Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93101 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Trojan, SpyFalcon... please help!


  • This topic is locked This topic is locked
19 replies to this topic

#1 tinpanalley

tinpanalley

    Authentic Member

  • Authentic Member
  • PipPip
  • 189 posts

Posted 09 February 2006 - 03:25 PM

Please help! Very simple webpages seem to take too long to load as with certain links. Also, I've noticed the "sponsored link" thing happening frequenty. I just ran an AdAware scan and removed two "Spyware" intances. But, I want to be sure everything's really clean. I have Norton's Firewall installed so I don't know where this came from.

Can anyone help please?? Here's my log...

Logfile of HijackThis v1.99.1
Scan saved at 4:21:28 PM, on 2/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\gbpvr\GBPVRRecordingService.exe
C:\WINDOWS\runservice.exe
C:\Program Files\MacOpener\FORMATM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\AccuWeatherDesktopAlerts\AccuWeatherDesktopAlerts.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
C:\My Downloads\hijack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
N2 - Netscape 6: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Profiles\default\apvpctck.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [EPSON Stylus CX4600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /O6 "USB002" /M "Stylus CX4600"
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKCU\..\Run: [AccuWeatherDesktopAlerts] C:\Program Files\AccuWeatherDesktopAlerts\AccuWeatherDesktopAlerts.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download all by Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Download by Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {1380F812-709B-4684-935B-84E447802AFF} (InstallerAX Class) - http://foxmovies.a.c...installerAX.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec....sa/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {33288993-5664-11D4-8B5B-00D0B73B3518} (ell Class) - http://www.easports....ommon/ieell.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} (SnoopyCtrl Class) - http://www.easports....py/iesnoopy.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1099665745687
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://213.98.2.231:...sCamControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} (WebEyeControl) - http://www.rockefell...r/wg_webeye.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec....sa/SymAData.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.ao.../ampx_en_dl.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: GB-PVR Recording Service - - C:\Program Files\gbpvr\GBPVRRecordingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: MacFormatService - Unknown owner - C:\Program Files\MacOpener\FORMATM.EXE" /SERVICE (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    Advertisements

Register to Remove


#2 tinpanalley

tinpanalley

    Authentic Member

  • Authentic Member
  • PipPip
  • 189 posts

Posted 10 February 2006 - 03:56 AM

Here's the logfile. My PC is a mess. Can you please help? I seem to have gotten rid of the Spy Falcon thing but there's a whole bunch of other viruses and spyware on this system still. I know I posted about a day ago, but thishas gotten completely out of hand. Please help!

Logfile of HijackThis v1.99.1
Scan saved at 4:52:29 AM, on 2/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\gbpvr\GBPVRRecordingService.exe
C:\WINDOWS\runservice.exe
C:\Program Files\MacOpener\FORMATM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\My Downloads\hijack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
N2 - Netscape 6: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Profiles\default\apvpctck.slt\prefs.js)
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [EPSON Stylus CX4600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /O6 "USB002" /M "Stylus CX4600"
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKCU\..\Run: [AccuWeatherDesktopAlerts] C:\Program Files\AccuWeatherDesktopAlerts\AccuWeatherDesktopAlerts.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download all by Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Download by Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {1380F812-709B-4684-935B-84E447802AFF} (InstallerAX Class) - http://foxmovies.a.c...installerAX.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec....sa/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {33288993-5664-11D4-8B5B-00D0B73B3518} (ell Class) - http://www.easports....ommon/ieell.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} (SnoopyCtrl Class) - http://www.easports....py/iesnoopy.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1099665745687
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://213.98.2.231:...sCamControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} (WebEyeControl) - http://www.rockefell...r/wg_webeye.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec....sa/SymAData.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.ao.../ampx_en_dl.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: GB-PVR Recording Service - - C:\Program Files\gbpvr\GBPVRRecordingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: MacFormatService - Unknown owner - C:\Program Files\MacOpener\FORMATM.EXE" /SERVICE (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

#3 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 11 February 2006 - 12:47 PM

Hello tinpanalley,

I don't see anything bad in your log. Lets see if these find anything.

Go here and run this scan. Let me know what it finds.
Microsoft - Malicious Software Removal Tool
http://www.microsoft...ve/default.mspx


Download this one and let me know if it finds anything.
RootkitRevealer
http://www.sysintern...itRevealer.html

When it's done, go to file->save
save the logfile to the desktop, and then past the contents here.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 


