Please download the trial version of Ewido Security Suite here:
http://www.ewido.net/en/download/ When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu."
Launch ewido, there should be a big "E" icon on your desktop, double-click it.
The program will prompt you to update; click the "OK" button
The program will now go to the main screen
Update ewido:
You will need to update ewido to the latest definition files.
On the left hand side of the main screen click update
Click on Start
The update will start and a progress bar will show the updates being installed. After the updates are installed, exit ewido.
Do NOT run a scan yet.
Please download Nailfix from here:
http://www.noidea.us/easyfile/file.php?download=20050515010747824 Unzip it to the desktop but please do NOT run it yet.
Reboot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (
and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work.
Once in Safe Mode, please double-click on
Nailfix.cmd. Your desktop and icons will disappear and reappear, and a window should open and close very quickly --- this is normal.
When running an Ewido scan no windows or programs should be open!. Do not use the Computer while the Ewido scan is running!
Scan with ewido:
Click on scanner
Click on Settings
Under "How to scan" all boxes should be selected
Under "Possibly unwanted software" all boxes should be selected
Under "What to scan" select scan every file
Click OK
Click on Complete system scan
Let the program scan the machine
If ewido finds anything, it will pop up a notification. NOTE: We have been finding some cases of false positives with the new version of Ewido, so you need to step through the fixes one-by-one. If Ewido finds something that you KNOW is legitimate (for example, parts of AVG Antivirus, AOL, pcAnywhere and the game "Risk" have been flagged. In particular, watch for alerts that have the word "Heuristic" in them - if you recognize the file name as "friendly," these may actually be false positives) select "none" as the action. DO NOT check "Perform action with all infections." If you are unsure of an entry, select "none" for the time being. The Helper assisting you will see it in the log that you will post later and they will let you know if ewido needs to be run again.
Save and Post Your Report:
Once the scan has completed, there will be a button located on the bottom of the screen named Save report.
Click Save report
Save the report to your desktop
Exit ewido
Run
HiJackThis and click "
Scan", then check(tick) the following, if present:
Note that some of these file(s) may or may not be present. If present, and cannot be deleted because they're '
in use', try deleting them from "
Safe Mode".
-
Browse to your C:\Windows\Prefetch folder. Delete
all the files in the Prefetch folder, but do not delete the Prefetch folder itself. Empty your Recycle Bin. Run CCleaner
Restart your computer post a new hijackthis log and the Ewido log.
Thank you very much ALgal for your help. Here is my current HijackThis Log:
Logfile of HijackThis v1.99.1 Scan saved at 6:56:26 PM, on 7/26/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
As of now I am still having the same problems I was having before...I am sure I need to delete some of the AdWare and SpyWare listed above. Any assisstance would be appreciated.
ALgal
1.2K Posts
0
July 26th, 2005 13:00
Hello and Welcome Fitzcracker,
Please download the trial version of Ewido Security Suite here:
http://www.ewido.net/en/download/
When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu."
Launch ewido, there should be a big "E" icon on your desktop, double-click it.
The program will prompt you to update; click the "OK" button
The program will now go to the main screen
Update ewido:
You will need to update ewido to the latest definition files.
On the left hand side of the main screen click update
Click on Start
The update will start and a progress bar will show the updates being installed. After the updates are installed, exit ewido.
Do NOT run a scan yet.
Please download Nailfix from here:
http://www.noidea.us/easyfile/file.php?download=20050515010747824
Unzip it to the desktop but please do NOT run it yet.
Reboot into Safe Mode by hitting the F8 key repeatedly until a menu shows up ( and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work.
Once in Safe Mode, please double-click on Nailfix.cmd. Your desktop and icons will disappear and reappear, and a window should open and close very quickly --- this is normal.
When running an Ewido scan no windows or programs should be open!. Do not use the Computer while the Ewido scan is running!
