Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93101 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Slow Computer: Request Assistance

Started by penpourri , Jan 22 2006 07:49 PM

  • This topic is locked This topic is locked
22 replies to this topic

#1 penpourri

penpourri

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 22 January 2006 - 07:49 PM

I have been reading various threads for a little while now and decided to post with my own problem. My computer is running very slow, particularly when first logging in to Windows, opening new programs like Word, Excel, using Windows Explorer, etc. The problem started when I recently moved my computer from an apartment to my new house and I had to re-install Adelphia high-speed-Internet with supportsoft software. Nothing else had changed. When running slow, the computer is accessing the hard disk in "batches", about once every 1-2 seconds.

I have done the usual things as per this forum: increased swap space, cleaned up computer with Spybot, Adaware, Spyware Guard, Spyware Blaster, plus I have Norton Internet Security with Antivirus which I keep up to date.

I'm not sure if this could be a mal-ware problem or some other type of problem. I did have a problem with a USB port expander PCI card which I removed from my machine, and I still seem to have some problem with on-board USB ports.

I have provided my HiJackThis log below in an attempt to rule in/out a malware problem. Any advice or assistance would be appreciated. Would rather not have to re-format and reinstall Windows XP.

Thanks,
- PenPourri

----------------------------------------------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 8:24:33 PM, on 1/22/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\system32\SK6200dm.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\SealedMedia\sealmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\TEMP\SpyWare\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.adelphia.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot\SDHelper.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {DC3DDE18-6C66-45F4-A547-EC7B24E8225E} - (no file)
O3 - Toolbar: PopUpCop - {DB43E4E6-FF8A-4018-8C8E-F68587A44A73} - C:\PROGRA~1\PopUpCop\PopUpCop.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Hot Key Kbd 2690 Daemon] SK6200dm.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [sealmon] C:\Program Files\SealedMedia\sealmon.exe
O4 - HKCU\..\Run: [TaskTray] C:\Program Files\Creative\SBAudigy\Taskbar\CTLTray.exe
O4 - HKCU\..\Run: [Taskbar] C:\Program Files\Creative\SBAudigy\Taskbar\CTLTask.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: iM StartCenter.lnk = ?
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: Open Image in New Window - res://C:\Program Files\PopUpCop\popupcop.dll/imagenew
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1108822299430
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://us-housecall....ivex/hcImpl.cab
O16 - DPF: {87067F04-DE4C-4688-BC3C-4FCF39D609E7} - http://download.webs...38/QDow_AS2.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://67.133.209.14...sCamControl.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalci...illama/ampx.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    Advertisements

Register to Remove

#2 little eagle

little eagle

    spyware hawk

  • Visiting Fellow
  • PipPipPipPipPipPip
  • 8,968 posts
  • Interests:spyware

Posted 28 January 2006 - 02:39 PM

You are running HJT from a temporary file we will be cleaning out all of you temp. files latter you will need to make a new folder for HijackThis. Instructions can be found here.

Close all programs leaving only HijackThis running. Place a check against each of the following, making sure you get them all and not any others by mistake:

O2 - BHO: (no name) - {DC3DDE18-6C66-45F4-A547-EC7B24E8225E} - (no file)
O16 - DPF: {87067F04-DE4C-4688-BC3C-4FCF39D609E7} - http://download.webs...38/QDow_AS2.cab

Click on Fix Checked when finished and exit HijackThis.

Post back a fresh HijackThis log and we will take another look.
Also let me know how it is running.
Posted Image
My Website
ATF Cleaner for removing temporary files
HijackThis download
Donations to this site

#3 penpourri

penpourri

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 28 January 2006 - 04:26 PM

OK, fixed the two items as indicated, and ran a fresh HJT log shown below.

Computer is still running slow right-clicking on files in explorer, opening application programs such as Word, etc.

