i dont understand what you mean by 'selecting 1' - when i run this it just says 'hit any key to continue'. when i do this it just disappears off the screen....
Rather than taking time to figure out why you cannot run SmitfraudFix, we'll try it another way.
Please print these instructions so you can refer to them easily.
Download
smitRem.exe and save the file to your desktop.
Alternate links:
smitRem.exe smitRem.exe Double click on the file to extract it to its own folder on the desktop.
When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
Launch ewido, there should be an icon on your desktop double-click it.
The program will now go to the main screen
You will need to update ewido to the latest definition files.
On the left hand side of the main screen click update
Then click on Start Update
The update will start and a progress bar will show the updates being installed. If you are having problems with the updater, you can use this link to manually update Ewido.
http://download.ewido.net/ewido-signatures-full-current.exe
Do
NOT run a scan yet.
If you have not already installed Ad-Aware SE 1.06, follow these download and setup instructions, otherwise, check for updates:
Please download
Ad-Aware SE Personal and install it. If you already have Ad-Aware SE, please configure it as indicated below. If you have a previous version of Ad-Aware, please uninstall your current version and install the newest version SE 1.06.
1) Run Ad-Aware, and click
Check for updates now.
2) Select Configurations (click the Gear wheel at the top) as follows:
General Button > Safety & Settings: Check (Green) all three.
Tweak Button > Cleaning Engine > UNcheck "Always try to unload modules before deletion".
Don't run it yet! Exit Ad-aware. Next, please reboot your computer in
SafeMode by doing the following:
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
Instead of Windows loading as normal, a menu should appear
Select the first option, to run Windows in Safe Mode.
Run HijackThis, and press "Scan". When the scan is complete place a check mark next to the following entries:
After checking these items CLOSE ALL open windows EXCEPT HijackThis and click "Fix Checked." =================================================== Close Hijackthis.
Then search for and DELETE the following file(s)/folder(s) IF STILL PRESENT: C:\WINDOWS\system32\dcomcfg.exe C:\WINDOWS\system32\atmclk.exe C:\WINDOWS\system32\hp100.tmp
Open Ad-aware and do a full scan. Remove all it finds. ________________________
Run Ewido:
Then select "Settings"
Under the bottom section "What to Scan?" make sure "Scan every file" is checked.
Select "OK" and you will return to scanning options.
Click on Complete System Scan and the scan will begin.
This scan can take quite a while to run, so please be patient .
While the scan is in progress, you will be prompted to clean the first infected file it finds.
Choose Clean.
Then put a check next to 'Perform action on all infections' . Doing this, enables the scan to proceed automatically until its completion. Click OK
When the scan finishes, click on "Save Report". This will create a text file. Make sure you know where to find this file again. The best place to save it would probably be your Desktop.
Close Ewido Next go to Control Panel click Display > Desktop > Customize Desktop > Web > Uncheck " Security Info" or " Desktop Uninstall" if present.
Reboot back into Windows and click the Panda ActiveScan shortcut. - Once you are on the Panda site click the Scan your PC button - A new window will open...click the Check Now button - Enter your Country - Enter your State/Province - Enter your e-mail address and click send - Select either Home User or Company - Click the big Scan Now button - If it wants to install an ActiveX component allow it - It will start downloading the files it requires for the scan (Note: It may take a couple of minutes) - When download is complete, click on Local Disks to start the scan - When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the Panda scan report, along with a new HijackThis Log, the contents of smitfiles.txt and the Ewido Log by using Add Reply.
** NOTE: It could be possible, after reboot that the system is using the windows classic theme again. To restore this and set it back to XP-theme, rightclick on your desktop > properties > tab Appearances and choose Windows XP style again under windows and buttons. Click apply and OK.
I managed to get SmitFraudFix running in the end, by running it from DOS rather than Windows, and it gave me the following report. Does it mean anything to you?
SmitFraudFix v2.58
Scan done at 18:22:20.32, Sun 06/11/2006
Run from C:\Documents and Settings\KAREEM\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\acvgxw.dll FOUND !