Scan with ewido:
Click on scanner
Click on Settings
Under "How to scan" all boxes should be selected
Under "Possibly unwanted software" all boxes should be selected
Under "What to scan" select scan every file
Click OK
Click on Complete system scan
Let the program scan the machine
If ewido finds anything, it will pop up a notification. NOTE: We have been finding some cases of false positives with the new version of Ewido, so you need to step through the fixes one-by-one. If Ewido finds something that you KNOW is legitimate (for example, parts of AVG Antivirus, AOL, pcAnywhere and the game "Risk" have been flagged. In particular, watch for alerts that have the word "Heuristic" in them - if you recognize the file name as "friendly," these may actually be false positives) select "none" as the action. DO NOT check "Perform action with all infections." If you are unsure of an entry, select "none" for the time being. The Helper assisting you will see it in the log that you will post later and they will let you know if ewido needs to be run again.
Save and Post Your Report:
Once the scan has completed, there will be a button located on the bottom of the screen named Save report.
Click Save report
Save the report to your desktop
Exit ewido
Run HiJackThis and click " Scan", then check(tick) the following, if present:
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SearchToolbarBHOObject - {12EE7A5E-0674-42f9-A76A-000000004D00} - C:\WINDOWS\System32\stlb2.dll
O3 - Toolbar: Search - {12EE7A5E-0674-42f9-A76B-000000004D00} - C:\WINDOWS\System32\stlb2.dll
O4 - HKLM\..\Run: [stcinstaller] c:\installer\id53.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [Windows AdStatus] C:\Program Files\Windows AdStatus\WinStat.exe
O4 - HKLM\..\Run: [exp.exe] C:\WINDOWS\System32\exp.exe
O4 - HKLM\..\Run: [AUNPS2] RUNDLL32 AUNPS2.DLL,_Run@16
O4 - HKLM\..\Run: [mscin] C:\WINDOWS\system32\m190309.EXE
O4 - HKLM\..\Run: [WinTask driver] C:\WINDOWS\System32\wintask.exe
O4 - HKLM\..\Run: [Uninstall_WinTools] C:\WINDOWS\Temp\WTuninst.exe /remove
O4 - HKLM\..\Run: [{12EE7A5E-0674-42f9-A76B-000000004D00}] rundll32.exe stlb2.dll,DllRunMain
O4 - HKLM\..\Run: [A70F6A1D-0195-42a2-934C-D8AC0F7C08EB] rundll32.exe E6F1873B.DLL,D9EBC318C
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun
O4 - HKLM\..\Run: [Dinst] C:\WINDOWS\dinst.exe
O4 - HKLM\..\Run: [tzaxfuv] c:\windows\system32\ivnuum.exe r
O4 - HKCU\..\Run: [CasStub] C:\Program Files\CasStub\casstub.exe -run
O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra button: (no name) - {91663649-416A-42A5-8E54-B63C1ECA0548} - C:\Program Files\Surfapps.com\PopThis! Free Version\PopThis.dll
O9 - Extra 'Tools' menuitem: PopThis! Options... - {91663649-416A-42A5-8E54-B63C1ECA0548} - C:\Program Files\Surfapps.com\PopThis! Free Version\PopThis.dll
O16 - DPF: {10000000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://www.free32.com/POP.CHM::/sp.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/046ec4e348860c...ip/RdxIE601.cab
O16 - DPF: {9076A11F-5EA6-4A67-BDE9-8D3C7C453DAC} - http://www.fizzlewizzle.com/installfiles/powertools.cab
O16 - DPF: {92F02779-6D88-4958-8AD3-83C12A16ADC7} - file://C:\WINDOWS\SYSTEM32\SearchBar\zpprf1sh.exe
O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297B} - http://downloads.aaa1screensavers.com/down...eload-mamma.exe
O23 - Service: ISEXEng - Unknown owner - C:\WINDOWS\System32\angelex.exe (file missing)
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
Now, with all windows closed except HiJackThis, click " Fix checked".
$fix
Locate and delete the following item(s), if present. Make sure your able to view system and hidden files/ folders:
C:\Program Files\Viewpoint\
C:\Program Files\Surfapps.com\
C:\Program Files\Windows AdStatus\
C:\Program Files\CasStub\
C:\WINDOWS\SYSTEM32\SearchBar\
files...