Logfile of HijackThis v1.99.1
Scan saved at 5:11:52 PM, on 1/28/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\WINDOWS\system32\SK6200dm.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\SealedMedia\sealmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\msys\1.0\bin\sh.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\HiJackThis\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.adelphia.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot\SDHelper.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: PopUpCop - {DB43E4E6-FF8A-4018-8C8E-F68587A44A73} - C:\PROGRA~1\PopUpCop\PopUpCop.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Hot Key Kbd 2690 Daemon] SK6200dm.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [sealmon] C:\Program Files\SealedMedia\sealmon.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [TaskTray] C:\Program Files\Creative\SBAudigy\Taskbar\CTLTray.exe
O4 - HKCU\..\Run: [Taskbar] C:\Program Files\Creative\SBAudigy\Taskbar\CTLTask.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: Open Image in New Window - res://C:\Program Files\PopUpCop\popupcop.dll/imagenew
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1108822299430
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://us-housecall....ivex/hcImpl.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://67.133.209.14...sCamControl.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalci...illama/ampx.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

#4 little eagle

little eagle

    spyware hawk

  • Visiting Fellow
  • PipPipPipPipPipPip
  • 8,968 posts
  • Interests:spyware

Posted 28 January 2006 - 06:51 PM

I see that you are running msconfig in /auto mode which means that you may have selectively removed some items in the past from the startup procedure. This can be bad if they are malware, so we would like you to reenable those startup entries by doing the following: Please click on start, then run, and type msconfig and then press enter. When the window opens click on the startup tab and make sure there are checkmarks in every entry. Then press ok until you are out of the program. If it asks to reboot, do not reboot. Now please create a new Hijackthis Log and post it as a reply.
Posted Image
My Website
ATF Cleaner for removing temporary files
HijackThis download
Donations to this site

#5 penpourri

penpourri

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 28 January 2006 - 08:53 PM

OK, took care of the msconfig startup entries. New HJT log below. When starting a new program such as HJT, computer sounds like it's swapping or writing to disk in batches every 1-2 seconds.

Logfile of HijackThis v1.99.1
Scan saved at 9:47:57 PM, on 1/28/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\WINDOWS\system32\SK6200dm.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\SealedMedia\sealmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\msys\1.0\bin\sh.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.adelphia.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot\SDHelper.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: PopUpCop - {DB43E4E6-FF8A-4018-8C8E-F68587A44A73} - C:\PROGRA~1\PopUpCop\PopUpCop.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Hot Key Kbd 2690 Daemon] SK6200dm.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [sealmon] C:\Program Files\SealedMedia\sealmon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [TaskTray] C:\Program Files\Creative\SBAudigy\Taskbar\CTLTray.exe
O4 - HKCU\..\Run: [Taskbar] C:\Program Files\Creative\SBAudigy\Taskbar\CTLTask.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: iM StartCenter.lnk = ?
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: Open Image in New Window - res://C:\Program Files\PopUpCop\popupcop.dll/imagenew
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1108822299430
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://us-housecall....ivex/hcImpl.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://67.133.209.14...sCamControl.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalci...illama/ampx.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

#6 little eagle

little eagle

    spyware hawk

  • Visiting Fellow
  • PipPipPipPipPipPip
  • 8,968 posts
  • Interests:spyware

Posted 28 January 2006 - 11:00 PM

Lets see if this finds anything download Ewido Security Suite it is a trial version of the program.
  • Install ewido security suite
  • Launch ewido, there should be an icon on your desktop double-click it.
  • The program will now go to the main screen
You will need to update ewido to the latest definition files.
  • On the left hand side of the main screen click update
  • Then click on Start Update
The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update Ewido.
Ewido manual updates

Once the updates are installed do the following:
  • Click on scanner
  • Click on Complete System Scan and the scan will begin.
  • During some scans with ewido it is finding cases of false positives.
  • You will need to step through the process of cleaning files one-by-one.
  • If ewido detects a file you KNOW to be legitimate, select none as the action.
  • DO NOT select "Perform action on all infections"
  • If you are unsure of any entry found select none for now.
Once the scan has completed, there will be a button located on the bottom of the screen named Save report
Click Save report.
Save the report .txt file to your desktop.
Now close ewido security suite and post the results here.
Posted Image
My Website
ATF Cleaner for removing temporary files
HijackThis download
Donations to this site