#4 tinpanalley

tinpanalley

    Authentic Member

  • Authentic Member
  • PipPip
  • 189 posts

Posted 11 February 2006 - 06:03 PM

Hey, First of all... THANK YOU for the reply. I know how busy you guys are and I want to extend my thanks and appreciation for the service you provide. Now... What's been occuring since I removed that Trojan is that Norton keeps telling me that certain programs are trying to connect through unknown servers or something. Everytime I go to logon to a site or check my mail, it's the same thing. The options are "Always allow" or "Always block (recommended)" but blocking causes the window to keep popping up. Don't know what this has to do with anything, but I thought I'd make you aware of any strange behavior which might help understand my system right now. Malicious Software Removal found nothing. Here's the saved file from RookIt Revealer... HKLM\.DEFAULT\RemoteAccess\InternetProfile 6/8/2004 3:06 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1004\Filename 8/23/2004 5:22 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1004\Description 8/23/2004 5:22 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1005\Filename 9/4/2004 3:42 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1005\Description 9/4/2004 3:42 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1006\Filename 9/20/2004 3:24 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1006\Description 9/20/2004 3:24 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1007\Filename 10/4/2004 1:19 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1007\Description 10/4/2004 1:19 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1009\Filename 10/21/2004 9:22 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1009\Description 10/21/2004 9:22 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1010\Filename 11/10/2004 6:54 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1010\Description 11/10/2004 6:54 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1011\Filename 11/11/2004 5:43 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1011\Description 11/11/2004 5:43 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1012\Filename 11/11/2004 6:06 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1012\Description 11/11/2004 6:06 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1013\Filename 11/16/2004 6:39 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1013\Description 11/16/2004 6:39 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1014\Filename 11/17/2004 5:41 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1014\Description 11/17/2004 5:41 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1016\Filename 11/20/2004 7:14 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1016\Description 11/20/2004 7:14 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1017\Filename 11/22/2004 12:35 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1017\Description 11/22/2004 12:35 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1018\Filename 11/28/2004 8:20 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1018\Description 11/28/2004 8:20 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1019\Filename 11/28/2004 8:40 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1019\Description 11/28/2004 8:40 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1020\Filename 11/28/2004 9:09 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1020\Description 11/28/2004 9:09 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1021\Filename 11/28/2004 9:31 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1021\Description 11/28/2004 9:31 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1022\Filename 11/28/2004 10:39 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1022\Description 11/28/2004 10:39 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1023\Filename 12/1/2004 7:22 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1023\Description 12/1/2004 7:22 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1024\Filename 12/3/2004 7:14 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1024\Description 12/3/2004 7:14 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1025\Filename 12/14/2004 11:30 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1025\Description 12/14/2004 11:30 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1026\Filename 12/18/2004 6:11 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1026\Description 12/18/2004 6:11 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1027\Filename 12/21/2004 4:53 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1027\Description 12/21/2004 4:53 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1028\Filename 12/23/2004 3:01 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1028\Description 12/23/2004 3:01 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1029\Filename 1/30/2005 12:33 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1029\Description 1/30/2005 12:33 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1030\Filename 2/8/2005 3:35 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1030\Description 2/8/2005 3:35 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1031\Filename 2/8/2005 3:37 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1031\Description 2/8/2005 3:37 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1032\Filename 2/8/2005 3:38 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1032\Description 2/8/2005 3:38 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1033\Filename 2/8/2005 3:51 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1033\Description 2/8/2005 3:51 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1034\Filename 2/9/2005 8:52 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1034\Description 2/9/2005 8:52 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1035\Filename 2/9/2005 9:11 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1035\Description 2/9/2005 9:11 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1036\Filename 2/10/2005 7:53 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1036\Description 2/10/2005 7:53 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1037\Filename 2/11/2005 4:32 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1037\Description 2/11/2005 4:32 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1038\Filename 2/11/2005 6:44 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1038\Description 2/11/2005 6:44 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1039\Filename 2/11/2005 11:12 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1039\Description 2/11/2005 11:12 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1040\Filename 2/13/2005 12:01 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1040\Description 2/13/2005 12:01 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1041\Filename 2/25/2005 10:29 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1041\Description 2/25/2005 10:29 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1042\Filename 3/18/2005 9:47 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1042\Description 3/18/2005 9:47 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1043\Filename 3/26/2005 8:13 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1043\Description 3/26/2005 8:13 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1044\Filename 6/9/2005 6:51 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1044\Description 6/9/2005 6:51 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1045\Filename 6/12/2005 8:20 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1045\Description 6/12/2005 8:20 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1046\Filename 6/16/2005 7:45 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1046\Description 6/16/2005 7:45 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1047\Filename 6/19/2005 8:28 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1047\Description 6/19/2005 8:28 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1048\Filename 6/19/2005 8:32 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1048\Description 6/19/2005 8:32 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1049\Filename 6/21/2005 1:07 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1049\Description 6/21/2005 1:07 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1050\Filename 6/23/2005 3:11 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1050\Description 6/23/2005 3:11 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1051\Filename 6/23/2005 6:11 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1051\Description 6/23/2005 6:11 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1052\Filename 7/6/2005 9:59 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1052\Description 7/6/2005 9:59 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1053\Filename 7/6/2005 10:21 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1053\Description 7/6/2005 10:21 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1054\Filename 7/6/2005 10:36 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1054\Description 7/6/2005 10:36 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1055\Filename 7/6/2005 11:40 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1055\Description 7/6/2005 11:40 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1056\Filename 7/7/2005 12:04 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1056\Description 7/7/2005 12:04 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1057\Filename 7/8/2005 1:05 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1057\Description 7/8/2005 1:05 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1058\Filename 7/9/2005 10:46 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1058\Description 7/9/2005 10:46 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1059\Filename 7/10/2005 1:29 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1059\Description 7/10/2005 1:29 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1060\Filename 7/10/2005 11:41 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1060\Description 7/10/2005 11:41 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1061\Filename 7/11/2005 1:10 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1061\Description 7/11/2005 1:10 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1062\Filename 7/11/2005 12:22 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1062\Description 7/11/2005 12:22 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1063\Filename 7/14/2005 5:34 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1063\Description 7/14/2005 5:34 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1064\Filename 7/14/2005 5:37 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1064\Description 7/14/2005 5:37 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\RemoteAccess\InternetProfile 4/25/2004 3:07 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-18\RemoteAccess\InternetProfile 6/8/2004 3:06 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version 12/23/2004 3:51 AM 0 bytes Key name contains embedded nulls (*) HKLM\SOFTWARE\Classes\Installer\Products\32418F9EE1126B64A90E8365B85CFCF6\ProductName 3/30/2005 12:16 PM 26 bytes Data mismatch between Windows API and raw hive data. HKLM\SOFTWARE\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o 7/30/2004 12:02 AM 0 bytes Key name contains embedded nulls (*) HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed 2/11/2006 3:47 PM 80 bytes Data mismatch between Windows API and raw hive data. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}\DisplayName 3/30/2005 12:19 PM 26 bytes Data mismatch between Windows API and raw hive data. HKLM\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version 12/23/2004 3:51 AM 0 bytes Key name contains embedded nulls (*) HKLM\SYSTEM\ControlSet001\Control\Motorola\PST\USBDriverVersionNumber 4/18/2005 1:15 PM 3 bytes Data mismatch between Windows API and raw hive data. HKLM\SYSTEM\ControlSet001\Services\a347scsi\Config\jdgg40 2/2/2006 5:06 PM 0 bytes Hidden from Windows API. HKLM\SYSTEM\ControlSet001\Services\a347scsi\Config\jdgg41 12/30/2005 8:35 PM 0 bytes Hidden from Windows API. HKLM\SYSTEM\ControlSet001\Services\d347prt\Cfg\0Jf40 2/11/2006 12:19 PM 0 bytes Hidden from Windows API. HKLM\SYSTEM\ControlSet001\Services\d347prt\Cfg\0Jf41 9/20/2005 1:35 AM 0 bytes Hidden from Windows API. HKLM\SYSTEM\ControlSet001\Services\d347prt\Cfg\0Jf42 9/20/2005 1:35 AM 0 bytes Hidden from Windows API. HKLM\SYSTEM\ControlSet002\Control\Motorola\PST\USBDriverVersionNumber 4/18/2005 1:15 PM 3 bytes Data mismatch between Windows API and raw hive data. C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2FBD24CF 2/10/2006 5:05 AM 38.73 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6D357CE0 2/11/2006 3:52 PM 40.15 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6D691CA6 2/11/2006 3:53 PM 44.40 KB Hidden from Windows API. C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\Incoming\AP0 2/11/2006 3:52 PM 42.33 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Macromedia\Flash Player\#SharedObjects\79FNNYWY\bestbuy.shoplocal.com\bookmarks_235048.sol 2/11/2006 4:07 PM 258 bytes Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Macromedia\Flash Player\#SharedObjects\79FNNYWY\bestbuy.shoplocal.com\global235048.sol 2/11/2006 4:07 PM 147 bytes Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0028E6C2d01 2/11/2006 4:11 PM 45.14 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\003CB69Cd01 2/11/2006 4:03 PM 6.55 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\03721A0Fd01 2/11/2006 4:20 PM 16.09 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\05BA96EAd01 2/11/2006 4:04 PM 35.55 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\06BB45E5d01 2/11/2006 4:13 PM 18.31 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\07A34B32d01 2/11/2006 3:33 AM 1.08 MB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\09AB7834d01 2/11/2006 4:18 PM 16.94 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0ABA96F5d01 2/11/2006 4:04 PM 41.98 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0C6076F3d01 2/11/2006 4:54 PM 87.88 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0C6176F3d01 2/11/2006 4:54 PM 43.79 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0C6276F3d01 2/11/2006 4:54 PM 31.43 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0C6376F3d01 2/11/2006 4:54 PM 70.09 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0C6476F3d01 2/11/2006 4:54 PM 21.08 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0C6676F3d01 2/11/2006 4:54 PM 42.32 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0C6776F3d01 2/11/2006 4:54 PM 18.16 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0C6C76F3d01 2/11/2006 4:54 PM 53.55 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0C6D76F3d01 2/11/2006 4:54 PM 36.44 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0D32B350d01 2/11/2006 3:51 PM 55.86 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0DA5EE19d01 2/11/2006 4:11 PM 36.74 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0F5696C8d01 2/11/2006 4:04 PM 37.79 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\109395E2d01 2/11/2006 4:04 PM 41.84 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\11A5AD2Bd01 2/11/2006 4:20 PM 45.88 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\13AE2C40d01 2/11/2006 3:56 PM 106.37 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\1416745Fd01 2/11/2006 4:05 PM 1.84 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\17278881d01 2/11/2006 4:05 PM 906 bytes Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\19A675A4d01 2/11/2006 4:20 PM 17.47 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\1A09D7E1d01 2/11/2006 4:03 PM 44.43 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\1AB6E803d01 2/11/2006 4:21 PM 42.99 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\1C7E24FCd01 2/11/2006 3:31 AM 35.64 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\1C83FC3Fd01 2/11/2006 3:56 PM 151.94 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\1D7433C6d01 2/11/2006 3:50 PM 45.42 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\205A96B3d01 2/11/2006 4:04 PM 40.63 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\2684C8C3d01 2/11/2006 4:12 PM 83.00 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\26F73CD5d01 2/11/2006 3:56 PM 51.24 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\27EB6C99d01 2/11/2006 3:31 AM 35.64 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\27F9E723d01 2/11/2006 4:18 PM 55.36 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\2A0096BDd01 2/11/2006 4:04 PM 37.77 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\2BBC81BCd01 2/11/2006 4:01 PM 19.88 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\2BFD0389d01 2/11/2006 3:49 PM 42.89 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\2E3D1631d01 2/11/2006 4:11 PM 50.47 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\300FA939d01 2/11/2006 3:55 PM 52.42 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\3201B9C6d01 2/11/2006 4:12 PM 48.67 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\34190670d01 2/11/2006 3:52 PM 23.06 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\345CED29d01 2/11/2006 4:05 PM 1.21 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\345DED29d01 2/11/2006 4:05 PM 1.00 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\345EED29d01 2/11/2006 4:06 PM 1.04 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\3487F07Dd01 2/11/2006 3:56 PM 28.85 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\389B1E15d01 2/11/2006 3:32 AM 1.08 MB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\3AF73087d01 2/11/2006 3:57 PM 61.11 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\3B8096D1d01 2/11/2006 4:04 PM 31.56 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\3D61C9FFd01 2/11/2006 3:33 AM 35.64 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\3E5DEACEd01 2/11/2006 4:08 PM 28.05 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\47513DD4d01 2/11/2006 3:55 PM 210.95 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\479B9E5Fd01 2/11/2006 4:12 PM 113.24 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\4A0AB7C9d01 2/11/2006 4:15 PM 18.16 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\4B27BBDDd01 2/11/2006 4:08 PM 17.91 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\4B52BFD3d01 2/11/2006 3:50 PM 41.08 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\4F18240Ad01 2/11/2006 3:32 AM 35.64 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\518B8A85d01 2/11/2006 4:03 PM 24.78 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\52BA1D77d01 2/11/2006 3:50 PM 43.19 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\53E5A6E2d01 2/11/2006 3:30 AM 35.64 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\56CD4BD5d01 2/11/2006 3:56 PM 22.46 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\5930642Bd01 2/11/2006 4:03 PM 26.82 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\5DBC96E3d01 2/11/2006 4:05 PM 38.46 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\5F021C4Dd01 2/11/2006 4:18 PM 25.21 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\615F96F7d01 2/11/2006 4:04 PM 40.06 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\639C82B6d01 2/11/2006 3:32 AM 35.64 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\6A400416d01 2/11/2006 4:15 PM 19.88 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\6A410416d01 2/11/2006 4:15 PM 18.13 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\6B5A0C00d01 2/11/2006 4:53 PM 51.95 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\6F9639AFd01 2/11/2006 4:11 PM 17.27 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3C6d01 2/11/2006 4:05 PM 9.74 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3C7d01 2/11/2006 4:05 PM 5.29 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3C8d01 2/11/2006 4:05 PM 15.20 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3C9d01 2/11/2006 4:05 PM 12.23 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3CAd01 2/11/2006 4:04 PM 8.63 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3CBd01 2/11/2006 4:04 PM 10.46 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3CCd01 2/11/2006 4:04 PM 12.43 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3CDd01 2/11/2006 4:04 PM 12.79 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3CEd01 2/11/2006 4:04 PM 21.87 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3CFd01 2/11/2006 4:04 PM 22.54 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3FAd01 2/11/2006 4:06 PM 15.97 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3FBd01 2/11/2006 4:06 PM 12.75 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3FCd01 2/11/2006 4:06 PM 13.54 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3FDd01 2/11/2006 4:06 PM 6.69 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3FEd01 2/11/2006 4:05 PM 9.85 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3FFd01 2/11/2006 4:05 PM 12.38 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\751AA137d01 2/11/2006 4:11 PM 26.61 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\751EA137d01 2/11/2006 4:11 PM 27.15 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7524B4C5d01 2/11/2006 3:55 PM 18.66 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\76F3FEB7d01 2/11/2006 4:12 PM 18.59 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\76F8DDFEd01 2/11/2006 3:58 PM 22.11 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7BA09C1Bd01 2/11/2006 4:07 PM 30.24 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7C31278Fd01 2/11/2006 4:15 PM 20.41 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7E2296CEd01 2/11/2006 4:06 PM 34.44 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7F5914BAd01 2/11/2006 4:03 PM 1002 bytes Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\8010253Fd01 2/11/2006 4:18 PM 51.85 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\813F96D6d01 2/11/2006 4:04 PM 35.24 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\8228BF78d01 2/11/2006 4:55 PM 29.17 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\822DAE88d01 2/11/2006 4:12 PM 32.10 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\84FA95D1d01 2/11/2006 4:04 PM 32.65 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\859CF594d01 2/11/2006 4:17 PM 149.33 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\85BBA191d01 2/11/2006 4:55 PM 68.33 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\86983B06d01 2/11/2006 3:30 AM 124.39 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\89B7AB30d01 2/11/2006 3:30 AM 437.25 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\8A77A407d01 2/11/2006 4:13 PM 35.74 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\8C6B96E7d01 2/11/2006 4:05 PM 37.60 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\8C753BE5d01 2/11/2006 4:03 PM 4.63 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\8E66C112d01 2/11/2006 4:55 PM 18.49 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\8E9B4C70d01 2/11/2006 3:56 PM 67.26 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\9A43C217d01 2/11/2006 4:21 PM 39.95 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\9AC4358Ad01 2/11/2006 3:31 AM 35.64 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\9D4196C7d01 2/11/2006 4:04 PM 40.60 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A3468791d01 2/11/2006 4:56 PM 56.37 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A46068B6d01 2/11/2006 3:50 PM 20.02 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A46A68B6d01 2/11/2006 3:50 PM 21.19 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A46C68B6d01 2/11/2006 3:50 PM 17.68 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A46E68B6d01 2/11/2006 3:50 PM 19.10 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A47068B6d01 2/11/2006 3:50 PM 23.50 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A47868B6d01 2/11/2006 3:50 PM 38.99 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A47A68B6d01 2/11/2006 3:50 PM 29.71 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A47C68B6d01 2/11/2006 3:50 PM 31.67 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A47E68B6d01 2/11/2006 3:50 PM 19.47 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A70B53CFd01 2/11/2006 3:31 AM 332.14 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A721C35Ad01 2/11/2006 4:55 PM 28.63 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A76742D5d01 2/11/2006 4:20 PM 72.54 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A8328391d01 2/11/2006 4:03 PM 4.39 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A8751342d01 2/11/2006 3:52 PM 41.75 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A92096EAd01 2/11/2006 4:06 PM 38.17 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\AA159E88d01 2/11/2006 4:12 PM 17.39 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\AADF96E4d01 2/11/2006 4:05 PM 30.33 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\B29B330Fd01 2/11/2006 3:57 PM 31.98 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\B32479F7d01 2/11/2006 4:09 PM 55.50 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\B52BD8F8d01 2/11/2006 3:49 PM 37.92 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\B60896B5d01 2/11/2006 4:04 PM 40.41 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\B73B6250d01 2/11/2006 4:13 PM 17.68 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\B7CA86D5d01 2/11/2006 3:55 PM 43.85 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\B8B79574d01 2/11/2006 4:55 PM 52.57 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\B8E05796d01 2/11/2006 4:03 PM 67.36 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\B933C38Fd01 2/11/2006 4:03 PM 3.27 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\BAA196D1d01 2/11/2006 4:05 PM 32.31 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\BCBB0B3Cd01 2/11/2006 4:15 PM 19.40 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\C140B95Ad01 2/11/2006 4:12 PM 18.80 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\C26996EDd01 2/11/2006 4:04 PM 33.11 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\C29396D0d01 2/11/2006 4:06 PM 37.34 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Fire