C:\WINDOWS\System32\wintask.exe
c:\windows\system32\ivnuum.exe
C:\WINDOWS\Nail.exe
C:\WINDOWS\System32\stlb2.dll
C:\documents and settings\shawn fitzgerald\local settings\temp\zMRDrErm.exe
c:\installer\id53.exe
C:\WINDOWS\System32\exp.exe
C:\WINDOWS\system32\m190309.EXE
C:\WINDOWS\Temp\WTuninst.exe
C:\WINDOWS\cfgmgr52.dll
C:\WINDOWS\dinst.exe
C:\WINDOWS\System32\ms.exe
C:\WINDOWS\system32\KDDLA.DLL
C:\WINDOWS\svchost.exe
C:\WINDOWS\System32\angelex.exe
C:\WINDOWS\svcproc.exe
E6F1873B.DLL
...using " Start | Search...".
Browse to your C:\Windows\Prefetch folder. Delete all the files in the Prefetch folder, but do not delete the Prefetch folder itself. Empty your Recycle Bin. Run CCleaner
Restart your computer post a new hijackthis log and the Ewido log.
fitzcracker
10 Posts
0
July 26th, 2005 22:00
Thank you very much ALgal for your help. Here is my current HijackThis Log:
Logfile of HijackThis v1.99.1
Scan saved at 6:56:26 PM, on 7/26/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\LXSUPMON.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Media Access\MediaAccK.exe
C:\Program Files\Media Access\MediaAccess.exe
c:\windows\system32\hboymh.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cidaemon.exe
C:\unzipped\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com
O2 - BHO: CExtension Object - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\cfgmgr52.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: AuroraHandlerObj Class - {4AA870AC-8427-42a4-B92E-ECD956197489} - C:\WINDOWS\AuroraHandler.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {5AA06644-BC46-4220-A460-47A6EB47C96D} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: Search - {12EE7A5E-0674-42f9-A76B-000000004D00} - C:\WINDOWS\System32\stlb2.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [owexsjb] c:\windows\system32\hboymh.exe r
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: ActiveGS.cab - http://www.virtualapple.com/activegs.cab
O16 - DPF: {33288993-5664-11D4-8B5B-00D0B73B3518} (ell Class) - http://www.easports.com/downloads/games/common/ieell.cab
O16 - DPF: {4208FB4D-4E53-4F5A-BF7A-3E047DDB5281} (ActiveX Control) - http://www.icannnews.com/app/ST/ActiveX.ocx
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} (SwapIt Control) - http://www.worldwinner.com/games/v61/swapit/swapit.cab
O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - http://www.stopzilla.com/_download/Auto_Installer/dwnldr.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O20 - Winlogon Notify: App Management - C:\WINDOWS\system32\DJCPMON.DLL
O21 - SSODL: SEP - {EE65CE66-8E2E-ADFE-10DB-5ECAA1049D5A} - C:\Program Files\SEP\Uninst.dll (file missing)
O23 - Service: .NET Framework Service (.NET Connection Service) - Unknown owner - C:\WINDOWS\svchost.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
fitzcracker
10 Posts
0
July 26th, 2005 22:00
C:\Documents and Settings\Shawn Fitzgerald\Cookies\shawn fitzgerald@adopt.specificclick[2].txt -> Spyware.Cookie.Specificclick : Ignored
C:\Documents and Settings\Shawn Fitzgerald\Cookies\shawn fitzgerald@edge.ru4[1].txt -> Spyware.Cookie.Ru4 : Ignored
C:\Documents and Settings\Shawn Fitzgerald\Cookies\shawn fitzgerald@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Ignored
C:\Documents and Settings\Shawn Fitzgerald\Local Settings\Temp\b.com -> TrojanDropper.Agent.pb : Ignored
C:\Documents and Settings\Shawn Fitzgerald\Local Settings\Temp\cfg8.tmpcfgmgr52\bbi2.exe -> TrojanDownloader.Adload.a : Ignored
C:\Documents and Settings\Shawn Fitzgerald\Local Settings\Temporary Internet Files\Content.IE5\OPMB8T27\AppWrap[1].exe -> TrojanDropper.Agent.pb : Ignored
