:\WINDOWS\Cpqdiag\Cpqdfwag.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NICSer_WPC54GS - Unknown owner - C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\NICServ.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
INFECTED WITH TORJAN.ADCLICKER (I TRIED EVERYTHING!)
Started By
jusdavi
, Jun 10 2006 04:48 AM
10 replies to this topic
#2
Bobbi Flekman
-
- Charter Members
-
- 5,990 posts
The computer whisperer
Posted 10 June 2006 - 09:49 AM
Hi jusdavi,
Please create a list of programs that can be removed using Add/Remove Programs
Start HiJackThis. Click "Config"->"Misc Tools"->"Open Uninstall Manager" ->"Save List".
Save the log to a convenient location, and copy it into this thread.
You need to update Windows and Internet Explorer to get all the latest security patches that protects your computer.
This can be accessed by going to http://windowsupdate.microsoft.com/ and following the prompts. You may need to do this more than once.
If you are using Windows XP, and am not on SP-2. Do not update to that yet. The update to SP-2 can fail when the system has malware on it. It may even leave your computer unbootable!. You can update to SP-1a though
Please move HijackThis to another location, preferably c:\Program Files\HijackThis. Anywhere is fine, other than your Desktop or a Temp folder. If HijackThis is in a temporary folder you run the risk of accidentally deleting the backups or it clutters your desktop with all the backups.
If you use Windows XP it might be that you just double clicked on the file HijackThis.exe, but that only extracts the file to a temporary folder. Please select the file and Extract it to a folder.
How do you make a permanent folder:
Click "My Computer", then "C:\" and then on "Program Files".
In the menu bar, "File"->"New"->"Folder".
That will create a folder named "New Folder", which you can rename to "HJT" or "HijackThis".
Now you have "C:\Program Files\HijackThis". Put your HijackThis.exe there.
By the way, XoftSpy has been delisted from Spyware Warrior's Rogue List. Since the program was on it I recommend to uninstall it and use programs from the trustworthy list which can be viewed on the same page.
Please create a list of programs that can be removed using Add/Remove Programs
Start HiJackThis. Click "Config"->"Misc Tools"->"Open Uninstall Manager" ->"Save List".
Save the log to a convenient location, and copy it into this thread.
You need to update Windows and Internet Explorer to get all the latest security patches that protects your computer.
This can be accessed by going to http://windowsupdate.microsoft.com/ and following the prompts. You may need to do this more than once.
If you are using Windows XP, and am not on SP-2. Do not update to that yet. The update to SP-2 can fail when the system has malware on it. It may even leave your computer unbootable!. You can update to SP-1a though
Please move HijackThis to another location, preferably c:\Program Files\HijackThis. Anywhere is fine, other than your Desktop or a Temp folder. If HijackThis is in a temporary folder you run the risk of accidentally deleting the backups or it clutters your desktop with all the backups.
If you use Windows XP it might be that you just double clicked on the file HijackThis.exe, but that only extracts the file to a temporary folder. Please select the file and Extract it to a folder.
How do you make a permanent folder:
Click "My Computer", then "C:\" and then on "Program Files".
In the menu bar, "File"->"New"->"Folder".
That will create a folder named "New Folder", which you can rename to "HJT" or "HijackThis".
Now you have "C:\Program Files\HijackThis". Put your HijackThis.exe there.
By the way, XoftSpy has been delisted from Spyware Warrior's Rogue List. Since the program was on it I recommend to uninstall it and use programs from the trustworthy list which can be viewed on the same page.
#3
jusdavi
-
- Member
-
- 7 posts
New Member
Posted 10 June 2006 - 04:15 PM
OK, so i did everything but download patches for IE and WINDOWS becuase my computer is in safe mode (i'm on another computer). Unfortunitly, i gotta get the one working with all my work and website code and tables on it. Anyways I put hijackthis in its own folder now (sorry), and ran the uninstall list. Did you not find anything in the hijackthis output i did earlier when i ran it? I also did ewido anti-malwalre and i have the output of that report i will post after the unistall list. Also, i put on the LATEST highjack log after ewido removed some things.
Adobe Acrobat 5.0
AOL Uninstaller (Choose which Products to Remove)
Apache HTTP Server 2.0.55
ATI Display Driver
CC_ccProxyMSI
CC_ccStart
ccCommon
Compaq Diagnostics for Windows
Compaq Easy Access Buttons 3.00 B3
Compaq Remote Diagnostics Enabling Agent
Easy CD Creator 5 Basic
ewido anti-malware
Full Tilt ** Game for big ones **
HijackThis 1.99.1
HP Deskjet 6500
HP Software Update
InterVideo WinDVD
J2SE Runtime Environment 5.0 Update 6
LiveReg (Symantec Corporation)
LiveUpdate 1.90 (Symantec Corporation)
Macromedia Flash Player 8
Microsoft .NET Framework 1.1
Microsoft Internet Explorer 6 SP1
Microsoft Office XP Professional with FrontPage
Microsoft Visual J# .NET Redistributable Package 1.1
Microsoft Visual Studio .NET Professional 2003 - English
Microsoft XML Parser and SDK
MikesBikes-Advanced
Mozilla Firefox (1.5.0.4)
MSRedist
MySQL Server 5.0
Norton AntiSpam
Norton AntiSpam
Norton AntiVirus
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton WMI Update
Odyssey Client
Pacific ** Game for big ones **
Party** Game for big ones **
PHP 5.1.2
** Game for big ones **Stars
Royal Vegas ** Game for big ones **
SoundMAX
SportsInterAction ** Game for big ones **
SQLyog 5.13
Subversion 1.3.1-r19032
Symantec Script Blocking Installer
Synaptics TouchPad
TortoiseSVN
UBNet
UltimateBet
Viewpoint Media Player
Widcomm Bluetooth Software 1.2.2.4
Windows Installer 3.1 (KB893803)
Windows XP Hotfix - KB823559
Windows XP Hotfix - KB828741
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB835732
Windows XP Hotfix - KB842773
Windows XP Hotfix (SP1) [See Q329048 for more information]
Windows XP Hotfix (SP1) [See Q329390 for more information]
Windows XP Hotfix (SP1) [See Q329441 for more information]
Windows XP Hotfix (SP1) [See Q329834 for more information]
Windows XP Hotfix (SP1) Q329170
Windows XP Hotfix (SP1) Q810577
Windows XP Hotfix (SP1) Q810833
Windows XP Hotfix (SP1) Q817606
Windows XP Hotfix (SP2) [See Q329115 for more information]
Wireless-G Notebook Adapter with SpeedBooster
###################################################
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 1:37:45 AM, 6/10/2006
+ Report-Checksum: B1FC671C
+ Scan result:
HKLM\SOFTWARE\Classes\AlxTB.BHO -> Adware.Alexa : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\DailyToolbar.DLL -> Adware.DailyToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\DailyToolbar.IEBand -> Adware.DailyToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\DailyToolbar.SysMgr -> Adware.DailyToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\IEToolbar.AffiliateCtl -> Adware.DailyToolbar : Cleaned with backup
HKLM\SOFTWARE\DailyToolbar -> Adware.DailyToolbar : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Trafic : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Enhance : Cleaned with backup
:mozilla.121:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup
:mozilla.156:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.157:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.162:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.163:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.167:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.195:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.207:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.208:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.209:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.230:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.231:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.233:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.247:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.267:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.269:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.270:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.271:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.272:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.273:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.298:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.300:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.303:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.309:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.355:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.366:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.424:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.452:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.468:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.470:