#5 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 11 February 2006 - 06:23 PM

lets see if Blacklight finds anything.

Download and Save blacklight to your desktop.
F-Secure Blacklight: http://www.f-secure....light/try.shtml
Double-click blbeta.exe then accept the agreement.
click > scan then > next,
You'll see a list of all items found.
Don't choose for rename yet! I want to see the log first, because legit items can also be present there...
There must be also a log on your desktop with the name fsbl.xxxxxxx.log (the xxxxxxx stand for numbers)
Post the contents of the log in your next reply together with a new hijackthislog.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 


#6 tinpanalley

tinpanalley

    Authentic Member

  • Authentic Member
  • PipPip
  • 189 posts

Posted 11 February 2006 - 07:01 PM

I just got another one of those Norton Internet Security Alerts. This is what it says... "MEDIUM RISK - navw32.exe is attempting to access the Internet using one or more unrecognized modules. What do you want to do?" Anyway, here's the blacklight log, I'll post the hijack this in another post. HKLM\.DEFAULT\RemoteAccess\InternetProfile 6/8/2004 3:06 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1004\Filename 8/23/2004 5:22 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1004\Description 8/23/2004 5:22 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1005\Filename 9/4/2004 3:42 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1005\Description 9/4/2004 3:42 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1006\Filename 9/20/2004 3:24 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1006\Description 9/20/2004 3:24 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1007\Filename 10/4/2004 1:19 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1007\Description 10/4/2004 1:19 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1009\Filename 10/21/2004 9:22 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1009\Description 10/21/2004 9:22 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1010\Filename 11/10/2004 6:54 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1010\Description 11/10/2004 6:54 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1011\Filename 11/11/2004 5:43 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1011\Description 11/11/2004 5:43 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1012\Filename 11/11/2004 6:06 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1012\Description 11/11/2004 6:06 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1013\Filename 11/16/2004 6:39 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1013\Description 11/16/2004 6:39 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1014\Filename 11/17/2004 5:41 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1014\Description 11/17/2004 5:41 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1016\Filename 11/20/2004 7:14 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1016\Description 11/20/2004 7:14 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1017\Filename 11/22/2004 12:35 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1017\Description 11/22/2004 12:35 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1018\Filename 11/28/2004 8:20 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1018\Description 11/28/2004 8:20 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1019\Filename 11/28/2004 8:40 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1019\Description 11/28/2004 8:40 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1020\Filename 11/28/2004 9:09 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1020\Description 11/28/2004 9:09 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1021\Filename 11/28/2004 9:31 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1021\Description 11/28/2004 9:31 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1022\Filename 11/28/2004 10:39 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1022\Description 11/28/2004 10:39 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1023\Filename 12/1/2004 7:22 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1023\Description 12/1/2004 7:22 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1024\Filename 12/3/2004 7:14 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1024\Description 12/3/2004 7:14 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1025\Filename 12/14/2004 11:30 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1025\Description 12/14/2004 11:30 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1026\Filename 12/18/2004 6:11 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1026\Description 12/18/2004 6:11 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1027\Filename 12/21/2004 4:53 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1027\Description 12/21/2004 4:53 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1028\Filename 12/23/2004 3:01 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1028\Description 12/23/2004 3:01 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1029\Filename 1/30/2005 12:33 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1029\Description 1/30/2005 12:33 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1030\Filename 2/8/2005 3:35 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1030\Description 2/8/2005 3:35 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1031\Filename 2/8/2005 3:37 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1031\Description 2/8/2005 3:37 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1032\Filename 2/8/2005 3:38 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1032\Description 2/8/2005 3:38 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1033\Filename 2/8/2005 3:51 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1033\Description 2/8/2005 3:51 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1034\Filename 2/9/2005 8:52 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1034\Description 2/9/2005 8:52 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1035\Filename 2/9/2005 9:11 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1035\Description 2/9/2005 9:11 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1036\Filename 2/10/2005 7:53 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1036\Description 2/10/2005 7:53 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1037\Filename 2/11/2005 4:32 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1037\Description 2/11/2005 4:32 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1038\Filename 2/11/2005 6:44 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1038\Description 2/11/2005 6:44 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1039\Filename 2/11/2005 11:12 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1039\Description 2/11/2005 11:12 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1040\Filename 2/13/2005 12:01 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1040\Description 2/13/2005 12:01 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1041\Filename 2/25/2005 10:29 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1041\Description 2/25/2005 10:29 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1042\Filename 3/18/2005 9:47 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1042\Description 3/18/2005 9:47 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1043\Filename 3/26/2005 8:13 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1043\Description 3/26/2005 8:13 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1044\Filename 6/9/2005 6:51 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1044\Description 6/9/2005 6:51 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1045\Filename 6/12/2005 8:20 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1045\Description 6/12/2005 8:20 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1046\Filename 6/16/2005 7:45 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1046\Description 6/16/2005 7:45 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1047\Filename 6/19/2005 8:28 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1047\Description 6/19/2005 8:28 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1048\Filename 6/19/2005 8:32 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1048\Description 6/19/2005 8:32 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1049\Filename 6/21/2005 1:07 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1049\Description 6/21/2005 1:07 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1050\Filename 6/23/2005 3:11 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1050\Description 6/23/2005 3:11 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1051\Filename 6/23/2005 6:11 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1051\Description 6/23/2005 6:11 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1052\Filename 7/6/2005 9:59 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1052\Description 7/6/2005 9:59 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1053\Filename 7/6/2005 10:21 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1053\Description 7/6/2005 10:21 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1054\Filename 7/6/2005 10:36 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1054\Description 7/6/2005 10:36 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1055\Filename 7/6/2005 11:40 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1055\Description 7/6/2005 11:40 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1056\Filename 7/7/2005 12:04 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1056\Description 7/7/2005 12:04 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1057\Filename 7/8/2005 1:05 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1057\Description 7/8/2005 1:05 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1058\Filename 7/9/2005 10:46 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1058\Description 7/9/2005 10:46 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1059\Filename 7/10/2005 1:29 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1059\Description 7/10/2005 1:29 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1060\Filename 7/10/2005 11:41 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1060\Description 7/10/2005 11:41 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1061\Filename 7/11/2005 1:10 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1061\Description 7/11/2005 1:10 AM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1062\Filename 7/11/2005 12:22 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1062\Description 7/11/2005 12:22 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1063\Filename 7/14/2005 5:34 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1063\Description 7/14/2005 5:34 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1064\Filename 7/14/2005 5:37 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1064\Description 7/14/2005 5:37 PM 25 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-21-1942873142-913711009-2564194695-1005\RemoteAccess\InternetProfile 4/25/2004 3:07 PM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\S-1-5-18\RemoteAccess\InternetProfile 6/8/2004 3:06 AM 11 bytes Data mismatch between Windows API and raw hive data. HKLM\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version 12/23/2004 3:51 AM 0 bytes Key name contains embedded nulls (*) HKLM\SOFTWARE\Classes\Installer\Products\32418F9EE1126B64A90E8365B85CFCF6\ProductName 3/30/2005 12:16 PM 26 bytes Data mismatch between Windows API and raw hive data. HKLM\SOFTWARE\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o 7/30/2004 12:02 AM 0 bytes Key name contains embedded nulls (*) HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed 2/11/2006 3:47 PM 80 bytes Data mismatch between Windows API and raw hive data. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}\DisplayName 3/30/2005 12:19 PM 26 bytes Data mismatch between Windows API and raw hive data. HKLM\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version 12/23/2004 3:51 AM 0 bytes Key name contains embedded nulls (*) HKLM\SYSTEM\ControlSet001\Control\Motorola\PST\USBDriverVersionNumber 4/18/2005 1:15 PM 3 bytes Data mismatch between Windows API and raw hive data. HKLM\SYSTEM\ControlSet001\Services\a347scsi\Config\jdgg40 2/2/2006 5:06 PM 0 bytes Hidden from Windows API. HKLM\SYSTEM\ControlSet001\Services\a347scsi\Config\jdgg41 12/30/2005 8:35 PM 0 bytes Hidden from Windows API. HKLM\SYSTEM\ControlSet001\Services\d347prt\Cfg\0Jf40 2/11/2006 12:19 PM 0 bytes Hidden from Windows API. HKLM\SYSTEM\ControlSet001\Services\d347prt\Cfg\0Jf41 9/20/2005 1:35 AM 0 bytes Hidden from Windows API. HKLM\SYSTEM\ControlSet001\Services\d347prt\Cfg\0Jf42 9/20/2005 1:35 AM 0 bytes Hidden from Windows API. HKLM\SYSTEM\ControlSet002\Control\Motorola\PST\USBDriverVersionNumber 4/18/2005 1:15 PM 3 bytes Data mismatch between Windows API and raw hive data. C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2FBD24CF 2/10/2006 5:05 AM 38.73 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6D357CE0 2/11/2006 3:52 PM 40.15 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6D691CA6 2/11/2006 3:53 PM 44.40 KB Hidden from Windows API. C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\Incoming\AP0 2/11/2006 3:52 PM 42.33 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Macromedia\Flash Player\#SharedObjects\79FNNYWY\bestbuy.shoplocal.com\bookmarks_235048.sol 2/11/2006 4:07 PM 258 bytes Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Macromedia\Flash Player\#SharedObjects\79FNNYWY\bestbuy.shoplocal.com\global235048.sol 2/11/2006 4:07 PM 147 bytes Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0028E6C2d01 2/11/2006 4:11 PM 45.14 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\003CB69Cd01 2/11/2006 4:03 PM 6.55 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\03721A0Fd01 2/11/2006 4:20 PM 16.09 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\05BA96EAd01 2/11/2006 4:04 PM 35.55 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\06BB45E5d01 2/11/2006 4:13 PM 18.31 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\07A34B32d01 2/11/2006 3:33 AM 1.08 MB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\09AB7834d01 2/11/2006 4:18 PM 16.94 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0ABA96F5d01 2/11/2006 4:04 PM 41.98 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0C6076F3d01 2/11/2006 4:54 PM 87.88 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0C6176F3d01 2/11/2006 4:54 PM 43.79 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0C6276F3d01 2/11/2006 4:54 PM 31.43 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0C6376F3d01 2/11/2006 4:54 PM 70.09 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0C6476F3d01 2/11/2006 4:54 PM 21.08 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0C6676F3d01 2/11/2006 4:54 PM 42.32 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0C6776F3d01 2/11/2006 4:54 PM 18.16 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0C6C76F3d01 2/11/2006 4:54 PM 53.55 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0C6D76F3d01 2/11/2006 4:54 PM 36.44 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0D32B350d01 2/11/2006 3:51 PM 55.86 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0DA5EE19d01 2/11/2006 4:11 PM 36.74 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\0F5696C8d01 2/11/2006 4:04 PM 37.79 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\109395E2d01 2/11/2006 4:04 PM 41.84 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\11A5AD2Bd01 2/11/2006 4:20 PM 45.88 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\13AE2C40d01 2/11/2006 3:56 PM 106.37 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\1416745Fd01 2/11/2006 4:05 PM 1.84 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\17278881d01 2/11/2006 4:05 PM 906 bytes Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\19A675A4d01 2/11/2006 4:20 PM 17.47 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\1A09D7E1d01 2/11/2006 4:03 PM 44.43 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\1AB6E803d01 2/11/2006 4:21 PM 42.99 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\1C7E24FCd01 2/11/2006 3:31 AM 35.64 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\1C83FC3Fd01 2/11/2006 3:56 PM 151.94 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\1D7433C6d01 2/11/2006 3:50 PM 45.42 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\205A96B3d01 2/11/2006 4:04 PM 40.63 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\2684C8C3d01 2/11/2006 4:12 PM 83.00 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\26F73CD5d01 2/11/2006 3:56 PM 51.24 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\27EB6C99d01 2/11/2006 3:31 AM 35.64 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\27F9E723d01 2/11/2006 4:18 PM 55.36 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\2A0096BDd01 2/11/2006 4:04 PM 37.77 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\2BBC81BCd01 2/11/2006 4:01 PM 19.88 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\2BFD0389d01 2/11/2006 3:49 PM 42.89 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\2E3D1631d01 2/11/2006 4:11 PM 50.47 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\300FA939d01 2/11/2006 3:55 PM 52.42 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\3201B9C6d01 2/11/2006 4:12 PM 48.67 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\34190670d01 2/11/2006 3:52 PM 23.06 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\345CED29d01 2/11/2006 4:05 PM 1.21 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\345DED29d01 2/11/2006 4:05 PM 1.00 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\345EED29d01 2/11/2006 4:06 PM 1.04 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\3487F07Dd01 2/11/2006 3:56 PM 28.85 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\389B1E15d01 2/11/2006 3:32 AM 1.08 MB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\3AF73087d01 2/11/2006 3:57 PM 61.11 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\3B8096D1d01 2/11/2006 4:04 PM 31.56 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\3D61C9FFd01 2/11/2006 3:33 AM 35.64 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\3E5DEACEd01 2/11/2006 4:08 PM 28.05 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\47513DD4d01 2/11/2006 3:55 PM 210.95 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\479B9E5Fd01 2/11/2006 4:12 PM 113.24 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\4A0AB7C9d01 2/11/2006 4:15 PM 18.16 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\4B27BBDDd01 2/11/2006 4:08 PM 17.91 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\4B52BFD3d01 2/11/2006 3:50 PM 41.08 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\4F18240Ad01 2/11/2006 3:32 AM 35.64 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\518B8A85d01 2/11/2006 4:03 PM 24.78 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\52BA1D77d01 2/11/2006 3:50 PM 43.19 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\53E5A6E2d01 2/11/2006 3:30 AM 35.64 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\56CD4BD5d01 2/11/2006 3:56 PM 22.46 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\5930642Bd01 2/11/2006 4:03 PM 26.82 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\5DBC96E3d01 2/11/2006 4:05 PM 38.46 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\5F021C4Dd01 2/11/2006 4:18 PM 25.21 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\615F96F7d01 2/11/2006 4:04 PM 40.06 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\639C82B6d01 2/11/2006 3:32 AM 35.64 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\6A400416d01 2/11/2006 4:15 PM 19.88 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\6A410416d01 2/11/2006 4:15 PM 18.13 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\6B5A0C00d01 2/11/2006 4:53 PM 51.95 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\6F9639AFd01 2/11/2006 4:11 PM 17.27 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3C6d01 2/11/2006 4:05 PM 9.74 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3C7d01 2/11/2006 4:05 PM 5.29 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3C8d01 2/11/2006 4:05 PM 15.20 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3C9d01 2/11/2006 4:05 PM 12.23 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3CAd01 2/11/2006 4:04 PM 8.63 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3CBd01 2/11/2006 4:04 PM 10.46 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3CCd01 2/11/2006 4:04 PM 12.43 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3CDd01 2/11/2006 4:04 PM 12.79 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3CEd01 2/11/2006 4:04 PM 21.87 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3CFd01 2/11/2006 4:04 PM 22.54 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3FAd01 2/11/2006 4:06 PM 15.97 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3FBd01 2/11/2006 4:06 PM 12.75 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3FCd01 2/11/2006 4:06 PM 13.54 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3FDd01 2/11/2006 4:06 PM 6.69 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3FEd01 2/11/2006 4:05 PM 9.85 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7097A3FFd01 2/11/2006 4:05 PM 12.38 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\751AA137d01 2/11/2006 4:11 PM 26.61 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\751EA137d01 2/11/2006 4:11 PM 27.15 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7524B4C5d01 2/11/2006 3:55 PM 18.66 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\76F3FEB7d01 2/11/2006 4:12 PM 18.59 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\76F8DDFEd01 2/11/2006 3:58 PM 22.11 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7BA09C1Bd01 2/11/2006 4:07 PM 30.24 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7C31278Fd01 2/11/2006 4:15 PM 20.41 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7E2296CEd01 2/11/2006 4:06 PM 34.44 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\7F5914BAd01 2/11/2006 4:03 PM 1002 bytes Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\8010253Fd01 2/11/2006 4:18 PM 51.85 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\813F96D6d01 2/11/2006 4:04 PM 35.24 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\8228BF78d01 2/11/2006 4:55 PM 29.17 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\822DAE88d01 2/11/2006 4:12 PM 32.10 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\84FA95D1d01 2/11/2006 4:04 PM 32.65 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\859CF594d01 2/11/2006 4:17 PM 149.33 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\85BBA191d01 2/11/2006 4:55 PM 68.33 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\86983B06d01 2/11/2006 3:30 AM 124.39 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\89B7AB30d01 2/11/2006 3:30 AM 437.25 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\8A77A407d01 2/11/2006 4:13 PM 35.74 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\8C6B96E7d01 2/11/2006 4:05 PM 37.60 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\8C753BE5d01 2/11/2006 4:03 PM 4.63 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\8E66C112d01 2/11/2006 4:55 PM 18.49 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\8E9B4C70d01 2/11/2006 3:56 PM 67.26 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\9A43C217d01 2/11/2006 4:21 PM 39.95 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\9AC4358Ad01 2/11/2006 3:31 AM 35.64 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\9D4196C7d01 2/11/2006 4:04 PM 40.60 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A3468791d01 2/11/2006 4:56 PM 56.37 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A46068B6d01 2/11/2006 3:50 PM 20.02 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A46A68B6d01 2/11/2006 3:50 PM 21.19 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A46C68B6d01 2/11/2006 3:50 PM 17.68 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A46E68B6d01 2/11/2006 3:50 PM 19.10 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A47068B6d01 2/11/2006 3:50 PM 23.50 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A47868B6d01 2/11/2006 3:50 PM 38.99 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A47A68B6d01 2/11/2006 3:50 PM 29.71 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A47C68B6d01 2/11/2006 3:50 PM 31.67 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A47E68B6d01 2/11/2006 3:50 PM 19.47 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A70B53CFd01 2/11/2006 3:31 AM 332.14 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A721C35Ad01 2/11/2006 4:55 PM 28.63 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A76742D5d01 2/11/2006 4:20 PM 72.54 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A8328391d01 2/11/2006 4:03 PM 4.39 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A8751342d01 2/11/2006 3:52 PM 41.75 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\A92096EAd01 2/11/2006 4:06 PM 38.17 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\AA159E88d01 2/11/2006 4:12 PM 17.39 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\AADF96E4d01 2/11/2006 4:05 PM 30.33 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\B29B330Fd01 2/11/2006 3:57 PM 31.98 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\B32479F7d01 2/11/2006 4:09 PM 55.50 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\B52BD8F8d01 2/11/2006 3:49 PM 37.92 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\B60896B5d01 2/11/2006 4:04 PM 40.41 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\B73B6250d01 2/11/2006 4:13 PM 17.68 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\B7CA86D5d01 2/11/2006 3:55 PM 43.85 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\B8B79574d01 2/11/2006 4:55 PM 52.57 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\B8E05796d01 2/11/2006 4:03 PM 67.36 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\B933C38Fd01 2/11/2006 4:03 PM 3.27 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\BAA196D1d01 2/11/2006 4:05 PM 32.31 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\BCBB0B3Cd01 2/11/2006 4:15 PM 19.40 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\C140B95Ad01 2/11/2006 4:12 PM 18.80 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\C26996EDd01 2/11/2006 4:04 PM 33.11 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\C29396D0d01 2/11/2006 4:06 PM 37.34 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\C30BA6B0d01 2/11/2006 4:04 PM 8.36 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\C30BA6B1d01 2/11/2006 4:04 PM 9.82 KB Hidden from Windows API. C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\Cache\C30BA6B4d01