C:\Documents and Settings\Shawn Fitzgerald\Local Settings\Temporary Internet Files\Content.IE5\PYJUZU10\AppWrap[1].exe -> TrojanDropper.Agent.pb : Ignored
C:\Documents and Settings\Shawn Fitzgerald\Local Settings\Temporary Internet Files\Content.IE5\PYJUZU10\AppWrap[2].exe -> TrojanDropper.Agent.pb : Ignored
C:\I386\pcsvcAccess.ocx -> Spyware.Delfin : Ignored
C:\I386\SearchBar.htm -> Spyware.TwainTech : Ignored
C:\I386\Searchx.htm -> Spyware.TwainTech : Ignored
C:\Program Files\Media Access\MediaAccC.dll -> Spyware.WinAD : Ignored
C:\Program Files\Media Access\MediaAccess.exe -> Spyware.WinAD : Ignored
C:\Program Files\Media Access\MediaAccK.exe -> Spyware.WinAD : Ignored
C:\Program Files\Mozilla Firefox\plugins\npzango.dll -> Spyware.WinAD : Ignored
C:\Program Files\mozilla.org\Mozilla\plugins\npzango.dll -> Spyware.WinAD : Ignored
C:\Program Files\WinAce\winace.exe -> Heuristic.Win32.AVKiller : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP411\A0039404.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP411\A0039405.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP411\A0039407.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP411\A0039408.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP411\A0039410.exe -> Spyware.Wintol : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP411\A0039411.dll -> Spyware.Wintools : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP411\A0039417.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP411\A0039419.dll -> Spyware.Look2Me : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP411\A0039426.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP411\A0039430.dll -> Spyware.Look2Me : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP411\A0039433.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP411\A0040430.dll -> Spyware.Look2Me : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP411\A0040433.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP411\A0040440.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP411\A0040442.exe -> TrojanDropper.Agent.hl : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP411\A0040447.exe -> Spyware.PurityScan : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040452.exe -> TrojanDownloader.Adload.a : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040455.exe -> TrojanDropper.Agent.hl : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040461.dll -> Spyware.Look2Me : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040462.exe -> Spyware.PurityScan : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040463.exe -> Spyware.PurityScan : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040466.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040471.dll -> Spyware.Look2Me : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040472.exe -> Spyware.PurityScan : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040473.exe -> Spyware.PurityScan : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040475.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040476.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040484.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040506.dll -> TrojanDownloader.Braidupdate.d : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040507.exe -> TrojanDownloader.Small.abd : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040508.exe -> Spyware.BookedSpace : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040509.