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.476:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.477:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.483:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.494:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.542:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.543:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.560:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.580:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.581:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.582:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.599:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.600:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.601:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.602:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.610:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.611:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.612:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.613:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.614:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.615:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.616:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.617:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.618:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.619:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.621:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.622:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.623:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.624:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.625:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.626:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.627:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.631:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.636:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.637:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.639:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.682:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.683:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.696:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup
:mozilla.703:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.706:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.722:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.723:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.732:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.747:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.748:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.751:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.796:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.797:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.798:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.809:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
:mozilla.810:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
:mozilla.828:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.843:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.844:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.845:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.847:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.848:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.849:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.850:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.879:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.903:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.930:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.931:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup
:mozilla.932:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.935:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Justin Davis\Cookies\justin davis@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Justin Davis\Cookies\justin davis@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned with backup
C:\Documents and Settings\Justin Davis\Cookies\justin davis@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Justin Davis\Cookies\justin davis@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Justin Davis\Cookies\justin davis@yadro[2].txt -> TrackingCookie.Yadro : Cleaned with backup
C:\WINDOWS\SportsInterAction ** Game for big ones ** setup.exe -> Adware.-- Look for another playground -- : Cleaned with backup
C:\WINDOWS\system32\adobepnl.dll -> Not-A-Virus.Hoax.Win32.Renos.dm : Cleaned with backup
C:\WINDOWS\system32\wpupzyfc.tuu -> Hijacker.Small.js : Cleaned with backup
::Report End
###################################################
Logfile of HijackThis v1.99.1
Scan saved at 1:37:11 AM, on 6/10/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\hijackthis\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.bgsu.edu
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: adobepnl.ADOBE_PANEL - {5E8FA924-DEF0-4E71-8A82-A11CA0C1413B} - C:\WINDOWS\System32\adobepnl.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\Compaq\EAB\EabServr.exe /Start
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\RunServices: [CPQDFWAG] C:\WINDOWS\Cpqdiag\CpqDfwAg.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: titanshield.lnk = C:\Program Files\TitanShield Antispyware\titanshield.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Monitor Apache Servers.lnk = C:\Apache2\Apache2\bin\ApacheMonitor.exe
O4 - Global Startup: Wireless-G Notebook Adapter with SpeedBooster Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\Startup.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\Party** Game for big ones **\RunApp.exe
O9 - Extra 'Tools' menuitem: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\Party** Game for big ones **\RunApp.exe
O9 - Extra button: Royal Vegas ** Game for big ones ** - {FA4904B4-1FAF-4afd-886C-C19D2297BA62} - C:\Program Files\royalvegasMPP\MP** Game for big ones **.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O23 - Service: Apache2 - Unknown owner - C:\Apache2\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Compaq Remote Diagnostics Enabling Agent (CpqDfwWebAgent) - Compaq Computer Corporation - C:\WINDOWS\Cpqdiag\Cpqdfwag.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NICSer_WPC54GS - Unknown owner - C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\NICServ.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
Adobe Acrobat 5.0
AOL Uninstaller (Choose which Products to Remove)
Apache HTTP Server 2.0.55
ATI Display Driver
CC_ccProxyMSI
CC_ccStart
ccCommon
Compaq Diagnostics for Windows
Compaq Easy Access Buttons 3.00 B3
Compaq Remote Diagnostics Enabling Agent
Easy CD Creator 5 Basic
ewido anti-malware
Full Tilt ** Game for big ones **
HijackThis 1.99.1
HP Deskjet 6500
HP Software Update
InterVideo WinDVD
J2SE Runtime Environment 5.0 Update 6
LiveReg (Symantec Corporation)
LiveUpdate 1.90 (Symantec Corporation)
Macromedia Flash Player 8
Microsoft .NET Framework 1.1
Microsoft Internet Explorer 6 SP1
Microsoft Office XP Professional with FrontPage
Microsoft Visual J# .NET Redistributable Package 1.1
Microsoft Visual Studio .NET Professional 2003 - English
Microsoft XML Parser and SDK
MikesBikes-Advanced
Mozilla Firefox (1.5.0.4)
MSRedist
MySQL Server 5.0
Norton AntiSpam
Norton AntiSpam
Norton AntiVirus
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton WMI Update
Odyssey Client
Pacific ** Game for big ones **
Party** Game for big ones **
PHP 5.1.2
** Game for big ones **Stars
Royal Vegas ** Game for big ones **
SoundMAX
SportsInterAction ** Game for big ones **
SQLyog 5.13
Subversion 1.3.1-r19032
Symantec Script Blocking Installer
Synaptics TouchPad
TortoiseSVN
UBNet
UltimateBet
Viewpoint Media Player
Widcomm Bluetooth Software 1.2.2.4
Windows Installer 3.1 (KB893803)
Windows XP Hotfix - KB823559
Windows XP Hotfix - KB828741
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB835732
Windows XP Hotfix - KB842773
Windows XP Hotfix (SP1) [See Q329048 for more information]
Windows XP Hotfix (SP1) [See Q329390 for more information]
Windows XP Hotfix (SP1) [See Q329441 for more information]
Windows XP Hotfix (SP1) [See Q329834 for more information]
Windows XP Hotfix (SP1) Q329170
Windows XP Hotfix (SP1) Q810577
Windows XP Hotfix (SP1) Q810833
Windows XP Hotfix (SP1) Q817606
Windows XP Hotfix (SP2) [See Q329115 for more information]
Wireless-G Notebook Adapter with SpeedBooster
###################################################
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 1:37:45 AM, 6/10/2006
+ Report-Checksum: B1FC671C
+ Scan result:
HKLM\SOFTWARE\Classes\AlxTB.BHO -> Adware.Alexa : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\DailyToolbar.DLL -> Adware.DailyToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\DailyToolbar.IEBand -> Adware.DailyToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\DailyToolbar.SysMgr -> Adware.DailyToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\IEToolbar.AffiliateCtl -> Adware.DailyToolbar : Cleaned with backup