#7 penpourri

penpourri

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 30 January 2006 - 06:44 AM

OK, I finished the Ewido security scan. It found a lot of possible problems and I posted the log below. I didn't fix any of the problems this first time through as I didn't want to "fix" a false positive. I can re-scan with Ewido and remove any or all of these problems. Here's the Ewido log: --------------------------------------------------------- ewido anti-malware - Scan report --------------------------------------------------------- + Created on: 8:02:56 PM, 1/29/2006 + Report-Checksum: 3F2EFA06 + Scan result: HKLM\SOFTWARE\180solutions -> Spyware.180Solutions : Ignored HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\AUI -> Spyware.WebSearch : Ignored HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000020DD-C72E-4113-AF77-DD56626C6C42} -> Spyware.TwainTech : Ignored HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5D60FF48-95BE-4956-B4C6-6BB168A70310} -> Spyware.KeenValue : Ignored HKU\S-1-5-21-1123561945-1580818891-1060284298-1004\Software\Microsoft\Internet Explorer\Explorer Bars\{90C61707-C8F8-43DB-A25C-C1F4B18EE41E} -> Spyware.CometCursor : Ignored HKU\S-1-5-21-1123561945-1580818891-1060284298-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000020DD-C72E-4113-AF77-DD56626C6C42} -> Spyware.TwainTech : Ignored HKU\S-1-5-21-1123561945-1580818891-1060284298-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5D60FF48-95BE-4956-B4C6-6BB168A70310} -> Spyware.KeenValue : Ignored HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000020DD-C72E-4113-AF77-DD56626C6C42} -> Spyware.TwainTech : Ignored HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5D60FF48-95BE-4956-B4C6-6BB168A70310} -> Spyware.KeenValue : Ignored C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@abetterinternet[1].txt -> Spyware.Cookie.Abetterinternet : Ignored C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Ignored C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@ads.pointroll[1].txt -> Spyware.Cookie.Pointroll : Ignored C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@as-us.falkag[2].txt -> Spyware.Cookie.Falkag : Ignored C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@bilbo.counted[2].txt -> Spyware.Cookie.Counted : Ignored C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@bluestreak[1].txt -> Spyware.Cookie.Bluestreak : Ignored C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@burstnet[1].txt -> Spyware.Cookie.Burstnet : Ignored C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@casalemedia[1].txt -> Spyware.Cookie.Casalemedia : Ignored C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@centrport[1].txt -> Spyware.Cookie.Centrport : Ignored C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@cnn.122.2o7[1].txt -> Spyware.Cookie.2o7 : Ignored C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@com[2].txt -> Spyware.Cookie.Com : Ignored C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@edge.ru4[1].txt -> Spyware.Cookie.Ru4 : Ignored C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@fastclick[2].txt -> Spyware.Cookie.Fastclick : Ignored C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@freewebpage.com.19522.fb.dbbsrv[1].txt -> Spyware.Cookie.Dbbsrv : Ignored C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@media.fastclick[1].txt -> Spyware.Cookie.Fastclick : Ignored C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@revenue[1].txt -> Spyware.Cookie.Revenue : Ignored C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@statcounter[1].txt -> Spyware.Cookie.Statcounter : Ignored C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@tradedoubler[1].txt -> Spyware.Cookie.Tradedoubler : Ignored C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Ignored C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@www.myaffiliateprogram[1].txt -> Spyware.Cookie.Myaffiliateprogram : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@112.2o7[2].txt -> Spyware.Cookie.2o7 : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@122.2o7[1].txt -> Spyware.Cookie.2o7 : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@a-1shz2prbmdj6wvny-1sez2pra2dj6wjk4kkdzmeoa-1dj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@a-1shz2prbmdj6wvny-1sez2pra2dj6wjnyqoazsdow-1dj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@ad.adocean[1].txt -> Spyware.Cookie.Adocean : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@ad.yieldmanager[2].txt -> Spyware.Cookie.Yieldmanager : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@adopt.euroclick[2].txt -> Spyware.Cookie.Euroclick : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@adopt.specificclick[1].txt -> Spyware.Cookie.Specificclick : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@adorigin[2].txt -> Spyware.Cookie.Adorigin : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@adtrak[1].txt -> Spyware.Cookie.Adtrak : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@affiliates.x10[2].txt -> Spyware.Cookie.X10 : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@blindscom.122.2o7[1].txt -> Spyware.Cookie.2o7 : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@bluestreak[1].txt -> Spyware.Cookie.Bluestreak : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@burstnet[1].txt -> Spyware.Cookie.Burstnet : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@buycom.122.2o7[1].txt -> Spyware.Cookie.2o7 : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@cnn.122.2o7[1].txt -> Spyware.Cookie.2o7 : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@com[2].txt -> Spyware.Cookie.Com : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@cz3.clickzs[2].txt -> Spyware.Cookie.Clickzs : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@cz5.clickzs[2].txt -> Spyware.Cookie.Clickzs : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@data2.perf.overture[1].txt -> Spyware.Cookie.Overture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfk4ekazkkq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfk4gpcjelo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfk4qmdpgfp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfk4sndzafo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfk4whcpsdp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfk4wodjmcq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfkiqjdpcbo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfkiqodpwlo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfkiwnazwho.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfkoajcjwgq.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfkoghczsdp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfkowkdpklp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfkyendpsfq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfliujajcbp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfloanc5sfo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfloapcjwlp.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfmiknc5cap.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfmisodpmgo.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wgkiagajiko.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wgkiepdzwfq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wgkikhdzohp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wgkikodpkbo.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wgkiwodjggp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjk4clcjgco.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjk4epdzeho.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjk4gndpklo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjk4kpdjslp.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjk4ogc5odp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjk4ogdzieo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjk4qidzaap.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkoejdpsbo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkoknc5alo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkokodpibq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkokpazwao.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkoqpd5aap.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkyand5abp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkyciazalp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkycpcpidq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkykkdzolp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkyqidjgcq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkyukcjaeo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjl4ugdpscq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjl4upajmfp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjl4whajwlq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjlisgd5cbp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjliwndzwdp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjloanajgcp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjlocicjghp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjloencjwgp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjloghcjwaq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjloumc5ikq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjlyakajidp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjlyondpgap.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjmiaic5ofo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjmieocjglo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjmiohd5aeo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjmiwkcpceq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjmycgdzidq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjmyehcjwkp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjmyoiajslp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjmywgc5iko.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjny-1jczaa.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjny-1kazwk.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjny-1kc5wf.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjny-1odzmb.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjny-1pcpkc.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjnyald5wbq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjnyapcpmlp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjnycldpedo.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjnyemcjifo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjnygpczabq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjnyqgdjkko.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjnyqoazgkq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjnysidzwfq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjnyumc5ebo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@ford.112.2o7[2].txt -> Spyware.Cookie.2o7 : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@free.wegcash[2].txt -> Spyware.Cookie.Wegcash : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@gde.adocean[2].txt -> Spyware.Cookie.Adocean : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@hypertracker[2].txt -> Spyware.Cookie.Hypertracker : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@image.masterstats[1].txt -> Spyware.Cookie.Masterstats : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@ivwbox[2].txt -> Spyware.Cookie.Ivwbox : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@marthastewart.122.2o7[1].txt -> Spyware.Cookie.2o7 : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@microsoftwga.112.2o7[1].txt -> Spyware.Cookie.2o7 : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@polo.112.2o7[1].txt -> Spyware.Cookie.2o7 : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@programs.wegcash[2].txt -> Spyware.Cookie.Wegcash : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@rotator.adjuggler[1].txt -> Spyware.Cookie.Adjuggler : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@saksfifthavenue.122.2o7[2].txt -> Spyware.Cookie.2o7 : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@sales.liveperson[2].txt -> Spyware.Cookie.Liveperson : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@vip.clickzs[2].txt -> Spyware.Cookie.Clickzs : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@www.burstbeacon[1].txt -> Spyware.Cookie.Burstbeacon : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@www.cj[1].txt -> Spyware.Cookie.Cj : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@www.myaffiliateprogram[1].txt -> Spyware.Cookie.Myaffiliateprogram : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@y-1shz2prbmdj6wvny-1sez2pra2dj6wfkoklc5cdqqwdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@y-1shz2prbmdj6wvny-1sez2pra2dj6wfkywlajwbpwsdj6x9ny-1seq-2-2.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@y-1shz2prbmdj6wvny-1sez2pra2dj6wfliqhazcdqawdj6x9ny-1seq-2-2.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkyupczmhpgsdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@y-1shz2prbmdj6wvny-1sez2pra2dj6wjl4ugdzsbpw2dj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlykhajadqqydj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@y-1shz2prbmdj6wvny-1sez2pra2dj6wjmiglajkkpawdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@y-1shz2prbmdj6wvny-1sez2pra2dj6wjnyojdzmbqa2dj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Ignored C:\Documents and Settings\John Beggs\Cookies\john beggs@zdnet.com[1].txt -> Spyware.Cookie.Com : Ignored C:\Documents and Settings\John Beggs\Local Settings\Temp\Cookies\john beggs@adopt.specificclick[1].txt -> Spyware.Cookie.Specificclick : Ignored C:\Documents and Settings\John Beggs\Local Settings\Temp\Cookies\john beggs@cnn.122.2o7[1].txt -> Spyware.Cookie.2o7 : Ignored C:\Documents and Settings\John Beggs\Local Settings\Temp\Cookies\john beggs@com[2].txt -> Spyware.Cookie.Com : Ignored C:\Documents and Settings\Lisa Beggs\Cookies\lisa beggs@2o7[2].txt -> Spyware.Cookie.2o7 : Ignored C:\Documents and Settings\Lisa Beggs\Cookies\lisa beggs@ads.pointroll[1].txt -> Spyware.Cookie.Pointroll : Ignored C:\Documents and Settings\Lisa Beggs\Cookies\lisa beggs@advertising[1].txt -> Spyware.Cookie.Advertising : Ignored C:\Documents and Settings\Lisa Beggs\Cookies\lisa beggs@atdmt[2].txt -> Spyware.Cookie.Atdmt : Ignored C:\Documents and Settings\Lisa Beggs\Cookies\lisa beggs@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Ignored C:\Documents and Settings\Lisa Beggs\Cookies\lisa beggs@edge.ru4[2].txt -> Spyware.Cookie.Ru4 : Ignored C:\Documents and Settings\Lisa Beggs\Cookies\lisa beggs@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Ignored C:\Documents and Settings\Lisa Beggs\Cookies\lisa beggs@msnportal.112.2o7[1].txt -> Spyware.Cookie.2o7 : Ignored C:\Documents and Settings\Lisa Beggs\Cookies\lisa beggs@statcounter[1].txt -> Spyware.Cookie.Statcounter : Ignored C:\Documents and Settings\Rachel Beggs\Cookies\rachel beggs@advertising[2].txt -> Spyware.Cookie.Advertising : Ignored C:\Program Files\WebSavingsfromEbates -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\ApplicationData -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\ApplicationData\John Beggs -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\ApplicationData\John Beggs\data_ebws400.dls -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\ApplicationData\John Beggs\data_excludes_ebws400.dls -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\ApplicationData\merchants.dls -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\ApplicationData\systemdata.dls -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\ApplicationData\systemdata1.dls -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\ApplicationData\updates.dls -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\Applications -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\Applications\cmpck.dls -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\Applications\mercj351.dls -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\Applications\psid412.dls -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\Applications\sunclass.dls -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\Applications\sunclassupdates.dls -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\System -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\System\Code -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\System\Code\o.class -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\System\Code\z.class -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\System\Html -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\System\Images -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\System\MTemp -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\System\MTemp\logfile.txt -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\System\System -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\System\Temp -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\System\Temp\dump.txt -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\System\Temp\ebws400_script0.htm -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\System\Temp\ebws400_script0_wo.htm -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\System\Temp\pref400a.htm -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\System\Temp\pref400a_wo.htm -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\System\Temp\spec400a.htm -> Adware.MoneyMaker : Ignored C:\Program Files\WebSavingsfromEbates\System\Temp\spec400a_wo.htm -> Adware.MoneyMaker : Ignored C:\WINDOWS\bsx32 -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\ADBN1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\ADBN2.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\ADVC5.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\ADVCTX2.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\ASIWS3.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\AUTOS1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\AUTOS2.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\BID1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\BingoRoom1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\CARD2.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\CARS3.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\CASH2.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\DATE3.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\DATE4.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\DEBT1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\DENT1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\EML1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\FAST1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\FINC3.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\FINC4.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\FINC5.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\FLWR1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\FMND1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\HEAL4.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\HEAL5.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\HEBE1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\HEBE2.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\HERBS1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\HOGAR1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\HOGAR2.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\HOMES3.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\INK1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\INSUR4.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\JOBS3.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\JOBS4.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\MORT2.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\MORT3.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\MOVS1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\MOVS2.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\NEWS1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\NEWS2.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\OPPR2.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\SHOP1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\SHOP2.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\SPZ3.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\TECH1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\TECH2.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\TMP1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\TRVL2.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\TRVL5.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\TV1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\UTONE1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\UTONE2.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\VENUE1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\WOMEN1.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\WOMEN2.bsx -> Spyware.BookedSpace : Ignored C:\WINDOWS\bsx32\XTFL2.bsx -> Spyware.BookedSpace : Ignored ::Report End