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040510.exe -> TrojanDownloader.Intexp.c : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040812.dll -> Spyware.WildTangent : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040825.dll -> Spyware.WildTangent : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040835.dll -> Spyware.WildTangent : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0040849.dll -> Spyware.WildTangent : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP412\A0041063.dll -> Spyware.BookedSpace : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP413\A0041067.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP413\A0041069.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP413\A0041076.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP413\A0041082.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP413\A0041086.exe -> Spyware.PurityScan : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP413\A0042092.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP413\A0042099.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP413\A0042115.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP413\A0042119.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP413\A0042129.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP413\A0042132.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP413\A0042133.exe -> Adware.BetterInternet : Ignored
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP413\A0042134.dll -> Adware.BetterInternet : Ignored
C:\WINDOWS\AuroraHandler.dll -> Adware.BetterInternet : Ignored
C:\WINDOWS\cfgmgr52\EECH1.bsx -> Spyware.BookedSpace : Ignored
C:\WINDOWS\cfgmgr52.dll -> Spyware.BookedSpace : Ignored
C:\WINDOWS\icont.exe -> Spyware.AdURL : Ignored
C:\WINDOWS\ru.exe -> Spyware.PurityScan : Ignored
C:\WINDOWS\sqrscji.exe -> Adware.BetterInternet : Ignored
C:\WINDOWS\SYSTEM\UpdInst.exe -> Spyware.Look2Me : Ignored
C:\WINDOWS\SYSTEM32\AUNPS2.dll -> Spyware.Hijacker.Generic : Ignored
C:\WINDOWS\SYSTEM32\eetu.exe -> Spyware.PurityScan : Ignored
C:\WINDOWS\SYSTEM32\guard.tmp -> Spyware.Look2Me : Ignored
C:\WINDOWS\SYSTEM32\in10b6.dll -> Adware.eZula : Ignored
C:\WINDOWS\SYSTEM32\in10b6s.dll -> Adware.eZula : Ignored
C:\WINDOWS\SYSTEM32\instsrv.exe -> Spyware.BargainBuddy : Ignored
C:\WINDOWS\SYSTEM32\kcd101a.dll -> Spyware.Look2Me : Ignored
C:\WINDOWS\SYSTEM32\KDDLA.DLL -> Spyware.Look2Me : Ignored
C:\WINDOWS\SYSTEM32\lwcalui.dll -> Spyware.Look2Me : Ignored
C:\WINDOWS\SYSTEM32\mamma-ss.exe -> TrojanDownloader.Vivia.p : Ignored
C:\WINDOWS\SYSTEM32\mov1_0.dll -> Spyware.Look2Me : Ignored
C:\WINDOWS\SYSTEM32\pcs\pcsvcAccess.ocx -> Spyware.Delfin : Ignored
C:\WINDOWS\SYSTEM32\rejmjzs.exe -> Adware.BetterInternet : Ignored
C:\WINDOWS\SYSTEM32\Searchx.htm -> Spyware.TwainTech : Ignored
C:\WINDOWS\SYSTEM32\SHAgentNew.dll -> Spyware.BargainBuddy : Ignored
C:\WINDOWS\SYSTEM32\stlb2.dll -> TrojanDownloader.Braidupdate.d : Ignored
C:\WINDOWS\SYSTEM32\wintask.exe -> TrojanDownloader.Small.abd : Ignored
C:\WINDOWS\Temp\b.com -> TrojanDropper.Agent.pb : Ignored
C:\WINDOWS\wkblmldpj.exe -> Adware.BetterInternet : Ignored
C:\WINDOWS\xtoklhsf.exe -> Spyware.BookedSpace : Ignored
Report End
As of now I am still having the same problems I was having before...I am sure I need to delete some of the AdWare and SpyWare listed above. Any assisstance would be appreciated.
fitzcracker
10 Posts
0
July 26th, 2005 22:00
Here is my Ewido scan report, I chose to ignore everything found, just tell me what I can delete or cant delete:
+ Created on: 6:15:43 PM, 7/26/2005
+ Report-Checksum: 3C71323B
+ Scan result:
HKLM\SOFTWARE\Classes\AppID\BookedSpace.DLL -> Spyware.BookedSpace : Ignored
HKLM\SOFTWARE\Classes\AppID\SearchHelp.DLL -> Spyware.MidAddle : Ignored