HKLM\SOFTWARE\DailyToolbar -> Adware.DailyToolbar : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Trafic : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Enhance : Cleaned with backup
:mozilla.121:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup
:mozilla.156:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.157:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.162:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.163:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.167:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.195:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.207:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.208:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.209:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.230:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.231:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.233:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.247:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.267:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.269:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.270:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.271:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.272:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.273:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.298:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.300:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.303:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.309:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.355:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.366:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.424:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.452:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.468:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.470:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.476:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.477:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.483:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.494:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.542:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.543:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.560:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.580:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.581:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.582:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.599:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.600:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.601:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.602:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.610:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.611:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.612:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.613:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.614:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.615:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.616:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.617:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.618:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.619:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.621:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.622:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.623:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.624:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.625:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.626:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.627:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.631:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.636:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.637:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.639:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.682:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.683:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.696:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup
:mozilla.703:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.706:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.722:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.723:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.732:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.747:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.748:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.751:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.796:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.797:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.798:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.809:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
:mozilla.810:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
:mozilla.828:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.843:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.844:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.845:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.847:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.848:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.849:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.850:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.879:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.903:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.930:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.931:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup
:mozilla.932:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.935:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Justin Davis\Cookies\justin davis@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Justin Davis\Cookies\justin davis@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned with backup
C:\Documents and Settings\Justin Davis\Cookies\justin davis@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Justin Davis\Cookies\justin davis@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Justin Davis\Cookies\justin davis@yadro[2].txt -> TrackingCookie.Yadro : Cleaned with backup
C:\WINDOWS\SportsInterAction ** Game for big ones ** setup.exe -> Adware.-- Look for another playground -- : Cleaned with backup
C:\WINDOWS\system32\adobepnl.dll -> Not-A-Virus.Hoax.Win32.Renos.dm : Cleaned with backup
C:\WINDOWS\system32\wpupzyfc.tuu -> Hijacker.Small.js : Cleaned with backup
::Report End
###################################################
Logfile of HijackThis v1.99.1
Scan saved at 1:37:11 AM, on 6/10/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\hijackthis\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.bgsu.edu
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: adobepnl.ADOBE_PANEL - {5E8FA924-DEF0-4E71-8A82-A11CA0C1413B} - C:\WINDOWS\System32\adobepnl.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\Compaq\EAB\EabServr.exe /Start
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\RunServices: [CPQDFWAG] C:\WINDOWS\Cpqdiag\CpqDfwAg.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: titanshield.lnk = C:\Program Files\TitanShield Antispyware\titanshield.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Monitor Apache Servers.lnk = C:\Apache2\Apache2\bin\ApacheMonitor.exe
O4 - Global Startup: Wireless-G Notebook Adapter with SpeedBooster Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\Startup.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\Party** Game for big ones **\RunApp.exe
O9 - Extra 'Tools' menuitem: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\Party** Game for big ones **\RunApp.exe
O9 - Extra button: Royal Vegas ** Game for big ones ** - {FA4904B4-1FAF-4afd-886C-C19D2297BA62} - C:\Program Files\royalvegasMPP\MP** Game for big ones **.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O23 - Service: Apache2 - Unknown owner - C:\Apache2\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Compaq Remote Diagnostics Enabling Agent (CpqDfwWebAgent) - Compaq Computer Corporation - C:\WINDOWS\Cpqdiag\Cpqdfwag.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NICSer_WPC54GS - Unknown owner - C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\NICServ.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
#4
jusdavi
-
- Member
-
- 7 posts
New Member
Posted 10 June 2006 - 07:37 PM
Ok, I know i need to download patches for IE and WINDOWS. Currently use hijackthis, ewido anti-malware and norton interent securities. My problem is the users32.exe trojan.adclicker file keep poping up in the windows/win32/...folder whenever i access IE or my computer etc. I've tried going into the registry and everything. I'm on another computer but my comptuer is in safe mode, i ran ewido anti-malware and got rid of some stuff, then did hijackthis and ran a uninstall list and also a hijackthis report. Can someone help!??? Look it over, i cant get rid of this bug.