#7 tinpanalley

tinpanalley

    Authentic Member

  • Authentic Member
  • PipPip
  • 189 posts

Posted 11 February 2006 - 07:03 PM

And, here's the new Hijack this log s of 1 minute ago...

Logfile of HijackThis v1.99.1
Scan saved at 8:02:16 PM, on 2/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\gbpvr\GBPVRRecordingService.exe
C:\WINDOWS\runservice.exe
C:\Program Files\MacOpener\FORMATM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\AccuWeatherDesktopAlerts\AccuWeatherDesktopAlerts.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\My Downloads\hijack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
N2 - Netscape 6: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Profiles\default\apvpctck.slt\prefs.js)
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [EPSON Stylus CX4600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /O6 "USB002" /M "Stylus CX4600"
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKCU\..\Run: [AccuWeatherDesktopAlerts] C:\Program Files\AccuWeatherDesktopAlerts\AccuWeatherDesktopAlerts.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download all by Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Download by Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {1380F812-709B-4684-935B-84E447802AFF} (InstallerAX Class) - http://foxmovies.a.c...installerAX.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec....sa/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {33288993-5664-11D4-8B5B-00D0B73B3518} (ell Class) - http://www.easports....ommon/ieell.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} (SnoopyCtrl Class) - http://www.easports....py/iesnoopy.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1099665745687
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://213.98.2.231:...sCamControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} (WebEyeControl) - http://www.rockefell...r/wg_webeye.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec....sa/SymAData.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.ao.../ampx_en_dl.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: GB-PVR Recording Service - - C:\Program Files\gbpvr\GBPVRRecordingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: MacFormatService - Unknown owner - C:\Program Files\MacOpener\FORMATM.EXE" /SERVICE (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

#8 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 11 February 2006 - 07:12 PM

You may want to print out these instructions for reference, since you will have to restart your computer during the fix.

Please download AproposFix from here:
http://swandog46.gee.../aproposfix.exe

Save it to your desktop but do NOT run it yet.

Then please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.


Once in Safe Mode, please double-click aproposfix.exe and unzip it to the desktop. Open the aproposfix folder on your desktop and run RunThis.bat. Follow the prompts.

When the tool is finished, please reboot back into normal mode, and post a new HijackThis log, along with the entire contents of the log.txt file in the aproposfix folder.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 


#9 tinpanalley

tinpanalley

    Authentic Member

  • Authentic Member
  • PipPip
  • 189 posts

Posted 11 February 2006 - 08:08 PM

Ok, here's the Apropos logfile... Any clue what's going on yet? Log of AproposFix v1.1 ************ Running from directory: C:\My Downloads\Aproposfix\aproposfix ************ Registry entries found: ************ No service found! Removing hidden folder: No folder found! Deleting files: Backing up files: Done! Removing registry entries: REGEDIT4 Done! Finished!

#10 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 11 February 2006 - 08:17 PM

If it's hidden, it hasn't shown it's ugly face yet.



Please download the trial version of ewido anti-malware 3.5 here:
http://www.ewido.net/en/download/
Install it, and update the definitions to the newest files. Do NOT run a scan yet.


Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.


Then please run Ewido, click on the Scanner run a full scan and let it clean everything it finds. Save the logfile from the scan.