C:\WINDOWS\system32\atmclk.exe FOUND !
C:\WINDOWS\system32\dcomcfg.exe FOUND !
C:\WINDOWS\system32\hp???.tmp FOUND !
C:\WINDOWS\system32\hp????.tmp FOUND !
C:\WINDOWS\system32\ld????.tmp FOUND !
C:\WINDOWS\system32\ot.ico FOUND !
C:\WINDOWS\system32\regperf.exe FOUND !
C:\WINDOWS\system32\simpole.tlb FOUND !
C:\WINDOWS\system32\stdole3.tlb FOUND !
C:\WINDOWS\system32\ts.ico FOUND !
C:\WINDOWS\system32\1024\ FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\KAREEM\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
HKLM\SOFTWARE\WinHound.com FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
Please print out or copy these instructions/tutorial to Notepad as the internet will not be (while in Safe Mode) available to you at certain points of the removal process. Make sure to work through all the Steps in the exact order in which they are listed below. If there's anything that you don't understand, ask your question(s) before moving on with the fixes.
If you have not done so already, please download the trial version of
Ewido Anti-malware 3.5 from here:
http://www.ewido.net/en/download/
Install Ewido Anti-malware.
When installing, under Additional Options uncheck Install background guard and Install scan via context menu.
When you run Ewido for the first time, you could get a warning "Database could not be found!". Click Ok.
The program will prompt you to update. Click the Ok button.
The program will now go to the main screen.
You will need to update Ewido to the latest definition files.
On the left-hand side of the main screen click the Update Button.
Once finished updating, close Ewido.
Make sure to close Ewido before installing the update.
Reboot your computer in
Safe Mode.
* If the computer is running, shut down Windows, and then turn off the power.
* Wait 30 seconds, and then turn the computer on.
* Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
* Ensure that the Safe Mode option is selected.
* Press Enter. The computer then begins to start in Safe mode.
* Login on your usual account.
______________________________
Open the
SmitfraudFix Folder, then double-click
smitfraudfix.cmd file to start the tool.
Select
option #2 - Clean by typing 2 and press Enter.
Wait for the tool to complete and disk cleanup to finish.
You will be prompted : "Registry cleaning - Do you want to clean the registry ?" answer Yes by typing Y and hit Enter.
The tool will also check if wininet.dll is infected. If a clean version is found, you will be prompted to replace wininet.dll. Answer Yes to the question "Replace infected file ?" by typing Y and hit Enter.
A reboot may be needed to finish the cleaning process, if your computer does not restart automatically please do it yourself manually. Reboot in Safe Mode.
The tool will create a log named
rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.
______________________________
Clean out your Temporary Internet files. Proceed like this:
* Quit Internet Explorer and quit any instances of Windows Explorer.
* Click Start, click Control Panel, and then double-click Internet Options.
* On the General tab, click Delete Files under Temporary Internet Files.
* In the Delete Files dialog box, tick the Delete all offline content check box , and then click OK.
* On the General tab, click Delete Cookies under Temporary Internet Files, and then click OK.
* Click on the Programs tab then click the Reset Web Settings button. Click Apply then OK.
* Click OK.
Next Click Start, click Control Panel and then double-click Display. Click on the Desktop tab, then click the Customize Desktop button. Click on the Web tab. Under Web Pages you should see a checked entry called Security info or something similar. If it is there, select that entry and click the Delete button. Click Ok then Apply and Ok.
Empty the Recycle Bin by right-clicking the Recycle Bin icon on your Desktop, and then clicking Empty Recycle Bin.
______________________________
Close ALL open Windows / Programs / Folders. Please start
Ewido, and run a full scan.
* Click on Scanner
* Click on Settings
o Under How to scan all boxes should be checked
o Under Unwanted Software all boxes should be checked
o Under What to scan select Scan every file
o Click on Ok
* Click on Complete System Scan to start the scan process.
* Let the program scan the machine.