posted in order is:
*hijackthis uninstall list
*ewido anti-malare scan report
*hijackthis report
##############################################
Adobe Acrobat 5.0
AOL Uninstaller (Choose which Products to Remove)
Apache HTTP Server 2.0.55
ATI Display Driver
CC_ccProxyMSI
CC_ccStart
ccCommon
Compaq Diagnostics for Windows
Compaq Easy Access Buttons 3.00 B3
Compaq Remote Diagnostics Enabling Agent
Easy CD Creator 5 Basic
ewido anti-malware
Full Tilt ** Game for big ones **
HijackThis 1.99.1
HP Deskjet 6500
HP Software Update
InterVideo WinDVD
J2SE Runtime Environment 5.0 Update 6
LiveReg (Symantec Corporation)
LiveUpdate 1.90 (Symantec Corporation)
Macromedia Flash Player 8
Microsoft .NET Framework 1.1
Microsoft Internet Explorer 6 SP1
Microsoft Office XP Professional with FrontPage
Microsoft Visual J# .NET Redistributable Package 1.1
Microsoft Visual Studio .NET Professional 2003 - English
Microsoft XML Parser and SDK
MikesBikes-Advanced
Mozilla Firefox (1.5.0.4)
MSRedist
MySQL Server 5.0
Norton AntiSpam
Norton AntiSpam
Norton AntiVirus
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton WMI Update
Odyssey Client
Pacific ** Game for big ones **
Party** Game for big ones **
PHP 5.1.2
** Game for big ones **Stars
Royal Vegas ** Game for big ones **
SoundMAX
SportsInterAction ** Game for big ones **
SQLyog 5.13
Subversion 1.3.1-r19032
Symantec Script Blocking Installer
Synaptics TouchPad
TortoiseSVN
UBNet
UltimateBet
Viewpoint Media Player
Widcomm Bluetooth Software 1.2.2.4
Windows Installer 3.1 (KB893803)
Windows XP Hotfix - KB823559
Windows XP Hotfix - KB828741
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB835732
Windows XP Hotfix - KB842773
Windows XP Hotfix (SP1) [See Q329048 for more information]
Windows XP Hotfix (SP1) [See Q329390 for more information]
Windows XP Hotfix (SP1) [See Q329441 for more information]
Windows XP Hotfix (SP1) [See Q329834 for more information]
Windows XP Hotfix (SP1) Q329170
Windows XP Hotfix (SP1) Q810577
Windows XP Hotfix (SP1) Q810833
Windows XP Hotfix (SP1) Q817606
Windows XP Hotfix (SP2) [See Q329115 for more information]
Wireless-G Notebook Adapter with SpeedBooster
###################################################
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 1:37:45 AM, 6/10/2006
+ Report-Checksum: B1FC671C
+ Scan result:
HKLM\SOFTWARE\Classes\AlxTB.BHO -> Adware.Alexa : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\DailyToolbar.DLL -> Adware.DailyToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\DailyToolbar.IEBand -> Adware.DailyToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\DailyToolbar.SysMgr -> Adware.DailyToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\IEToolbar.AffiliateCtl -> Adware.DailyToolbar : Cleaned with backup
HKLM\SOFTWARE\DailyToolbar -> Adware.DailyToolbar : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Trafic : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Enhance : Cleaned with backup
:mozilla.121:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup
:mozilla.156:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.157:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.162:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.163:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.167:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.195:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.207:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.208:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.209:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.230:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.231:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.233:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.247:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.267:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.269:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.270:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.271:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.272:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.273:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.298:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.300:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.303:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.309:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.355:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.366:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.424:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.452:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.468:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.470:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.476:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.477:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.483:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.494:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.542:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.543:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.560:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.580:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.581:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.582:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.599:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.600:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.601:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.602:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.610:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.611:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.612:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.613:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.614:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.615:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.616:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.617:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.618:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.619:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.621:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.622:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.623:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.624:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.625:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.626:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.627:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.631:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.636:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.637:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.639:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.682:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.683:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.696:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup
:mozilla.703:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.706:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.722:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.723:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.732:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.747:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.748:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.751:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.796:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.797:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.798:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.809:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
:mozilla.810:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
:mozilla.828:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.843:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.844:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.845:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.847:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.848:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.849:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.850:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.879:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.903:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.930:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.931:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup
:mozilla.932:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.935:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Justin Davis\Cookies\justin davis@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Justin Davis\Cookies\justin davis@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned with backup
C:\Documents and Settings\Justin Davis\Cookies\justin davis@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Justin Davis\Cookies\justin davis@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Justin Davis\Cookies\justin davis@yadro[2].txt -> TrackingCookie.Yadro : Cleaned with backup
C:\WINDOWS\SportsInterAction ** Game for big ones ** setup.exe -> Adware.-- Look for another playground -- : Cleaned with backup
C:\WINDOWS\system32\adobepnl.dll -> Not-A-Virus.Hoax.Win32.Renos.dm : Cleaned with backup
C:\WINDOWS\system32\wpupzyfc.tuu -> Hijacker.Small.js : Cleaned with backup
::Report End
###################################################
Logfile of HijackThis v1.99.1
Scan saved at 1:37:11 AM, on 6/10/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\hijackthis\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.bgsu.edu
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: adobepnl.ADOBE_PANEL - {5E8FA924-DEF0-4E71-8A82-A11CA0C1413B} - C:\WINDOWS\System32\adobepnl.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\Compaq\EAB\EabServr.exe /Start
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\RunServices: [CPQDFWAG] C:\WINDOWS\Cpqdiag\CpqDfwAg.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: titanshield.lnk = C:\Program Files\TitanShield Antispyware\titanshield.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Monitor Apache Servers.lnk = C:\Apache2\Apache2\bin\ApacheMonitor.exe
O4 - Global Startup: Wireless-G Notebook Adapter with SpeedBooster Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\Startup.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\Party** Game for big ones **\RunApp.exe
O9 - Extra 'Tools' menuitem: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\Party** Game for big ones **\RunApp.exe
O9 - Extra button: Royal Vegas ** Game for big ones ** - {FA4904B4-1FAF-4afd-886C-C19D2297BA62} - C:\Program Files\royalvegasMPP\MP** Game for big ones **.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O23 - Service: Apache2 - Unknown owner - C:\Apache2\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Compaq Remote Diagnostics Enabling Agent (CpqDfwWebAgent) - Compaq Computer Corporation - C:\WINDOWS\Cpqdiag\Cpqdfwag.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NICSer_WPC54GS - Unknown owner - C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\NICServ.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
posted in order is:
*hijackthis uninstall list
*ewido anti-malare scan report
*hijackthis report
##############################################
Adobe Acrobat 5.0
