Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93101 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

please help with my HJT log...


  • This topic is locked This topic is locked
15 replies to this topic

#1 texasguy

texasguy

    New Member

  • New Member
  • Pip
  • 7 posts

Posted 06 April 2006 - 09:13 PM

I need some help with my log... My computer has gotten extremly slow... And I have no clue why... please help.

TexasGuy

Logfile of HijackThis v1.99.1
Scan saved at 9:06:18 PM, on 4/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\cox\applications\app\CurtainsSysSvcNt.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Cox\Applications\app\Prism.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon05.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Joseph Bass\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://northeasttexas.cox.net/cci/home
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\AUserInit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: InfoDocReader Object - {295BA105-3506-4D25-B0DD-54346320BDC5} - C:\WINDOWS\system32\cbayv.dll
O2 - BHO: AuthBHO.cBHO - {A4D90779-6CB2-4752-83C2-A2AB4D9A672D} - C:\Program Files\Cox\Applications\app\AuthBHO.dll
O3 - Toolbar: Cox Popup Blocker - {64634180-B0EA-48B6-82B7-9620D33362C1} - C:\Program Files\Cox\Applications\app\AuthBHO.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [IPInSightMonitor 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Security iGuard] C:\Program Files\Security iGuard\Security iGuard.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [C:\WINDOWS\..\Program Files\SBC Yahoo!\Connection Manager\ConnectionManager.exe ] SBC Yahoo! Connection Manager
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [STDL] C:\WINDOWS\system32\stub.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [GTRipple] C:\Program Files\GTRipple\GTDesktop\Plugins\GTRipple.exe
O4 - HKCU\..\Run: [PVR] C:\Program Files\XemiComputers\Pocket Voice Recorder\PVR.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - HKCU\..\Run: [SNInstall] C:\winstall.exe
O4 - Startup: Project1.lnk = C:\WINDOWS\system32\Stub.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\Msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\Msjava.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony...ct/VaioInfo.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefend...can8/oscan8.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebo...otoUploader.cab
O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} (OneCCCtl Class) - http://d.69.25.47.79...650776OneCC.cab
O16 - DPF: {701DC9DC-ACD5-4E94-85E3-F3F1ED68611A} (CWebClientCtl Object) - http://download.palt...ebclientctl.cab
O16 - DPF: {82F2D6B2-6C58-4404-A930-9DB0FD90D4B1} (Driver_Detective_v43_Non_Member.DD_v43) - http://www.drivershq..._Non_Member.CAB
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsec...scan/axscan.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O16 - DPF: {D1ACD2D8-7312-4D06-BECD-90EB094D2277} - http://mediaplayer.w...ler/install.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.game...outLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.game...aploader_v6.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} - http://entimg.msn.co...snmusax2918.cab
O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - E:\CDS300\__CDS2.dll (file missing)
O20 - Winlogon Notify: cbayv - C:\WINDOWS\system32\cbayv.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Curtains for Windows System Service (CurtainsSysSvc) - Authentium, Inc. - c:\program files\cox\applications\app\CurtainsSysSvcNt.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

    Advertisements

Register to Remove


#2 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 11 April 2006 - 04:56 PM

Hello texasguy, welcome to the TC Forum.


Download VundoFix.exe to your desktop.
  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES.
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will shutdown your computer, click OK.
  • Turn your computer back on.
Please download the trial version of ewido anti-malware 3.5 here:
http://www.ewido.net/en/download/
Install it, and update the definitions to the newest files. Do NOT run a scan yet.


Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.


Then please run Ewido, click on the Scanner run a full scan and let it clean everything it finds. Save the logfile from the scan.


While still in Safe Mode:

Run hijackthis. Hit None of the above, Click Do a System Scan Only. Put a Check in the box on the left side on these:

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com

O2 - BHO: InfoDocReader Object - {295BA105-3506-4D25-B0DD-54346320BDC5} - C:\WINDOWS\system32\cbayv.dll

O4 - HKLM\..\Run: [STDL] C:\WINDOWS\system32\stub.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe

O4 - HKCU\..\Run: [SNInstall] C:\winstall.exe

O4 - Startup: Project1.lnk = C:\WINDOWS\system32\Stub.exe

O20 - Winlogon Notify: cbayv - C:\WINDOWS\system32\cbayv.dll


Unless you or your administrator added these, fix also.
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present


Close ALL windows and browsers except HijackThis and click "Fix checked"



Delete these files if listed:
C:\WINDOWS\system32\stub.exe
C:\winstall.exe
C:\WINDOWS\system32\cbayv.dll



Open C:\Windows\Prefetch\ Delete ALL files in this folder.