If Ewido finds anything, it will pop up a notification. When it asks if you want to clean the first file, put a checkmark in the lower left corner of the box that says Perform action on all infections and put a checkmark in the box next to Create encrypted backup, then choose clean and click Ok.
Once the scan has completed, there will be a button located on the bottom of the screen named Save Report.
* Click Save Report button
* Save the report to your Desktop
Close Ewido and Reboot in Normal Mode.
Please post:
1. c:\rapport.txt
2. Ewido log
3. A new HijackThis log
Let me know how things are running.
** If you cannot run SmitfraudFix, just go back and follow the instructions for using SmitRem instead.
also things are running the same as ever im afraid - shutdown message still comes up and programs such as internet explorer and media player dont work....
Logfile of HijackThis v1.99.1
Scan saved at 20:45:01, on 6/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.751:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.754:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.757:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.758:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.767:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.769:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.771:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.775:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.777:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Commission-junction : Cleaned with backup
:mozilla.778:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Commission-junction : Cleaned with backup
:mozilla.780:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
:mozilla.781:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.790:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.792:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.793:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.795:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.798:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.799:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.800:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.803:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@ad.yieldmanager[3].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@com[1].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@media.fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.9:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.12:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.13:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.14:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.15:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.16:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.18:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.19:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.20:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.21:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.24:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.57:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.58:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.59:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.60:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.61:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.62:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.63:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.65:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.66:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.67:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.70:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.71:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.72:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.74:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.75:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.76:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.77:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.78:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.79:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.80:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.97:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.98:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.99:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.100:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.101:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.102:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.103:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.104:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.105:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.106:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.111:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.123:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.131:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.132:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.142:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.143:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.144:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.158:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.159:C:\Documents and Settings\METHAM\Applica
bamajim
10.4K Posts
0
June 10th, 2006 16:00
Cool Mo.d
Please go here
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
And Download SmitFraudFix by S!ri
Extract all the archive content to your desktop
Open that file, Ctrl+A to copy, and post a copy of that log as a reply to this thread
Do Not run option 2 until instructed to do so
Thanks bamajim
Training at Malware Removal University
bamajim
10.4K Posts
0
June 10th, 2006 16:00
Cool Mo.d
That happens sometimes, depending on the infection
Download fixpath2 here
Extract all content to your desktop
Double click FIXPATH
Run the program
It will open a DOS window
Answer yes at the prompt
It will self close when completed
then rerun Smitfraudfix
bamajim
Training at Malware Removal University
Cool Mo.d
22 Posts
0
June 10th, 2006 16:00
Cool Mo.d
22 Posts
0
June 10th, 2006 17:00
Cool Mo.d
22 Posts
0
June 10th, 2006 17:00
bamajim
10.4K Posts
0
June 10th, 2006 17:00
Cool Mo.d
Yes, it should have done its job
Try re-running the Smitfraudfix now
bamajim
Training at Malware Removal University
Cool Mo.d
22 Posts
0
June 10th, 2006 17:00
bamajim
10.4K Posts
0
June 10th, 2006 17:00
cool Mo.d
Yes would be correct
bamajim
Training at Malware Removal University
Bugbatter
3 Apprentice
•
20.5K Posts
0
June 11th, 2006 02:00
Rather than taking time to figure out why you cannot run SmitfraudFix, we'll try it another way.
Please print these instructions so you can refer to them easily.
Download smitRem.exe and save the file to your desktop.
Alternate links:
smitRem.exe
smitRem.exe
Double click on the file to extract it to its own folder on the desktop.
Place a shortcut to Panda ActiveScan on your desktop.
Please download ewido security suite trial version.
- Install ewido security suite
- When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
- Launch ewido, there should be an icon on your desktop double-click it.
- The program will now go to the main screen
You will need to update ewido to the latest definition files.- On the left hand side of the main screen click update
- Then click on Start Update
The update will start and a progress bar will show the updates being installed. If you are having problems with the updater, you can use this link to manually update Ewido.http://download.ewido.net/ewido-signatures-full-current.exe
Do NOT run a scan yet.