AOL Uninstaller (Choose which Products to Remove)
Apache HTTP Server 2.0.55
ATI Display Driver
CC_ccProxyMSI
CC_ccStart
ccCommon
Compaq Diagnostics for Windows
Compaq Easy Access Buttons 3.00 B3
Compaq Remote Diagnostics Enabling Agent
Easy CD Creator 5 Basic
ewido anti-malware
Full Tilt ** Game for big ones **
HijackThis 1.99.1
HP Deskjet 6500
HP Software Update
InterVideo WinDVD
J2SE Runtime Environment 5.0 Update 6
LiveReg (Symantec Corporation)
LiveUpdate 1.90 (Symantec Corporation)
Macromedia Flash Player 8
Microsoft .NET Framework 1.1
Microsoft Internet Explorer 6 SP1
Microsoft Office XP Professional with FrontPage
Microsoft Visual J# .NET Redistributable Package 1.1
Microsoft Visual Studio .NET Professional 2003 - English
Microsoft XML Parser and SDK
MikesBikes-Advanced
Mozilla Firefox (1.5.0.4)
MSRedist
MySQL Server 5.0
Norton AntiSpam
Norton AntiSpam
Norton AntiVirus
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton WMI Update
Odyssey Client
Pacific ** Game for big ones **
Party** Game for big ones **
PHP 5.1.2
** Game for big ones **Stars
Royal Vegas ** Game for big ones **
SoundMAX
SportsInterAction ** Game for big ones **
SQLyog 5.13
Subversion 1.3.1-r19032
Symantec Script Blocking Installer
Synaptics TouchPad
TortoiseSVN
UBNet
UltimateBet
Viewpoint Media Player
Widcomm Bluetooth Software 1.2.2.4
Windows Installer 3.1 (KB893803)
Windows XP Hotfix - KB823559
Windows XP Hotfix - KB828741
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB835732
Windows XP Hotfix - KB842773
Windows XP Hotfix (SP1) [See Q329048 for more information]
Windows XP Hotfix (SP1) [See Q329390 for more information]
Windows XP Hotfix (SP1) [See Q329441 for more information]
Windows XP Hotfix (SP1) [See Q329834 for more information]
Windows XP Hotfix (SP1) Q329170
Windows XP Hotfix (SP1) Q810577
Windows XP Hotfix (SP1) Q810833
Windows XP Hotfix (SP1) Q817606
Windows XP Hotfix (SP2) [See Q329115 for more information]
Wireless-G Notebook Adapter with SpeedBooster
###################################################
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 1:37:45 AM, 6/10/2006
+ Report-Checksum: B1FC671C
+ Scan result:
HKLM\SOFTWARE\Classes\AlxTB.BHO -> Adware.Alexa : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\DailyToolbar.DLL -> Adware.DailyToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\DailyToolbar.IEBand -> Adware.DailyToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\DailyToolbar.SysMgr -> Adware.DailyToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\IEToolbar.AffiliateCtl -> Adware.DailyToolbar : Cleaned with backup
HKLM\SOFTWARE\DailyToolbar -> Adware.DailyToolbar : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Trafic : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Enhance : Cleaned with backup
:mozilla.121:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup
:mozilla.156:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.157:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.162:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.163:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.167:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.195:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.207:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.208:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.209:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.230:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.231:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.233:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.247:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.267:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.269:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.270:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.271:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.272:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.273:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.298:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.300:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.303:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.309:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.355:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.366:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.424:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.452:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.468:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.470:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.476:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.477:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.483:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.494:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.542:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.543:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.560:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.580:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.581:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.582:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.599:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.600:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.601:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.602:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.610:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.611:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.612:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.613:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.614:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.615:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.616:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.617:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.618:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.619:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.621:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.622:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.623:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.624:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.625:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.626:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.627:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.631:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.636:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.637:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.639:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.682:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.683:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.696:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup
:mozilla.703:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.706:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.722:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.723:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.732:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.747:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.748:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.751:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.796:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.797:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.798:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.809:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
:mozilla.810:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
:mozilla.828:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.843:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.844:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.845:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.847:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.848:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.849:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.850:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.879:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.903:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.930:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.931:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup
:mozilla.932:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.935:C:\Documents and Settings\Justin Davis\Application Data\Mozilla\Firefox\Profiles\n2cvmvb8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Justin Davis\Cookies\justin davis@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Justin Davis\Cookies\justin davis@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned with backup
C:\Documents and Settings\Justin Davis\Cookies\justin davis@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Justin Davis\Cookies\justin davis@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Justin Davis\Cookies\justin davis@yadro[2].txt -> TrackingCookie.Yadro : Cleaned with backup
C:\WINDOWS\SportsInterAction ** Game for big ones ** setup.exe -> Adware.-- Look for another playground -- : Cleaned with backup
C:\WINDOWS\system32\adobepnl.dll -> Not-A-Virus.Hoax.Win32.Renos.dm : Cleaned with backup
C:\WINDOWS\system32\wpupzyfc.tuu -> Hijacker.Small.js : Cleaned with backup
::Report End
###################################################
Logfile of HijackThis v1.99.1
Scan saved at 1:37:11 AM, on 6/10/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\hijackthis\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.bgsu.edu
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: adobepnl.ADOBE_PANEL - {5E8FA924-DEF0-4E71-8A82-A11CA0C1413B} - C:\WINDOWS\System32\adobepnl.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\Compaq\EAB\EabServr.exe /Start
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\RunServices: [CPQDFWAG] C:\WINDOWS\Cpqdiag\CpqDfwAg.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: titanshield.lnk = C:\Program Files\TitanShield Antispyware\titanshield.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Monitor Apache Servers.lnk = C:\Apache2\Apache2\bin\ApacheMonitor.exe
O4 - Global Startup: Wireless-G Notebook Adapter with SpeedBooster Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\Startup.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\Party** Game for big ones **\RunApp.exe
O9 - Extra 'Tools' menuitem: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\Party** Game for big ones **\RunApp.exe
O9 - Extra button: Royal Vegas ** Game for big ones ** - {FA4904B4-1FAF-4afd-886C-C19D2297BA62} - C:\Program Files\royalvegasMPP\MP** Game for big ones **.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O23 - Service: Apache2 - Unknown owner - C:\Apache2\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Compaq Remote Diagnostics Enabling Agent (CpqDfwWebAgent) - Compaq Computer Corporation - C:\WINDOWS\Cpqdiag\Cpqdfwag.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NICSer_WPC54GS - Unknown owner - C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\NICServ.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
#5
Bobbi Flekman
-
- Charter Members
-
- 5,990 posts
The computer whisperer
Posted 11 June 2006 - 10:01 AM
Hi jusdavi,
A few things have been taken care of by Ewido, but I want to run the full fix anyway. Something might have been left behind.