Do this also if these Temp Folders are part of your OS.

Also in safe mode navigate to the C:\Windows\Temp folder. Open the Temp folder and go to Edit > Select All then Edit > Delete to delete the entire contents of the Temp folder.


Next navigate to the C:\Documents and Settings\(EVERY LISTED PROFILE USER)\Local Settings\Temp folder. Open the Temp folder and go to Edit > Select All then Edit > Delete to delete the entire contents of the Temp folder.

Finally go to Control Panel > Internet Options. On the General tab under "Temporary Internet Files" Click "Delete Files". Put a check by "Delete Offline Content" and click OK. Click on the Programs tab then click the "Reset Web Settings" button. Click Apply

Restart your computer in normal mode and please post a new HijackThis log, as well as the log from the Ewido scan.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 


#3 texasguy

texasguy

    New Member

  • New Member
  • Pip
  • 7 posts

Posted 11 April 2006 - 09:33 PM

Ok... all of the above is done and here is are my logs.

Logfile of HijackThis v1.99.1
Scan saved at 9:25:35 PM, on 4/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\cox\applications\app\CurtainsSysSvcNt.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Cox\Applications\app\Prism.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Joseph Bass\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://northeasttexas.cox.net/cci/home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\AUserInit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AuthBHO.cBHO - {A4D90779-6CB2-4752-83C2-A2AB4D9A672D} - C:\Program Files\Cox\Applications\app\AuthBHO.dll
O3 - Toolbar: Cox Popup Blocker - {64634180-B0EA-48B6-82B7-9620D33362C1} - C:\Program Files\Cox\Applications\app\AuthBHO.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [IPInSightMonitor 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\Msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\Msjava.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony...ct/VaioInfo.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefend...can8/oscan8.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebo...otoUploader.cab
O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} (OneCCCtl Class) - http://d.69.25.47.79...650776OneCC.cab
O16 - DPF: {701DC9DC-ACD5-4E94-85E3-F3F1ED68611A} (CWebClientCtl Object) - http://download.palt...ebclientctl.cab
O16 - DPF: {82F2D6B2-6C58-4404-A930-9DB0FD90D4B1} (Driver_Detective_v43_Non_Member.DD_v43) - http://www.drivershq..._Non_Member.CAB
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsec...scan/axscan.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O16 - DPF: {D1ACD2D8-7312-4D06-BECD-90EB094D2277} - http://mediaplayer.w...ler/install.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.game...outLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.game...aploader_v6.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} - http://entimg.msn.co...snmusax2918.cab
O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - E:\CDS300\__CDS2.dll (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Curtains for Windows System Service (CurtainsSysSvc) - Authentium, Inc. - c:\program files\cox\applications\app\CurtainsSysSvcNt.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 9:09:58 PM, 4/11/2006
+ Report-Checksum: 63FF5BEE