If you have not already installed Ad-Aware SE 1.06, follow these download and setup instructions, otherwise, check for updates:
Please download Ad-Aware SE Personal and install it. If you already have Ad-Aware SE, please configure it as indicated below. If you have a previous version of Ad-Aware, please uninstall your current version and install the newest version SE 1.06.
1) Run Ad-Aware, and click Check for updates now.
2) Select Configurations (click the Gear wheel at the top) as follows:
- General Button > Safety & Settings: Check (Green) all three.
- Tweak Button > Cleaning Engine > UNcheck "Always try to unload modules before deletion".
Don't run it yet! Exit Ad-aware.Next, please reboot your computer in SafeMode by doing the following:
Run HijackThis, and press "Scan". When the scan is complete place a check mark next to the following entries:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Nothing - {686a161d-5bd1-4999-8832-6393f41e564c} - C:\WINDOWS\system32\hp100.tmp
O2 - BHO: Nothing - {6ab7158b-4bff-4160-ad7d-4d622df548cf} - C:\WINDOWS\system32\hp100.tmp
O2 - BHO: Nothing - {f79fd28e-36ee-4989-aa61-9dd8e30a82fa} - C:\WINDOWS\system32\hp100.tmp
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
After checking these items CLOSE ALL open windows EXCEPT HijackThis and click "Fix Checked."
===================================================
Close Hijackthis.
Then search for and DELETE the following file(s)/folder(s) IF STILL PRESENT:
C:\WINDOWS\system32\dcomcfg.exe
C:\WINDOWS\system32\atmclk.exe
C:\WINDOWS\system32\hp100.tmp
Open Ad-aware and do a full scan. Remove all it finds.
________________________
Run Ewido:
- Then select "Settings"
- Under the bottom section "What to Scan?" make sure "Scan every file" is checked.
- Select "OK" and you will return to scanning options.
- Click on Complete System Scan and the scan will begin.
- While the scan is in progress, you will be prompted to clean the first infected file it finds.
- Choose Clean.
- Then put a check next to 'Perform action on all infections' . Doing this, enables the scan to proceed automatically until its completion. Click OK
- When the scan finishes, click on "Save Report". This will create a text file. Make sure you know where to find this file again. The best place to save it would probably be your Desktop.
Close EwidoThis scan can take quite a while to run, so please be patient .
Next go to Control Panel click Display > Desktop > Customize Desktop > Web > Uncheck " Security Info" or " Desktop Uninstall" if present.
Reboot back into Windows and click the Panda ActiveScan shortcut.
- Once you are on the Panda site click the Scan your PC button
- A new window will open...click the Check Now button
- Enter your Country
- Enter your State/Province
- Enter your e-mail address and click send
- Select either Home User or Company
- Click the big Scan Now button
- If it wants to install an ActiveX component allow it
- It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
- When download is complete, click on Local Disks to start the scan
- When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.
Post the contents of the Panda scan report, along with a new HijackThis Log, the contents of smitfiles.txt and the Ewido Log by using Add Reply.
** NOTE: It could be possible, after reboot that the system is using the windows classic theme again.
To restore this and set it back to XP-theme, rightclick on your desktop > properties > tab Appearances and choose Windows XP style again under windows and buttons.
Click apply and OK.
Cool Mo.d
22 Posts
0
June 11th, 2006 16:00
I managed to get SmitFraudFix running in the end, by running it from DOS rather than Windows, and it gave me the following report. Does it mean anything to you?
SmitFraudFix v2.58
Scan done at 18:22:20.32, Sun 06/11/2006
Run from C:\Documents and Settings\KAREEM\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\acvgxw.dll FOUND !
C:\WINDOWS\system32\atmclk.exe FOUND !
C:\WINDOWS\system32\dcomcfg.exe FOUND !
C:\WINDOWS\system32\hp???.tmp FOUND !
C:\WINDOWS\system32\hp????.tmp FOUND !