HKLM\SOFTWARE\Classes\AppID\{0DC5CD7C-F653-4417-AA43-D457BE3A9622} -> Spyware.BookedSpace : Ignored
HKLM\SOFTWARE\Classes\BookedSpace.Extension -> Spyware.BookedSpace : Ignored
HKLM\SOFTWARE\Classes\BookedSpace.Extension\CLSID -> Spyware.BookedSpace : Ignored
HKLM\SOFTWARE\Classes\BookedSpace.Extension\CurVer -> Spyware.BookedSpace : Ignored
HKLM\SOFTWARE\Classes\BridgeX.Installer -> Spyware.BlazeFind : Ignored
HKLM\SOFTWARE\Classes\BridgeX.Installer\CLSID -> Spyware.BlazeFind : Ignored
HKLM\SOFTWARE\Classes\CLSID\{0019C3E2-DD48-4A6D-ABCD-8D32436323D9} -> Spyware.BookedSpace : Ignored
HKLM\SOFTWARE\Classes\CLSID\{12EE7A5E-0674-42f9-A76A-000000004D00} -> Spyware.BrowserAid : Ignored
HKLM\SOFTWARE\Classes\CLSID\{12EE7A5E-0674-42f9-A76B-000000004D00} -> Spyware.BrowserAid : Ignored
HKLM\SOFTWARE\Classes\CLSID\{15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -> Spyware.WinFavorites : Ignored
HKLM\SOFTWARE\Classes\CLSID\{2342DB04-08CE-4CF6-976D-BD9EFA960EFB} -> Spyware.FizzleBar : Ignored
HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Ignored
HKLM\SOFTWARE\Classes\CLSID\{417386C3-8D4A-4611-9B91-E57E89D603AC} -> Spyware.AdDestroyer : Ignored
HKLM\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-C0FB-EF60B19DB42E} -> Spyware.ShopNav : Ignored
HKLM\SOFTWARE\Classes\CLSID\{5A5F9339-F6A5-4464-95E3-A00BCA6206E3} -> Spyware.CommonName : Ignored
HKLM\SOFTWARE\Classes\CLSID\{9056A11F-5EA6-4A67-BDE9-8D3C7C453DAC} -> Spyware.FizzleWizzle : Ignored
HKLM\SOFTWARE\Classes\CLSID\{E004800A-73C6-4587-B855-98D0CE0C16B1} -> Spyware.BrowserAid : Ignored
HKLM\SOFTWARE\Classes\Fizzlebar.clsDockWindow -> Spyware.FizzleBar : Ignored
HKLM\SOFTWARE\Classes\Fizzlebar.clsDockWindow\Clsid -> Spyware.FizzleBar : Ignored
HKLM\SOFTWARE\Classes\Fizzlebar.clsFwBar -> Spyware.FizzleBar : Ignored
HKLM\SOFTWARE\Classes\Fizzlebar.clsFwBar\Clsid -> Spyware.FizzleBar : Ignored
HKLM\SOFTWARE\Classes\Interface\{05080E6B-A88A-4CFD-8C3D-9B2557670B6E} -> Spyware.BookedSpace : Ignored
HKLM\SOFTWARE\Classes\Interface\{0F2A4ADC-DABF-4980-8DB4-19F67D7B1F95} -> Spyware.ClearSearch : Ignored
HKLM\SOFTWARE\Classes\Interface\{10D7DB96-56DC-4617-8EAB-EC506ABE6C7E} -> Spyware.AdDestroyer : Ignored
HKLM\SOFTWARE\Classes\Interface\{2BB15D36-43BE-4743-A3A0-3308F4B1A610} -> Spyware.Delfin : Ignored
HKLM\SOFTWARE\Classes\Interface\{3116ED38-8599-4261-8F81-F43266FFAAFF} -> Spyware.FizzleBar : Ignored
HKLM\SOFTWARE\Classes\Interface\{36A89C39-DA76-49D6-98F8-0CBEC6B8B352} -> Spyware.FizzleBar : Ignored
HKLM\SOFTWARE\Classes\Interface\{3A951AF0-53F8-4803-A565-0E1DEE4B11F5} -> Spyware.SEP : Ignored
HKLM\SOFTWARE\Classes\Interface\{41700749-A109-4254-AF13-BE54011E8783} -> Spyware.Delfin : Ignored
HKLM\SOFTWARE\Classes\Interface\{4D6CED50-D6AE-40DA-B87F-235593FC1F28} -> Spyware.NavExcel : Ignored
HKLM\SOFTWARE\Classes\Interface\{6CDC3337-01F7-4A79-A4AF-0B19303CC0BE} -> Spyware.AdDestroyer : Ignored
HKLM\SOFTWARE\Classes\Interface\{795398D0-DC2F-4118-A69C-592273BA9C2B} -> Spyware.AdDestroyer : Ignored
HKLM\SOFTWARE\Classes\Interface\{8EEE58D5-130E-4CBD-9C83-35A0564E1357} -> Spyware.NaviSearch : Ignored
HKLM\SOFTWARE\Classes\Interface\{96B3B1B9-A510-4603-BD66-2BB2C9F21542} -> Spyware.AdRotator : Ignored
HKLM\SOFTWARE\Classes\Interface\{AA4939C3-DECA-4A48-A454-97CD587C0EF5} -> Spyware.ISTBar : Ignored
HKLM\SOFTWARE\Classes\Interface\{AF286CEA-635D-40C5-A891-B40A0F520539} -> Spyware.SEP : Ignored
HKLM\SOFTWARE\Classes\Interface\{B288F21C-A144-4CA2-9B70-8AFA1FAE4B06} -> Spyware.AdDestroyer : Ignored
HKLM\SOFTWARE\Classes\Interface\{C6906A23-4717-4E1F-B6FD-F06EBED11357} -> Spyware.NaviSearch : Ignored