Restart your computer in normal mode and please post a new HijackThis log, as well as the log from the Ewido scan.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 

    Advertisements

Register to Remove


#11 tinpanalley

tinpanalley

    Authentic Member

  • Authentic Member
  • PipPip
  • 189 posts

Posted 11 February 2006 - 09:27 PM

Ewido seems to be running very slowly. Could that be because of Norton? Also, the PC can't even seem to start it up in Safe Mode. Shall I run it in normal mode?

#12 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 12 February 2006 - 05:46 AM

Shall I run it in normal mode?

It needs to be run in Safe Mode or it won't clean very well.
Try unplugging the the internet cable and try safe mode again. If that still doesn't work, go ahead in normal mode.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 


#13 tinpanalley

tinpanalley

    Authentic Member

  • Authentic Member
  • PipPip
  • 189 posts

Posted 12 February 2006 - 02:46 PM

Disconnecting the internet connection helped. Here's the Ewido log... --------------------------------------------------------- ewido anti-malware - Scan report --------------------------------------------------------- + Created on: 1:41:11 PM, 2/12/2006 + Report-Checksum: 5B24AE89 + Scan result: :mozilla.39:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup :mozilla.40:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup :mozilla.41:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup :mozilla.42:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup :mozilla.55:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.56:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.57:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.58:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.59:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.60:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.61:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.62:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.63:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.64:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.65:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.66:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.67:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.68:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.69:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.70:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.71:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.72:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.73:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.74:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.75:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.76:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.77:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.78:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.79:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.80:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.81:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.82:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.83:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.84:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.85:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.86:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.87:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.88:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.89:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.90:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.91:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.92:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.93:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.94:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.95:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.96:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.97:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.98:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.99:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.100:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.101:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.102:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.103:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.109:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.110:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.111:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.112:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.113:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.114:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.115:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.116:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.117:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.118:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.119:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.120:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.121:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.122:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.123:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.124:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.125:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.126:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.127:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup :mozilla.128:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup :mozilla.129:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup :mozilla.130:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup :mozilla.131:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup :mozilla.157:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup :mozilla.158:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup :mozilla.159:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup :mozilla.160:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup :mozilla.176:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.182:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup :mozilla.183:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup :mozilla.184:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup :mozilla.185:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup :mozilla.186:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup :mozilla.188:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup :mozilla.190:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup :mozilla.191:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup :mozilla.193:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup :mozilla.194:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup :mozilla.197:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup :mozilla.198:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup :mozilla.204:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.205:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.206:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.207:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.208:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.209:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.210:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.211:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.212:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.213:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.214:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.215:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.216:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.217:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.218:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.219:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.220:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.221:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.222:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.223:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.224:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.225:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.226:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.227:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.228:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.229:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.230:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.231:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.232:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.233:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.234:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.254:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup :mozilla.255:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup :mozilla.256:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup :mozilla.266:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.267:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.268:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.270:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup :mozilla.273:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup :mozilla.284:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.285:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.286:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.287:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.289:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.303:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.316:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.395:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup :mozilla.396:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup :mozilla.397:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup :mozilla.398:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup :mozilla.399:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup :mozilla.455:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup :mozilla.456:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup :mozilla.458:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.459:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.460:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.461:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.462:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.463:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.464:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.465:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.466:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.467:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.468:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.469:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.470:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.471:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.472:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.473:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.474:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.475:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.476:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.477:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.478:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.479:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.480:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.481:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.482:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.483:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.484:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.485:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.486:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.487:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.488:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.489:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.502:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup :mozilla.503:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup :mozilla.504:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup :mozilla.505:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup :mozilla.506:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup :mozilla.507:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup :mozilla.508:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup :mozilla.509:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup :mozilla.510:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup :mozilla.511:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup :mozilla.512:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup :mozilla.513:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup :mozilla.539:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.566:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.571:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.619:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.647:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.669:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup :mozilla.676:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup :mozilla.683:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup :mozilla.684:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup :mozilla.691:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup :mozilla.692:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup :mozilla.693:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup :mozilla.694:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup :mozilla.695:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup :mozilla.740:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.741:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.742:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.743:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.744:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.745:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.746:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.747:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.777:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup :mozilla.778:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup :mozilla.838:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup :mozilla.847:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup :mozilla.851:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup :mozilla.943:C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Firefox\Profiles\49vqybs8.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup C:\Documents and Settings\Phil Vasquez\Cookies\phil vasquez@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup C:\Documents and Settings\Phil Vasquez\Cookies\phil vasquez@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned with backup C:\Documents and Settings\Phil Vasquez\Cookies\phil vasquez@e-2dj6wjny-1pczwe.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup C:\Documents and Settings\Phil Vasquez\Cookies\phil vasquez@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Cleaned with backup C:\Documents and Settings\Phil Vasquez\Cookies\phil vasquez@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup C:\My Music\(PDA) Palm OS Software Over 100 Programs.zip/palmsoftware - downloads/vnc-3.3.3r2_x86_win32 - Access any PC off your PC!.zip/vnc_x86_win32/vncviewer/vncviewer.exe -> Not-A-Virus.RemoteAdmin.Win32.WinVNC.333 : Cleaned with backup :mozilla.42:C:\RECYCLER\NPROTECT\00000037.MOZ -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.87:C:\RECYCLER\NPROTECT\00000037.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.88:C:\RECYCLER\NPROTECT\00000037.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.89:C:\RECYCLER\NPROTECT\00000037.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.90:C:\RECYCLER\NPROTECT\00000037.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.91:C:\RECYCLER\NPROTECT\00000037.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.92:C:\RECYCLER\NPROTECT\00000037.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.93:C:\RECYCLER\NPROTECT\00000037.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.133:C:\RECYCLER\NPROTECT\00000037.MOZ -> TrackingCookie.Zedo : Cleaned with backup -> : Error during cleaning :mozilla.135:C:\RECYCLER\NPROTECT\00000037.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.143:C:\RECYCLER\NPROTECT\00000037.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.222:C:\RECYCLER\NPROTECT\00000037.MOZ -> TrackingCookie.Abcsearch : Cleaned with backup :mozilla.223:C:\RECYCLER\NPROTECT\00000037.MOZ -> TrackingCookie.Abcsearch : Cleaned with backup :mozilla.224:C:\RECYCLER\NPROTECT\00000037.MOZ -> TrackingCookie.Abcsearch : Cleaned with backup :mozilla.339:C:\RECYCLER\NPROTECT\00000037.MOZ -> TrackingCookie.Tracking101 : Cleaned with backup :mozilla.342:C:\RECYCLER\NPROTECT\00000037.MOZ -> TrackingCookie.Enhance : Cleaned with backup :mozilla.437:C:\RECYCLER\NPROTECT\00000037.MOZ -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.438:C:\RECYCLER\NPROTECT\00000037.MOZ -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.439:C:\RECYCLER\NPROTECT\00000037.MOZ -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.15:C:\RECYCLER\NPROTECT\00000038.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.17:C:\RECYCLER\NPROTECT\00000038.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.18:C:\RECYCLER\NPROTECT\00000038.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.19:C:\RECYCLER\NPROTECT\00000038.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.20:C:\RECYCLER\NPROTECT\00000038.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.104:C:\RECYCLER\NPROTECT\00000038.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.105:C:\RECYCLER\NPROTECT\00000038.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.106:C:\RECYCLER\NPROTECT\00000038.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.107:C:\RECYCLER\NPROTECT\00000038.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.108:C:\RECYCLER\NPROTECT\00000038.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.109:C:\RECYCLER\NPROTECT\00000038.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.110:C:\RECYCLER\NPROTECT\00000038.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.223:C:\RECYCLER\NPROTECT\00000038.MOZ -> TrackingCookie.Abcsearch : Cleaned with backup :mozilla.224:C:\RECYCLER\NPROTECT\00000038.MOZ -> TrackingCookie.Abcsearch : Cleaned with backup :mozilla.225:C:\RECYCLER\NPROTECT\00000038.MOZ -> TrackingCookie.Abcsearch : Cleaned with backup :mozilla.338:C:\RECYCLER\NPROTECT\00000038.MOZ -> TrackingCookie.Tracking101 : Cleaned with backup :mozilla.341:C:\RECYCLER\NPROTECT\00000038.MOZ -> TrackingCookie.Enhance : Cleaned with backup :mozilla.436:C:\RECYCLER\NPROTECT\00000038.MOZ -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.437:C:\RECYCLER\NPROTECT\00000038.MOZ -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.438:C:\RECYCLER\NPROTECT\00000038.MOZ -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.18:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.19:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.20:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.21:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.22:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.23:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.104:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.105:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.106:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.107:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.108:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.109:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.110:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.223:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Abcsearch : Cleaned with backup :mozilla.224:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Abcsearch : Cleaned with backup :mozilla.225:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Abcsearch : Cleaned with backup :mozilla.338:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Tracking101 : Cleaned with backup :mozilla.341:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Enhance : Cleaned with backup :mozilla.436:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.437:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.438:C:\RECYCLER\NPROTECT\00000045.MOZ -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.26:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.27:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.28:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.29:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.30:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.31:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.104:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.105:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.106:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.107:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.108:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.109:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.110:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.223:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Abcsearch : Cleaned with backup :mozilla.224:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Abcsearch : Cleaned with backup :mozilla.225:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Abcsearch : Cleaned with backup :mozilla.338:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Tracking101 : Cleaned with backup :mozilla.341:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Enhance : Cleaned with backup :mozilla.436:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.437:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.438:C:\RECYCLER\NPROTECT\00000046.MOZ -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.6:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.7:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.8:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.9:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.10:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.11:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.104:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.105:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.106:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.107:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.108:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.109:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.110:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.223:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Abcsearch : Cleaned with backup :mozilla.224:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Abcsearch : Cleaned with backup :mozilla.225:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Abcsearch : Cleaned with backup :mozilla.338:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Tracking101 : Cleaned with backup :mozilla.341:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Enhance : Cleaned with backup :mozilla.436:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.437:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.438:C:\RECYCLER\NPROTECT\00000050.MOZ -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.14:C:\RECYCLER\NPROTECT\00000052.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.15:C:\RECYCLER\NPROTECT\00000052.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.16:C:\RECYCLER\NPROTECT\00000052.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.17:C:\RECYCLER\NPROTECT\00000052.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.18:C:\RECYCLER\NPROTECT\00000052.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.113:C:\RECYCLER\NPROTECT\00000052.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.114:C:\RECYCLER\NPROTECT\00000052.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.115:C:\RECYCLER\NPROTECT\00000052.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.116:C:\RECYCLER\NPROTECT\00000052.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.117:C:\RECYCLER\NPROTECT\00000052.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.118:C:\RECYCLER\NPROTECT\00000052.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.119:C:\RECYCLER\NPROTECT\00000052.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.230:C:\RECYCLER\NPROTECT\00000052.MOZ -> TrackingCookie.Abcsearch : Cleaned with backup :mozilla.231:C:\RECYCLER\NPROTECT\00000052.MOZ -> TrackingCookie.Abcsearch : Cleaned with backup :mozilla.232:C:\RECYCLER\NPROTECT\00000052.MOZ -> TrackingCookie.Abcsearch : Cleaned with backup :mozilla.345:C:\RECYCLER\NPROTECT\00000052.MOZ -> TrackingCookie.Tracking101 : Cleaned with backup :mozilla.348:C:\RECYCLER\NPROTECT\00000052.MOZ -> TrackingCookie.Enhance : Cleaned with backup :mozilla.443:C:\RECYCLER\NPROTECT\00000052.MOZ -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.444:C:\RECYCLER\NPROTECT\00000052.MOZ -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.445:C:\RECYCLER\NPROTECT\00000052.MOZ -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.14:C:\RECYCLER\NPROTECT\00000055.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.15:C:\RECYCLER\NPROTECT\00000055.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.16:C:\RECYCLER\NPROTECT\00000055.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.17:C:\RECYCLER\NPROTECT\00000055.MOZ -> TrackingCookie.Zedo : Cleaned with backup :mozilla.135:C:\RECYCLER\NPROTECT\00000055.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.136:C:\RECYCLER\NPROTECT\00000055.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.137:C:\RECYCLER\NPROTECT\00000055.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.138:C:\RECYCLER\NPROTECT\00000055.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.139:C:\RECYCLER\NPROTECT\00000055.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.140:C:\RECYCLER\NPROTECT\00000055.MOZ -> TrackingCookie.Realcastmedia : Cleaned with backup :mozilla.141:C:\RECYCLE