C:\WINDOWS\system32\ld????.tmp FOUND !
C:\WINDOWS\system32\ot.ico FOUND !
C:\WINDOWS\system32\regperf.exe FOUND !
C:\WINDOWS\system32\simpole.tlb FOUND !
C:\WINDOWS\system32\stdole3.tlb FOUND !
C:\WINDOWS\system32\ts.ico FOUND !
C:\WINDOWS\system32\1024\ FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\KAREEM\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
HKLM\SOFTWARE\WinHound.com FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{0c7416f0-dd23-420f-97f5-aae352ea2bf1}"="glochid"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{5aaf6542-f4ba-4df4-873d-4902ecbe794c}"="acheweed"
[HKEY_CLASSES_ROOT\CLSID\{5aaf6542-f4ba-4df4-873d-4902ecbe794c}\InProcServer32]
@="C:\WINDOWS\system32\acvgxw.dll"
[HKEY_CURRENT_USER\Software\Classes\CLSID\{5aaf6542-f4ba-4df4-873d-4902ecbe794c}\InProcServer32]
@="C:\WINDOWS\system32\acvgxw.dll"
»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End
Bugbatter
3 Apprentice
•
20.5K Posts
0
June 11th, 2006 17:00
Please print out or copy these instructions/tutorial to Notepad as the internet will not be (while in Safe Mode) available to you at certain points of the removal process. Make sure to work through all the Steps in the exact order in which they are listed below. If there's anything that you don't understand, ask your question(s) before moving on with the fixes.
If you have not done so already, please download the trial version of Ewido Anti-malware 3.5 from here:
http://www.ewido.net/en/download/
- Install Ewido Anti-malware.
- When installing, under Additional Options uncheck Install background guard and Install scan via context menu.
- When you run Ewido for the first time, you could get a warning "Database could not be found!". Click Ok.
- The program will prompt you to update. Click the Ok button.
- The program will now go to the main screen.
You will need to update Ewido to the latest definition files.- On the left-hand side of the main screen click the Update Button.
- Click on Start.
The update will start and a progress bar will show the updates being installed.If you are having problems with the updater, you can use this link to manually update Ewido.http://download.ewido.net/ewido-signatures-full-current.exe
Once finished updating, close Ewido.
Make sure to close Ewido before installing the update.
Reboot your computer in Safe Mode.
* If the computer is running, shut down Windows, and then turn off the power.
* Wait 30 seconds, and then turn the computer on.
* Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
* Ensure that the Safe Mode option is selected.
* Press Enter. The computer then begins to start in Safe mode.
* Login on your usual account.
______________________________
Open the SmitfraudFix Folder, then double-click smitfraudfix.cmd file to start the tool.
Select option #2 - Clean by typing 2 and press Enter.
Wait for the tool to complete and disk cleanup to finish.
You will be prompted : "Registry cleaning - Do you want to clean the registry ?" answer Yes by typing Y and hit Enter.
The tool will also check if wininet.dll is infected. If a clean version is found, you will be prompted to replace wininet.dll. Answer Yes to the question "Replace infected file ?" by typing Y and hit Enter.
A reboot may be needed to finish the cleaning process, if your computer does not restart automatically please do it yourself manually. Reboot in Safe Mode.
The tool will create a log named rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.
______________________________
Clean out your Temporary Internet files. Proceed like this:
* Quit Internet Explorer and quit any instances of Windows Explorer.
* Click Start, click Control Panel, and then double-click Internet Options.
* On the General tab, click Delete Files under Temporary Internet Files.
* In the Delete Files dialog box, tick the Delete all offline content check box , and then click OK.
* On the General tab, click Delete Cookies under Temporary Internet Files, and then click OK.
* Click on the Programs tab then click the Reset Web Settings button. Click Apply then OK.
* Click OK.
Next Click Start, click Control Panel and then double-click Display. Click on the Desktop tab, then click the Customize Desktop button. Click on the Web tab. Under Web Pages you should see a checked entry called Security info or something similar. If it is there, select that entry and click the Delete button. Click Ok then Apply and Ok.