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{0619A956-9257-5FC3-5AF0-B50872BD2662} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0C486A9A-90AE-95F6-758D-9AE8676B4FF7} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0F196029-625A-85DB-F671-7D52D7B8235C} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{12F72849-7A03-E428-0E12-0915087880FF} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{12FC9565-4411-4ACB-2788-D1BE2B4072D6} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1C7E1FF1-5EAF-F4A9-CE65-C6783D1C38C7} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1D200653-3395-8F3E-CE6F-90DFC9291C6B} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1EF4B271-88F7-7FCA-14A5-1285B4CE846E} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1F55CFF8-CE36-B087-FA67-BC0E9AF6BCDA} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2536C943-1153-AD4C-300A-B4B7FF0DA8BA} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{255EA3F4-E1F4-1EAB-2B1C-7AD588C93F27} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{25745BCC-24CB-01C1-0FA1-DBFA7F8BDCF7} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2794F90A-2AC7-F33D-1A20-AA1991DFBC7D} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{27AB907C-8C71-0316-AAB8-F84D9E8EEADC} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{27B7B1C6-9CB4-0DCD-50C3-E8A0B4BD572C} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2AF50CC1-26BA-FEB7-E5AD-16A2F8E7D672} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2EE5241D-6041-2CDD-BE05-C4263150CE85} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{35A97E16-015F-25C6-446B-7F8EDA6A99B0} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{366B2B49-46A5-CC46-2F98-6DD344CC10DF} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3826F907-D196-5C74-07C0-C8EE713FE7DB} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3F5152F1-AC58-AADF-5C15-BA5CF036A8E9} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{41EADA53-9855-F5E4-A237-FA8F16993990} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{427DC0FE-1732-761D-24CD-41DBCD4FA0C4} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{43E76A8D-E0B1-618A-CF6F-AD2CFE938EC6} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{46034628-821C-05B4-C227-B5A0FC40FCAF} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{47C45AE3-D539-2D9E-497B-DCE949AA50B6} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{48785F27-22B3-8233-44D2-64CF0F0060B0} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4CD05B77-C677-4D01-5562-25BA68012376} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4FC6535C-9AC3-EDE2-C75D-FEB53871F199} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{504E4541-72B8-7FED-2346-675BD8F5509F} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5061A3C6-884B-9AB8-F5E1-55D04DEAF516} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{55DEE593-7909-3450-F015-41F3C20541E8} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5AEC6D87-81A5-CABA-02D9-FCDF82279EFC} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{618B75A2-344D-6234-758B-932CEA18F75B} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{61BF9567-4606-B8F2-4A15-3227A0E2E184} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{6A699FC3-85E6-C9B8-BFFA-A00E8985B70A} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{713DFB11-F71F-94EF-894D-7F572DB1F1A5} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{741F449C-9060-015F-109F-D04403FDE843} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{74D26490-9E7F-905B-3BAA-08765509E086} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8BA8C35E-205B-6D84-9540-DED6DAD4A44C} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{94BD1A37-5653-88A2-1E65-7852D1BEE72F} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{994EDC92-397F-58C6-385D-C70C452D611A} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9D9CB61B-156B-3C2C-B9AB-BCB95AA0D47C} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9DA64550-DCB9-682E-DA45-CCF27DD7E954} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{AF2504CE-9FD2-4BFE-D073-D844B4100716} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B028772F-F7AE-A0D0-C7F2-9284558A6817} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B280B70B-64B0-0B30-6A07-D1CBCF4A5E67} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B480E132-6B04-9376-ADC7-AB7B793650C2} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B574619C-02B2-BAAF-B85E-64A3961AE959} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B86CB85B-1A6E-2E40-52CF-704D1A427D84} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B9C94100-F1C4-C7D9-3EEA-A3958B1DEEA0} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BD9CF1BA-C149-7FD6-0BF4-CE2A97CF0E4F} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{CC0C0FBD-B1C7-CE95-1393-1BBFB2A894CB} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D1B77085-930D-7845-2B1E-10B33DE519D9} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D87A0FBB-86E1-A961-D4CD-331BD3168F91} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{daa873d4-958c-453c-81ca-3fe6f3676a87} -> Downloader.Fugif : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{DFD60C9F-2B34-B4BD-B915-227AB606A962} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E57A8C9B-872F-8EF2-0664-534170970E96} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E655DD60-AB14-D8EA-6258-0B4A7FC5B627} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{EA0DBEF3-D854-011A-6794-0E147DB05646} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{EBC21DD1-18C4-74D7-C935-89E653731491} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{EE095897-CF57-F9F1-0CB8-85D815B6038C} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F5E678D4-39B4-DBD3-3D03-5CE4D3E7398A} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\STLinks.STLinksCtrl -> Adware.QuickMetaSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\STLinks.STLinksCtrl\CurVer -> Adware.QuickMetaSearch : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.109:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.151:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.152:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.153:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.154:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.155:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.156:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.157:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.158:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.159:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.160:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.161:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.162:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.163:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.166:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.167:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.168:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.169:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.170:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.171:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.172:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.173:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.174:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.175:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.176:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.182:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.183:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.184:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.185:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.187:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.190:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.191:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.288:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned with backup