#8 little eagle

little eagle

    spyware hawk

  • Visiting Fellow
  • PipPipPipPipPipPip
  • 8,968 posts
  • Interests:spyware

Posted 30 January 2006 - 09:43 AM

C:\WINDOWS\bsx32\VENUE1.bsx -> Spyware.BookedSpace : Ignored
C:\WINDOWS\bsx32\WOMEN1.bsx -> Spyware.BookedSpace : Ignored
C:\WINDOWS\bsx32\WOMEN2.bsx -> Spyware.BookedSpace : Ignored


You must let ewido fix them.
Posted Image
My Website
ATF Cleaner for removing temporary files
HijackThis download
Donations to this site

#9 penpourri

penpourri

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 31 January 2006 - 05:08 AM

OK, I re-ran the Ewido Security Suite and I fixed the problems it found. The report is included below. The computer is still laboring and swapping to disk when opening applications. --------------------------------------------------------- ewido anti-malware - Scan report --------------------------------------------------------- + Created on: 11:08:53 PM, 1/30/2006 + Report-Checksum: 70718A08 + Scan result: HKLM\SOFTWARE\180solutions -> Spyware.180Solutions : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\AUI -> Spyware.WebSearch : Cleaned with backup HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000020DD-C72E-4113-AF77-DD56626C6C42} -> Spyware.TwainTech : Cleaned with backup HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5D60FF48-95BE-4956-B4C6-6BB168A70310} -> Spyware.KeenValue : Cleaned with backup HKU\S-1-5-21-1123561945-1580818891-1060284298-1004\Software\Microsoft\Internet Explorer\Explorer Bars\{90C61707-C8F8-43DB-A25C-C1F4B18EE41E} -> Spyware.CometCursor : Cleaned with backup HKU\S-1-5-21-1123561945-1580818891-1060284298-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000020DD-C72E-4113-AF77-DD56626C6C42} -> Spyware.TwainTech : Cleaned with backup HKU\S-1-5-21-1123561945-1580818891-1060284298-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5D60FF48-95BE-4956-B4C6-6BB168A70310} -> Spyware.KeenValue : Cleaned with backup HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000020DD-C72E-4113-AF77-DD56626C6C42} -> Spyware.TwainTech : Cleaned with backup HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5D60FF48-95BE-4956-B4C6-6BB168A70310} -> Spyware.KeenValue : Cleaned with backup C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@abetterinternet[1].txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@ads.pointroll[1].txt -> Spyware.Cookie.Pointroll : Cleaned with backup C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@as-us.falkag[2].txt -> Spyware.Cookie.Falkag : Cleaned with backup C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@bilbo.counted[2].txt -> Spyware.Cookie.Counted : Cleaned with backup C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@bluestreak[1].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@burstnet[1].txt -> Spyware.Cookie.Burstnet : Cleaned with backup C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@casalemedia[1].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@centrport[1].txt -> Spyware.Cookie.Centrport : Cleaned with backup C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@cnn.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@edge.ru4[1].txt -> Spyware.Cookie.Ru4 : Cleaned with backup C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@fastclick[2].txt -> Spyware.Cookie.Fastclick : Cleaned with backup C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@freewebpage.com.19522.fb.dbbsrv[1].txt -> Spyware.Cookie.Dbbsrv : Cleaned with backup C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@media.fastclick[1].txt -> Spyware.Cookie.Fastclick : Cleaned with backup C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@revenue[1].txt -> Spyware.Cookie.Revenue : Cleaned with backup C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@statcounter[1].txt -> Spyware.Cookie.Statcounter : Cleaned with backup C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@tradedoubler[1].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup C:\Documents and Settings\Andrew Beggs\Cookies\andrew beggs@www.myaffiliateprogram[1].txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@112.2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@a-1shz2prbmdj6wvny-1sez2pra2dj6wjk4kkdzmeoa-1dj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@a-1shz2prbmdj6wvny-1sez2pra2dj6wjnyqoazsdow-1dj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@ad.adocean[1].txt -> Spyware.Cookie.Adocean : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@adopt.euroclick[2].txt -> Spyware.Cookie.Euroclick : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@adopt.specificclick[1].txt -> Spyware.Cookie.Specificclick : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@adorigin[2].txt -> Spyware.Cookie.Adorigin : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@adtrak[1].txt -> Spyware.Cookie.Adtrak : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@affiliates.x10[2].txt -> Spyware.Cookie.X10 : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@blindscom.