Please download SmitfraudFix (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.
Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.
Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlog...processutil.htm
QUOTE
Ok, I know i need to download patches for IE and WINDOWS.
The problem is that in this unprotected state a lot of exploits are open to be taken advantage of...A few things have been taken care of by Ewido, but I want to run the full fix anyway. Something might have been left behind.
Please download SmitfraudFix (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.
Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.
Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlog...processutil.htm
#6
jusdavi
-
- Member
-
- 7 posts
New Member
Posted 11 June 2006 - 03:46 PM
i think that alexia dll is bad from what i remember, let me know how to get rid of w/e files i need to
thanks alot,
jd
SmitFraudFix v2.58
Scan done at 2:12:44.74, Sun 06/11/2006
Run from C:\Documents and Settings\Justin Davis\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in normal mode
???????????????????????? C:\
???????????????????????? C:\WINDOWS
C:\WINDOWS\alexaie.dll FOUND !
C:\WINDOWS\alxie328.dll FOUND !
C:\WINDOWS\alxtb1.dll FOUND !
C:\WINDOWS\bg.gif FOUND !
C:\WINDOWS\BTGrab.dll FOUND !
C:\WINDOWS\close-bar.gif FOUND !
C:\WINDOWS\dlmax.dll FOUND !
C:\WINDOWS\infected.gif FOUND !
C:\WINDOWS\Pynix.dll FOUND !
C:\WINDOWS\star.gif FOUND !
C:\WINDOWS\warning-bar-ico.gif FOUND !
C:\WINDOWS\ZServ.dll FOUND !
???????????????????????? C:\WINDOWS\system
???????????????????????? C:\WINDOWS\Web
???????????????????????? C:\WINDOWS\system32
C:\WINDOWS\system32\dailytoolbar.dll FOUND !
C:\WINDOWS\system32\jao.dll FOUND !
C:\WINDOWS\system32\questmod.dll FOUND !
C:\WINDOWS\system32\udpmod.dll FOUND !
???????????????????????? C:\Documents and Settings\Justin Davis\Application Data
C:\Documents and Settings\Justin Davis\Local Settings\Application Data\TitanShield FOUND !
???????????????????????? Start Menu
????????????????????????
???????????????????????? Desktop
???????????????????????? C:\Program Files
???????????????????????? Corrupted keys
???????????????????????? Desktop Components
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
???????????????????????? Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
???????????????????????? Scanning wininet.dll infection
???????????????????????? End
thanks alot,
jd
SmitFraudFix v2.58
Scan done at 2:12:44.74, Sun 06/11/2006
Run from C:\Documents and Settings\Justin Davis\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in normal mode
???????????????????????? C:\
???????????????????????? C:\WINDOWS
C:\WINDOWS\alexaie.dll FOUND !
C:\WINDOWS\alxie328.dll FOUND !
C:\WINDOWS\alxtb1.dll FOUND !
C:\WINDOWS\bg.gif FOUND !
C:\WINDOWS\BTGrab.dll FOUND !
C:\WINDOWS\close-bar.gif FOUND !
C:\WINDOWS\dlmax.dll FOUND !
C:\WINDOWS\infected.gif FOUND !
C:\WINDOWS\Pynix.dll FOUND !
C:\WINDOWS\star.gif FOUND !
C:\WINDOWS\warning-bar-ico.gif FOUND !
C:\WINDOWS\ZServ.dll FOUND !
???????????????????????? C:\WINDOWS\system
???????????????????????? C:\WINDOWS\Web
???????????????????????? C:\WINDOWS\system32
C:\WINDOWS\system32\dailytoolbar.dll FOUND !
C:\WINDOWS\system32\jao.dll FOUND !
C:\WINDOWS\system32\questmod.dll FOUND !
C:\WINDOWS\system32\udpmod.dll FOUND !
???????????????????????? C:\Documents and Settings\Justin Davis\Application Data
C:\Documents and Settings\Justin Davis\Local Settings\Application Data\TitanShield FOUND !
???????????????????????? Start Menu
????????????????????????
???????????????????????? Desktop
???????????????????????? C:\Program Files
???????????????????????? Corrupted keys
???????????????????????? Desktop Components
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
???????????????????????? Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
???????????????????????? Scanning wininet.dll infection
???????????????????????? End
#7
Bobbi Flekman
-
- Charter Members
-
- 5,990 posts
The computer whisperer
Posted 12 June 2006 - 09:34 AM
Hi jusdavi,
You should print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.