:mozilla.399:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.422:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.468:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.469:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.470:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.471:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.506:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.507:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.508:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.509:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.510:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.511:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.512:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.513:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.514:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.515:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.516:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.517:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.518:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.519:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.520:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.521:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.522:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.523:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.524:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.525:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.526:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.527:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.528:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.529:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.547:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.548:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.559:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.568:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.569:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.570:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.571:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.572:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.863:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.882:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.883:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.884:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.885:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.886:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.887:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Firefox\Profiles\pilgvcqp.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.11:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.148:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.151:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.152:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.153:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.154:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.155:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.156:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.157:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.166:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.182:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.183:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.184:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.187:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Joseph Bass\Application Data\Mozilla\Profiles\default\dael463x.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Joseph Bass\Cookies\joseph bass@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Joseph Bass\Cookies\joseph bass@com[1].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Joseph Bass\Cookies\joseph bass@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\Joseph Bass\Cookies\joseph bass@e-2dj6wjkyoicjilo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Joseph Bass\Cookies\joseph bass@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Joseph Bass\Cookies\joseph bass@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Program Files\STLinks\STLinks2.dll -> Adware.MetaSearch : Cleaned with backup
C:\WINDOWS\appki32.ex$ -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.Downloader.Win32.PopCap.b : Cleaned with backup
C:\WINDOWS\javagc.ex$ -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\javakv32.ex$ -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\msuh32.ex$ -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\crqr32.ex$ -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\urqno.dll -> Adware.Virtumonde : Cleaned with backup
C:\WINDOWS\system32\wυauclt.exe -> Adware.PurityScan : Cleaned with backup
C:\WINDOWS\_default.pif:heedk -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:huvcc -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:icfph -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:igqgm -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:iirux -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:ijmzy -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:ikbsc -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:ipfyf -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:jachz -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:jhuri -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:jmtsd -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:jwelp -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:kemge -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:kgvec -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:kmixl -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:kmuoe -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:kqwif -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:ljylf -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:llhex -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:lmttk -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:lvikh -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:meobk -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:miypy -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:mmwej -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:mmxmr -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:mspvs -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:murmf -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:mwjnk -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:mxdzm -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:nlmcd -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:npfki -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:nqruq -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:nwzfj -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:nyuoz -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:ojvde -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:oorax -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:ovfzw -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:ovnko -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:pypus -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:pysmw -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:qgckt -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:qldbc -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:qrusj -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:qrzhz -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:quici -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:qwqdn -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:qycek -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:rawtf -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:rflmc -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:ruptv -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:rveol -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:rxxix -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:snens -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:soshi -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:sqeov -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:sqwri -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:sttlb -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:tcbzh -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:tdjfb -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:tfntp -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:tkfkl -> Downloader.Agent.ap : Cleaned with backup