#14 tinpanalley

tinpanalley

    Authentic Member

  • Authentic Member
  • PipPip
  • 189 posts

Posted 12 February 2006 - 02:47 PM

And the new Hijack this log...


Logfile of HijackThis v1.99.1
Scan saved at 3:46:35 PM, on 2/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\gbpvr\GBPVRRecordingService.exe
C:\WINDOWS\runservice.exe
C:\Program Files\MacOpener\FORMATM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\AccuWeatherDesktopAlerts\AccuWeatherDesktopAlerts.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\My Downloads\hijack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
N2 - Netscape 6: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Phil Vasquez\Application Data\Mozilla\Profiles\default\apvpctck.slt\prefs.js)
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [EPSON Stylus CX4600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /O6 "USB002" /M "Stylus CX4600"
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKCU\..\Run: [AccuWeatherDesktopAlerts] C:\Program Files\AccuWeatherDesktopAlerts\AccuWeatherDesktopAlerts.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download all by Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Download by Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {1380F812-709B-4684-935B-84E447802AFF} (InstallerAX Class) - http://foxmovies.a.c...installerAX.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec....sa/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {33288993-5664-11D4-8B5B-00D0B73B3518} (ell Class) - http://www.easports....ommon/ieell.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} (SnoopyCtrl Class) - http://www.easports....py/iesnoopy.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1099665745687
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://213.98.2.231:...sCamControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} (WebEyeControl) - http://www.rockefell...r/wg_webeye.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec....sa/SymAData.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.ao.../ampx_en_dl.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: GB-PVR Recording Service - - C:\Program Files\gbpvr\GBPVRRecordingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: MacFormatService - Unknown owner - C:\Program Files\MacOpener\FORMATM.EXE" /SERVICE (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

#15 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 12 February 2006 - 03:03 PM

Those were all Cookies, so that wasn't a real problem.

We can get rid of the ones you don't need. The 016's will come back if needed next time you visit that site.


I suggest you do this:

Run hijackthis. Hit None of the above, Click Do a System Scan Only. Put a Check in the box on the left side on these:

O16 - DPF: {1380F812-709B-4684-935B-84E447802AFF} (InstallerAX Class) - http://foxmovies.a.c...installerAX.cab

O16 - DPF: {33288993-5664-11D4-8B5B-00D0B73B3518} (ell Class) - http://www.easports....ommon/ieell.cab

O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab

O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} (SnoopyCtrl Class) - http://www.easports....py/iesnoopy.cab

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://213.98.2.231:...sCamControl.cab

O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.ao.../ampx_en_dl.cab


Close ALL windows and browsers except HijackThis and click "Fix checked"


Open C:\Windows\Prefetch\ Delete ALL files in this folder.


Please download System Security Suite. Extract it from the zip file into a folder.
here.

Run 3S under “Items To Clear” tab place a checkmark in all of them but the last.

Reboot and Rescan with HJT and post a new log here.
Also please describe how your computer behaves now.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users