HKLM\SOFTWARE\Classes\Interface\{E318D698-27B3-44D5-8998-C35EAFB9C034} -> Spyware.MidAddle : Ignored
HKLM\SOFTWARE\Classes\Interface\{EEE4A2E5-9F56-432F-A6ED-F6F625B551E0} -> Dialer.Generic : Ignored
HKLM\SOFTWARE\Classes\PopOops2.PopOops -> Spyware.AdDestroyer : Ignored
HKLM\SOFTWARE\Classes\PopOops2.PopOops\Clsid -> Spyware.AdDestroyer : Ignored
HKLM\SOFTWARE\Classes\PROTOCOLS\Name-Space Handler\res -> Spyware.WebSearch : Ignored
HKLM\SOFTWARE\Classes\SWLAD1.SWLAD -> Spyware.AdDestroyer : Ignored
HKLM\SOFTWARE\Classes\SWLAD1.SWLAD\Clsid -> Spyware.AdDestroyer : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{0DC5CD7C-F653-4417-AA43-D457BE3A9622} -> Spyware.BookedSpace : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{12EE7A5E-0674-42F9-A76C-000000004D00} -> Spyware.BrowserAid : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{209B1CEA-8B2E-4596-9B35-A4A7DB611EB2} -> Spyware.NavExcel : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{2A7DB8D1-43BE-4AD3-A81E-9BB8C9D00073} -> Spyware.Delfin : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{4EB7BBE8-2E15-424B-9DDB-2CDB9516C2E3} -> Spyware.NaviSearch : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{549AD254-492D-42B5-8909-34F14348D4BC} -> Spyware.FizzleBar : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{D0C29A75-7146-4737-98EE-BC4D7CF44AF9} -> Spyware.AdDestroyer : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{E0D3B292-A0B0-4640-975C-2F882E039F52} -> Spyware.AdDestroyer : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{ECB25A48-E6E0-49AF-99AF-07C763E31389} -> Spyware.MidAddle : Ignored
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{10000000-1000-0000-1000-000000000000} -> Spyware.ISTBar : Ignored
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9DBAFCCF-592F-FFFF-FFFF-00608CEC297B} -> Spyware.BargainBuddy : Ignored
HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{12EE7A5E-0674-42f9-A76B-000000004D00} -> Spyware.BrowserAid : Ignored
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{120E090D-9136-4b78-8258-F0B44B4BD2AC} -> Spyware.Maxspeed : Ignored
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{120E090D-9136-4b78-8258-F0B44B4BD2AC} -> Spyware.Maxspeed : Ignored
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8F9FBEB8-D216-4d6c-8D21-513157E09C0D} -> Spyware.Maxspeed : Ignored
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0019C3E2-DD48-4A6D-ABCD-8D32436323D9} -> Spyware.BookedSpace : Ignored
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{12EE7A5E-0674-42f9-A76A-000000004D00} -> Spyware.BrowserAid : Ignored
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunWindowsUpdate -> Spyware.BrowserAid : Ignored
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunWindowsUpdate\Active -> Spyware.BrowserAid : Ignored
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PGate -> Spyware.Delfin : Ignored
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{120E090D-9136-4b78-8258-F0B44B4BD2AC} -> Spyware.Maxspeed : Ignored
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8F9FBEB8-D216-4d6c-8D21-513157E09C0D} -> Spyware.Maxspeed : Ignored
HKLM\SOFTWARE\midADdle -> Spyware.MidAddle : Ignored
HKLM\SOFTWARE\msbb -> Spyware.180Solutions : Ignored
HKLM\SOFTWARE\Mvu -> Spyware.Delfin : Ignored
HKLM\SOFTWARE\TopConverting -> Spyware.TopConverting : Ignored
HKLM\SOFTWARE\TopConverting\tetris -> Spyware.TopConverting : Ignored
HKLM\SYSTEM\CurrentControlSet\Services\ISEXEng -> Spyware.BargainBuddy : Ignored
HKLM\SYSTEM\CurrentControlSet\Services\ISEXEng\Security -> Spyware.BargainBuddy : Ignored
HKLM\SYSTEM\CurrentControlSet\Services\ISEXEng\Enum -> Spyware.BargainBuddy : Ignored