::Report End

#4 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 12 April 2006 - 02:26 PM

Please download ATF Cleaner by Atribune.
Download - ATF Cleaner»
This program is for XP and Windows 2000 only
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

Reboot and "copy/paste" a new HijackThis log file into this thread.

Also please describe how your computer behaves at the moment.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 


#5 texasguy

texasguy

    New Member

  • New Member
  • Pip
  • 7 posts

Posted 13 April 2006 - 02:33 PM

1st off, thank you for all your help so far. As of now, my computer is running somewhat better. It is still somewhat sluggish. The speed hasn't gotten much better. I have noticed a decrease in the amount of pop-ups, and my anti-virus is not detecting viruses like it was. Here is the most recent hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 2:23:22 PM, on 4/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\cox\applications\app\CurtainsSysSvcNt.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Cox\Applications\app\Prism.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Joseph Bass\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://northeasttexas.cox.net/cci/home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\AUserInit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AuthBHO.cBHO - {A4D90779-6CB2-4752-83C2-A2AB4D9A672D} - C:\Program Files\Cox\Applications\app\AuthBHO.dll
O3 - Toolbar: Cox Popup Blocker - {64634180-B0EA-48B6-82B7-9620D33362C1} - C:\Program Files\Cox\Applications\app\AuthBHO.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [IPInSightMonitor 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\Msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\Msjava.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony...ct/VaioInfo.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefend...can8/oscan8.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebo...otoUploader.cab
O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} (OneCCCtl Class) - http://d.69.25.47.79...650776OneCC.cab
O16 - DPF: {701DC9DC-ACD5-4E94-85E3-F3F1ED68611A} (CWebClientCtl Object) - http://download.palt...ebclientctl.cab
O16 - DPF: {82F2D6B2-6C58-4404-A930-9DB0FD90D4B1} (Driver_Detective_v43_Non_Member.DD_v43) - http://www.drivershq..._Non_Member.CAB
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsec...scan/axscan.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O16 - DPF: {D1ACD2D8-7312-4D06-BECD-90EB094D2277} - http://mediaplayer.w...ler/install.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.game...outLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.game...aploader_v6.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} - http://entimg.msn.co...snmusax2918.cab
O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - E:\CDS300\__CDS2.dll (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Curtains for Windows System Service (CurtainsSysSvc) - Authentium, Inc. - c:\program files\cox\applications\app\CurtainsSysSvcNt.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

#6 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 13 April 2006 - 02:52 PM

lets see if this will help speed it up.

Backup your Registry...
- Press "CTRL - ALT - DEL" keys all at the same time to start "Task Manager"
- In the Task Manager window click on "File", then from the drop-down menu select "New Task (Run...)"
- In the "Create New Task" window enter\type "regedit" (without quotes)
- Once Regedit opens click on the FILE menu and select Export
- Save the file as backup. Save the file somewhere you will remember and not delete.
IMPORTANT: make sure to set the export range to ALL



I recommend you download RegSeeker. Extract it to it's own folder, open and double click RegSeeker.exe to start the program. Maximize the window and click clean registry. Check all sections and click OK. When the scan is complete, verify the backup box in lower left corner is checked and click the select all button, then select all again. Then right click within the search results and select delete. Run it again and again, deleting everything it finds until it finds nothing. Reboot and make sure your programs are working properly, control panel and add/remove programs windows open, etc (basically just do a quick check of everything). In the event anything was 'broken', you can open RegSeeker, click backups and double click any/all files to put the information back. A reboot may be required for the effects to be seen. Reboot When done.

NOTE: To be extra safe you can choose to only remove the items in RED.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 


#7 texasguy

texasguy

    New Member

  • New Member
  • Pip
  • 7 posts

Posted 13 April 2006 - 09:27 PM

Things are considerably better. Still not awesome... but much better. Are these tools that we have used something that I can use periodically to clean things up? Another problem that I have is that the Windows security alert keep saying that I do not have a virus protection program turned on. But I am using zone alarm and it seems to be working. I was using the cox security suite, and that is what seemed to cause some of my problems.. any advice???

#8 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 14 April 2006 - 05:36 AM

Lets see a new HJT log please.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 


#9 texasguy

texasguy

    New Member

  • New Member
  • Pip
  • 7 posts

Posted 14 April 2006 - 04:33 PM

Logfile of HijackThis v1.99.1
Scan saved at 4:26:22 PM, on 4/14/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\cox\applications\app\CurtainsSysSvcNt.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Cox\Applications\app\Prism.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Joseph Bass\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://northeasttexas.cox.net/cci/home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\AUserInit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AuthBHO.cBHO - {A4D90779-6CB2-4752-83C2-A2AB4D9A672D} - C:\Program Files\Cox\Applications\app\AuthBHO.dll
O3 - Toolbar: Cox Popup Blocker - {64634180-B0EA-48B6-82B7-9620D33362C1} - C:\Program Files\Cox\Applications\app\AuthBHO.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [IPInSightMonitor 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\Msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\Msjava.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony...ct/VaioInfo.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefend...can8/oscan8.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebo...otoUploader.cab
O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} (OneCCCtl Class) - http://d.69.25.47.79...650776OneCC.cab
O16 - DPF: {701DC9DC-ACD5-4E94-85E3-F3F1ED68611A} (CWebClientCtl Object) - http://download.palt...ebclientctl.cab
O16 - DPF: {82F2D6B2-6C58-4404-A930-9DB0FD90D4B1} (Driver_Detective_v43_Non_Member.DD_v43) - http://www.drivershq..._Non_Member.CAB
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsec...scan/axscan.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O16 - DPF: {D1ACD2D8-7312-4D06-BECD-90EB094D2277} - http://mediaplayer.w...ler/install.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.game...outLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://download.game...aploader_v6.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} - http://entimg.msn.co...snmusax2918.cab
O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - (no file)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Curtains for Windows System Service (CurtainsSysSvc) - Authentium, Inc. - c:\program files\cox\applications\app\CurtainsSysSvcNt.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

#10 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 16 April 2006 - 12:17 PM

C:\Program Files\Eset\nod32krn.exe That should be your antivirus program that is running. Did you disable it?