Next, please reboot your computer in Safe Mode by doing the following :
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.
You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.
The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".
The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows.
A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply.
The report can also be found at the root of the system drive, usually at C:\rapport.txt
Warning : running option #2 on a non infected computer will remove your Desktop background.
Also post a new log frm HijackThis.
QUOTE
i think that alexia dll is bad from what i remember, let me know how to get rid of w/e files i need to
Yep... it's bad, but Smitfraudfix will take care of it.You should print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.
Next, please reboot your computer in Safe Mode by doing the following :
- Restart your computer
- After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
- Instead of Windows loading as normal, a menu with options should appear;
- Select the first option, to run Windows in Safe Mode, then press "Enter".
- Choose your usual account.
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.
You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.
The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".
The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows.
A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply.
The report can also be found at the root of the system drive, usually at C:\rapport.txt
Warning : running option #2 on a non infected computer will remove your Desktop background.
Also post a new log frm HijackThis.
#8
jusdavi
-
- Member
-
- 7 posts
New Member
Posted 13 June 2006 - 07:04 AM
alright, hopefully we got everything, it would be great if i know for sure i got everything so i can download ie and windows updates and get back on track! let me know and thanks again
hijackfile below
##################################################
Logfile of HijackThis v1.99.1
Scan saved at 4:21:17 PM, on 6/12/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\WINDOWS\explorer.exe
C:\Program Files\hijackthis\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\Compaq\EAB\EabServr.exe /Start
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\RunServices: [CPQDFWAG] C:\WINDOWS\Cpqdiag\CpqDfwAg.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: titanshield.lnk = C:\Program Files\TitanShield Antispyware\titanshield.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Monitor Apache Servers.lnk = C:\Apache2\Apache2\bin\ApacheMonitor.exe
O4 - Global Startup: Wireless-G Notebook Adapter with SpeedBooster Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\Startup.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\Party** Game for big ones **\RunApp.exe
O9 - Extra 'Tools' menuitem: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\Party** Game for big ones **\RunApp.exe
O9 - Extra button: Royal Vegas ** Game for big ones ** - {FA4904B4-1FAF-4afd-886C-C19D2297BA62} - C:\Program Files\royalvegasMPP\MP** Game for big ones **.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O23 - Service: Apache2 - Unknown owner - C:\Apache2\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Compaq Remote Diagnostics Enabling Agent (CpqDfwWebAgent) - Compaq Computer Corporation - C:\WINDOWS\Cpqdiag\Cpqdfwag.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NICSer_WPC54GS - Unknown owner - C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\NICServ.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
hijackfile below
##################################################
Logfile of HijackThis v1.99.1
Scan saved at 4:21:17 PM, on 6/12/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\WINDOWS\explorer.exe
C:\Program Files\hijackthis\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\Compaq\EAB\EabServr.exe /Start
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\RunServices: [CPQDFWAG] C:\WINDOWS\Cpqdiag\CpqDfwAg.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: titanshield.lnk = C:\Program Files\TitanShield Antispyware\titanshield.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Monitor Apache Servers.lnk = C:\Apache2\Apache2\bin\ApacheMonitor.exe
O4 - Global Startup: Wireless-G Notebook Adapter with SpeedBooster Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\Startup.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\Party** Game for big ones **\RunApp.exe
O9 - Extra 'Tools' menuitem: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\Party** Game for big ones **\RunApp.exe
O9 - Extra button: Royal Vegas ** Game for big ones ** - {FA4904B4-1FAF-4afd-886C-C19D2297BA62} - C:\Program Files\royalvegasMPP\MP** Game for big ones **.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O23 - Service: Apache2 - Unknown owner - C:\Apache2\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Compaq Remote Diagnostics Enabling Agent (CpqDfwWebAgent) - Compaq Computer Corporation - C:\WINDOWS\Cpqdiag\Cpqdfwag.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NICSer_WPC54GS - Unknown owner - C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\NICServ.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
#9
Bobbi Flekman
-
- Charter Members
-
- 5,990 posts
The computer whisperer
Posted 13 June 2006 - 10:22 AM
Hi jusdavi,
you forgot to post the log from SmitfraudFix.
You're running from Safe Mode, please post a log from Normal Mode. Safe Mode doesn't load everything, and what I can't see, I can't fix.
Run HijackThis, click on "Scan" and check the boxes next to all these items.
O4 - Startup: titanshield.lnk = C:\Program Files\TitanShield Antispyware\titanshield.exe
Then close all windows, and browsers, except HijackThis. Tell HijackThis to "Fix checked".
Restart your computer in Safe Mode. How do I Safe Boot my computer?
Show hidden files. How do I show hidden files?
At the end if the fix you can return the files to hidden status if you want.
Delete the following folders in red (it could be that they are deleted already):
C:\Program Files\TitanShield Antispyware
Restart your computer and post a new log in this thread.
you forgot to post the log from SmitfraudFix.
You're running from Safe Mode, please post a log from Normal Mode. Safe Mode doesn't load everything, and what I can't see, I can't fix.
Run HijackThis, click on "Scan" and check the boxes next to all these items.
O4 - Startup: titanshield.lnk = C:\Program Files\TitanShield Antispyware\titanshield.exe
Then close all windows, and browsers, except HijackThis. Tell HijackThis to "Fix checked".
Restart your computer in Safe Mode. How do I Safe Boot my computer?
Show hidden files. How do I show hidden files?
At the end if the fix you can return the files to hidden status if you want.
Delete the following folders in red (it could be that they are deleted already):
C:\Program Files\TitanShield Antispyware
Restart your computer and post a new log in this thread.