HKU\S-1-5-21-2187986342-458199223-861200314-1007\Software\intexp -> Spyware.IEPlugin : Ignored
HKU\S-1-5-21-2187986342-458199223-861200314-1007\Software\margo -> Spyware.AdTomi : Ignored
HKU\S-1-5-21-2187986342-458199223-861200314-1007\Software\margo\symbols -> Spyware.AdTomi : Ignored
HKU\S-1-5-21-2187986342-458199223-861200314-1007\Software\msbb -> Spyware.180Solutions : Ignored
HKU\S-1-5-21-2187986342-458199223-861200314-1007\Software\Pcsv -> Spyware.Delfin : Ignored
HKU\S-1-5-21-2187986342-458199223-861200314-1007\Software\SurfSideKick2 -> Spyware.SurfSide : Ignored
HKU\S-1-5-21-2187986342-458199223-861200314-1007\Software\SurfSideKick2\Internet Explorer -> Spyware.SurfSide : Ignored
HKU\S-1-5-21-2187986342-458199223-861200314-1007\Software\{12EE7A5E-0674-42f9-A76B-000000004D00} -> Spyware.BrowserAid : Ignored
:mozilla.16:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Firefox\Profiles\ykgw37hl.default\cookies.txt -> Spyware.Cookie.Atdmt : Ignored
:mozilla.17:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Firefox\Profiles\ykgw37hl.default\cookies.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.5:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Sixcounter : Ignored
:mozilla.6:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Sixcounter : Ignored
:mozilla.9:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Atdmt : Ignored
:mozilla.10:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Targetnet : Ignored
:mozilla.11:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Targetnet : Ignored
:mozilla.12:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Targetnet : Ignored
:mozilla.15:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.16:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.17:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.18:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.19:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.20:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.23:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.35:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Doubleclick : Ignored
:mozilla.36:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Ignored
:mozilla.37:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Ignored
:mozilla.41:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Mediaplex : Ignored
:mozilla.44:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Ignored
:mozilla.45:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Ignored
:mozilla.46:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Ignored
:mozilla.47:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Ignored
:mozilla.48:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Ignored
:mozilla.50:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Tribalfusion : Ignored
:mozilla.52:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Hitbox : Ignored
:mozilla.53:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Hitbox : Ignored
:mozilla.54:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Hitbox : Ignored
:mozilla.64:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.65:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Hitbox : Ignored
:mozilla.68:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Paycounter : Ignored
:mozilla.71:C:\Documents and Settings\Shawn Fitzgerald\Application Data\Mozilla\Profiles\default\5yymer2n.slt\cookies.txt -> Spyware.Cookie.Centrport : Ignored
ALgal
1.2K Posts
0
July 27th, 2005 23:00
Hello fitzcracker,
Please go back and repeat the instructions, only with the Ewido let it delete/remove the files.