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 

    Advertisements

Register to Remove


#11 texasguy

texasguy

    New Member

  • New Member
  • Pip
  • 7 posts

Posted 16 April 2006 - 02:37 PM

not that i know of. as far as I know the only anti-virus programs on my computer are the Zone Alarm and the Cox Secutiry Suite. The Cox should be disabled, but the firewall for it should still be enabled. But the Zone alarm is fully enabled.

#12 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 16 April 2006 - 02:45 PM

This is a anti-virus program.

C:\Program Files\Eset\nod32krn.exe
Name Status Filename Description
NOD32kernel Y Nod32krn.exe Nod32 Antivirus

Are you sure your Zone Alarm version is the one that has anti-virus as well?

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 


#13 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 16 April 2006 - 03:12 PM

To turn off Security Center alerts 1. Click Start and then click Control Panel. 2. Double-click Security Center. 3. In the Security Center, under Resources, click Change the way Security Center alerts me. 4. In the Alert Settings dialog box, clear the Firewall, Automatic Updates, or Virus Protection check boxes, and then click OK. When you use this procedure, the Security Center still displays your status, but does not send you alerts.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 


#14 texasguy

texasguy

    New Member

  • New Member
  • Pip
  • 7 posts

Posted 19 April 2006 - 09:56 AM

Do you see anything else in my log that can be deleted.

Logfile of HijackThis v1.99.1
Scan saved at 9:49:06 AM, on 4/19/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\cox\applications\app\CurtainsSysSvcNt.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Cox\Applications\app\Prism.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Joseph Bass\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://northeasttexas.cox.net/cci/home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\AUserInit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AuthBHO.cBHO - {A4D90779-6CB2-4752-83C2-A2AB4D9A672D} - C:\Program Files\Cox\Applications\app\AuthBHO.dll
O3 - Toolbar: Cox Popup Blocker - {64634180-B0EA-48B6-82B7-9620D33362C1} - C:\Program Files\Cox\Applications\app\AuthBHO.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [IPInSightMonitor 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\Msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\Msjava.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony...ct/VaioInfo.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefend...can8/oscan8.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebo...otoUploader.cab
O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} (OneCCCtl Class) - http://d.69.25.47.79...650776OneCC.cab
O16 - DPF: {701DC9DC-ACD5-4E94-85E3-F3F1ED68611A} (CWebClientCtl Object) - http://download.palt...ebclientctl.cab
O16 - DPF: {82F2D6B2-6C58-4404-A930-9DB0FD90D4B1} (Driver_Detective_v43_Non_Member.DD_v43) - http://www.drivershq..._Non_Member.CAB
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsec...scan/axscan.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O16 - DPF: {D1ACD2D8-7312-4D06-BECD-90EB094D2277} - http://mediaplayer.w...ler/install.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.game...outLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://download.game...aploader_v6.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} - http://entimg.msn.co...snmusax2918.cab
O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - (no file)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Curtains for Windows System Service (CurtainsSysSvc) - Authentium, Inc. - c:\program files\cox\applications\app\CurtainsSysSvcNt.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

#15 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 19 April 2006 - 03:06 PM

These aren't bad, but aren't needed at startup.

Run hijackthis. Hit None of the above, Click Do a System Scan Only. Put a Check in the box on the left side on these:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O16 - DPF: {D1ACD2D8-7312-4D06-BECD-90EB094D2277} - http://mediaplayer.w...ler/install.cab


Close ALL windows and browsers except HijackThis and click "Fix checked"


Empty Recycle Bin

Reboot and "copy/paste" a new HijackThis log file into this thread.

Also please describe how your computer behaves at the moment.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users