Empty the Recycle Bin by right-clicking the Recycle Bin icon on your Desktop, and then clicking Empty Recycle Bin.
______________________________
Close ALL open Windows / Programs / Folders. Please start Ewido, and run a full scan.
* Click on Scanner
* Click on Settings
o Under How to scan all boxes should be checked
o Under Unwanted Software all boxes should be checked
o Under What to scan select Scan every file
o Click on Ok
* Click on Complete System Scan to start the scan process.
* Let the program scan the machine.
If Ewido finds anything, it will pop up a notification. When it asks if you want to clean the first file, put a checkmark in the lower left corner of the box that says Perform action on all infections and put a checkmark in the box next to Create encrypted backup, then choose clean and click Ok.
Once the scan has completed, there will be a button located on the bottom of the screen named Save Report.
* Click Save Report button
* Save the report to your Desktop
Close Ewido and Reboot in Normal Mode.
Please post:
1. c:\rapport.txt
2. Ewido log
3. A new HijackThis log
Let me know how things are running.
** If you cannot run SmitfraudFix, just go back and follow the instructions for using SmitRem instead.
Cool Mo.d
22 Posts
0
June 12th, 2006 18:00
TrackingCookie.Revenue : Cleaned with backup
:mozilla.161:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.162:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.164:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.165:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.166:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.167:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.173:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.174:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.175:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.178:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.179:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.180:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.191:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.193:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.194:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.195:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.196:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.207:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.233:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.234:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.235:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.236:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.251:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.253:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.254:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.255:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.256:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.257:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.260:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.261:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.265:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.266:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.267:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
:mozilla.279:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.280:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.281:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.282:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.283:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.297:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.301:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.304:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.305:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.306:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.307:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.308:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.309:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.310:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.342:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.343:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.344:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.345:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.346:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.347:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.348:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.366:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Clickagents : Cleaned with backup
:mozilla.378:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.379:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.380:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.395:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.405:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.406:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.407:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.408:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.431:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.432:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.433:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.436:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.437:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.441:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.445:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\METHAM\Cookies\metham@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\METHAM\Cookies\metham@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\METHAM\Cookies\metham@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\METHAM\Cookies\metham@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup
C:\Documents and Settings\METHAM\Cookies\metham@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\METHAM\Cookies\metham@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\METHAM\Cookies\metham@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\METHAM\Cookies\metham@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\METHAM\Cookies\metham@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\METHAM\Cookies\metham@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\METHAM\Cookies\metham@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\METHAM\Cookies\metham@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\METHAM\Cookies\metham@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup
C:\Documents and Settings\METHAM\Cookies\metham@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\METHAM\Cookies\metham@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\METHAM\Local Settings\Temp\Cookies\metham@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\METHAM\Local Settings\Temp\Cookies\metham@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\METHAM\Local Settings\Temp\Cookies\metham@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\METHAM\Local Settings\Temp\Cookies\metham@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned with backup
C:\Documents and Settings\METHAM\Local Settings\Temp\Cookies\metham@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\METHAM\Local Settings\Temp\Cookies\metham@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\METHAM\Local Settings\Temp\Cookies\metham@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\METHAM\Local Settings\Temp\Cookies\metham@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\METHAM\Local Settings\Temp\Cookies\metham@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\METHAM\Local Settings\Temp\Cookies\metham@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\METHAM\Local Settings\Temp\Cookies\metham@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\METHAM\Local Settings\Temp\Cookies\metham@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\METHAM\Local Settings\Temp\Cookies\metham@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\ZEENA\Cookies\zeena@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup
C:\Documents and Settings\ZEENA\Cookies\zeena@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\ZEENA\Cookies\zeena@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP127\A0056762.exe -> Downloader.Zlob : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP128\A0057843.exe -> Adware.Spysheriff : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP131\A0059258.exe -> Downloader.Zlob : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP131\A0059364.dll -> Trojan.Fakealert : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP132\A0060593.exe -> Downloader.Zlob.qa : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP133\A0159181.exe -> Downloader.Zlob.pw : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP133\A0160171.exe -> Downloader.Zlob.qi : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP133\A0162182.exe -> Downloader.Zlob.rb : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP133\A0162183.exe -> Downloader.Zlob.qt : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP133\A0163180.tlb -> Downloader.Zlob.rk : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP133\A0164176.tlb -> Downloader.Zlob.rk : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP133\A0164190.tlb -> Downloader.Zlob.rk : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP133\A0165190.tlb -> Downloader.Zlob.rk : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP133\A0165193.exe -> Downloader.Zlob.rk : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP133\A0165194.exe -> Downloader.Zlob.rk : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP133\A0167229.exe -> Downloader.Zlob.obfuscated : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP133\A0167230.exe -> Downloader.Zlob.obfuscated : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP133\A0169396.exe -> Downloader.Zlob.rm : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP133\A0169399.exe -> Downloader.Zlob.pm : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP133\A0169445.exe -> Downloader.Zlob.rq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP133\A0172665.exe -> Downloader.Zlob.ry : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP133\A0187691.dll -> Not-A-Virus.Hoax.Win32.Renos.dj : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP133\A0187692.exe -> Downloader.Zlob.lc : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP133\A0187695.exe -> Downloader.Zlob.rf : Cleaned with backup
::Report End
Cool Mo.d
22 Posts
0
June 12th, 2006 18:00
Cool Mo.d
22 Posts
0
June 12th, 2006 18:00
Logfile of HijackThis v1.99.1
Scan saved at 20:45:01, on 6/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Documents and Settings\KAREEM\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eircom.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.eircom.net
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: ALTAVISTA - {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} - C:\WINDOWS\DOWNLO~1\CONFLICT.1\ALTAVI~1.DLL
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: ALTAVISTA - {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} - C:\WINDOWS\DOWNLO~1\CONFLICT.1\ALTAVI~1.DLL
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Run Nintendo Wi-Fi USB Connector Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O8 - Extra context menu item: AltaVista Search - file://C:\Program Files\Internet Explorer\ALTAVISTA Toolbar\Cache\SelectedContextSearch.htm
O8 - Extra context menu item: Translate - file://C:\Program Files\Internet Explorer\ALTAVISTA Toolbar\Cache\SelectedContextTranslation.htm
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.eircom.net
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} (ALTAVISTA) - http://toolbar.altavista.com/static/toolbar/altavista.cab?r=1139178305
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1133801891593
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O18 - Protocol: bw+0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {76130513-CC88-4D60-9D1D-36956975F744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Cool Mo.d
22 Posts
0
June 12th, 2006 18:00
Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.751:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.754:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.757:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.758:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.767:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.769:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.771:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.775:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.777:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Commission-junction : Cleaned with backup
:mozilla.778:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Commission-junction : Cleaned with backup
:mozilla.780:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
:mozilla.781:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.790:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.792:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.793:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.795:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.798:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.799:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.800:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.803:C:\Documents and Settings\KAREEM\Application Data\Mozilla\Firefox\Profiles\nskcztzu.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@ad.yieldmanager[3].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@com[1].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@media.fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned with backup
C:\Documents and Settings\KAREEM\Local Settings\Temp\Cookies\kareem@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.9:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.12:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.13:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.14:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.15:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.16:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.18:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.19:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.20:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.21:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.24:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.57:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.58:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.59:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.60:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.61:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.62:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.63:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.65:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.66:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.67:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.70:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.71:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.72:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.74:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.75:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.76:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.77:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.78:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.79:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.80:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.97:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.98:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.99:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.100:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.101:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.102:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.103:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.104:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.105:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.106:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.111:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.123:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.131:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.132:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.142:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.143:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.144:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.158:C:\Documents and Settings\METHAM\Application Data\Mozilla\Firefox\Profiles\mujejrtb.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.159:C:\Documents and Settings\METHAM\Applica