#10
jusdavi
-
- Member
-
- 7 posts
New Member
Posted 16 June 2006 - 07:48 PM
SORRY IT TOOK SO LONG, HERE IS MY HIJACK FILE NOT IN SAFE MODE. please check it out and let me know if we got everything! thanks alot
hijackthis file
#############################################
Logfile of HijackThis v1.99.1
Scan saved at 3:48:15 PM, on 6/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Apache2\Apache2\bin\Apache.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Cpqdiag\Cpqdfwag.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\NICServ.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Apache2\Apache2\bin\Apache.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Compaq\EAB\EabServr.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Widcomm\Bluetooth Software\BTTray.exe
C:\Apache2\Apache2\bin\ApacheMonitor.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\OdHost.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\WPC54Cfg.exe
C:\Program Files\Widcomm\Bluetooth Software\BTStackServer.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Documents and Settings\Justin Davis\Desktop\putty.exe
C:\Program Files\SQLyog\SQLyog.exe
C:\Program Files\Common Files\AOL\1136953971\ee\aolsoftware.exe
c:\program files\common files\aol\1136953971\ee\aim6.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bgsu.edu/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\Compaq\EAB\EabServr.exe /Start
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\RunServices: [CPQDFWAG] C:\WINDOWS\Cpqdiag\CpqDfwAg.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Monitor Apache Servers.lnk = C:\Apache2\Apache2\bin\ApacheMonitor.exe
O4 - Global Startup: Wireless-G Notebook Adapter with SpeedBooster Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\Startup.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\Party** Game for big ones **\RunApp.exe
O9 - Extra 'Tools' menuitem: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\Party** Game for big ones **\RunApp.exe
O9 - Extra button: Royal Vegas ** Game for big ones ** - {FA4904B4-1FAF-4afd-886C-C19D2297BA62} - C:\Program Files\royalvegasMPP\MP** Game for big ones **.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Apache2 - Unknown owner - C:\Apache2\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Compaq Remote Diagnostics Enabling Agent (CpqDfwWebAgent) - Compaq Computer Corporation - C:\WINDOWS\Cpqdiag\Cpqdfwag.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NICSer_WPC54GS - Unknown owner - C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\NICServ.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
hijackthis file
#############################################
Logfile of HijackThis v1.99.1
Scan saved at 3:48:15 PM, on 6/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Apache2\Apache2\bin\Apache.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Cpqdiag\Cpqdfwag.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\NICServ.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Apache2\Apache2\bin\Apache.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Compaq\EAB\EabServr.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Widcomm\Bluetooth Software\BTTray.exe
C:\Apache2\Apache2\bin\ApacheMonitor.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\OdHost.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\WPC54Cfg.exe
C:\Program Files\Widcomm\Bluetooth Software\BTStackServer.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Documents and Settings\Justin Davis\Desktop\putty.exe
C:\Program Files\SQLyog\SQLyog.exe
C:\Program Files\Common Files\AOL\1136953971\ee\aolsoftware.exe
c:\program files\common files\aol\1136953971\ee\aim6.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bgsu.edu/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\Compaq\EAB\EabServr.exe /Start
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\RunServices: [CPQDFWAG] C:\WINDOWS\Cpqdiag\CpqDfwAg.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Monitor Apache Servers.lnk = C:\Apache2\Apache2\bin\ApacheMonitor.exe
O4 - Global Startup: Wireless-G Notebook Adapter with SpeedBooster Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\Startup.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\Party** Game for big ones **\RunApp.exe
O9 - Extra 'Tools' menuitem: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\Party** Game for big ones **\RunApp.exe
O9 - Extra button: Royal Vegas ** Game for big ones ** - {FA4904B4-1FAF-4afd-886C-C19D2297BA62} - C:\Program Files\royalvegasMPP\MP** Game for big ones **.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Apache2 - Unknown owner - C:\Apache2\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Compaq Remote Diagnostics Enabling Agent (CpqDfwWebAgent) - Compaq Computer Corporation - C:\WINDOWS\Cpqdiag\Cpqdfwag.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NICSer_WPC54GS - Unknown owner - C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\NICServ.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
#11
Bobbi Flekman
-
- Charter Members
-
- 5,990 posts
The computer whisperer
Posted 17 June 2006 - 09:50 AM
Hi jusdavi,
This log looks clean!
This is a good time to set up protection against further attacks. Read the article behind this link "How did I get infected". If you don't already have them, you need an antivirus that is updated, a good firewall for example Kerio Personal Firewall or ZoneLabs Zone Alarm, a spyware blocker like SpywareBlaster and also IE-Spyads and spyware detection (Ad-aware SE and SpyBot S+D). All of these have good free versions available... be very cautious about any security software that advertises in popups or other intrusive ways, they are not only usually useless, but also often have malware in them....
Instead of Internet Explorer, use a different browser like Opera, Mozilla or Firefox.
Last, but not least, you need to keep Windows and Internet Explorer up to date by getting all the latest security patches that protects your computer.
This can be accessed by going to http://windowsupdate.microsoft.com/ and following the prompts. If you are running Windows XP get updated to SP-2
Please post back if you are still having any problems....
This log looks clean!
This is a good time to set up protection against further attacks. Read the article behind this link "How did I get infected". If you don't already have them, you need an antivirus that is updated, a good firewall for example Kerio Personal Firewall or ZoneLabs Zone Alarm, a spyware blocker like SpywareBlaster and also IE-Spyads and spyware detection (Ad-aware SE and SpyBot S+D). All of these have good free versions available... be very cautious about any security software that advertises in popups or other intrusive ways, they are not only usually useless, but also often have malware in them....
Instead of Internet Explorer, use a different browser like Opera, Mozilla or Firefox.
Last, but not least, you need to keep Windows and Internet Explorer up to date by getting all the latest security patches that protects your computer.
This can be accessed by going to http://windowsupdate.microsoft.com/ and following the prompts. If you are running Windows XP get updated to SP-2
Please post back if you are still having any problems....
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