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@bluestreak[1].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@burstnet[1].txt -> Spyware.Cookie.Burstnet : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@buycom.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@cnn.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@cz3.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@cz5.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@data2.perf.overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfk4ekazkkq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfk4gpcjelo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfk4qmdpgfp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfk4sndzafo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfk4whcpsdp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfk4wodjmcq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfkiqjdpcbo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfkiqodpwlo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfkiwnazwho.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfkoajcjwgq.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfkoghczsdp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfkowkdpklp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfkyendpsfq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfliujajcbp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfloanc5sfo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfloapcjwlp.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfmiknc5cap.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wfmisodpmgo.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wgkiagajiko.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wgkiepdzwfq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wgkikhdzohp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wgkikodpkbo.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wgkiwodjggp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjk4clcjgco.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjk4epdzeho.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjk4gndpklo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjk4kpdjslp.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjk4ogc5odp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjk4ogdzieo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjk4qidzaap.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkoejdpsbo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkoknc5alo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkokodpibq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkokpazwao.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkoqpd5aap.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkyand5abp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkyciazalp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkycpcpidq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkykkdzolp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkyqidjgcq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjkyukcjaeo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjl4ugdpscq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjl4upajmfp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjl4whajwlq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjlisgd5cbp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjliwndzwdp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjloanajgcp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjlocicjghp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjloencjwgp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjloendjagq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjloghcjwaq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjloumc5ikq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjlyakajidp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjlyondpgap.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjmiaic5ofo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjmieocjglo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjmiohd5aeo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjmiwkcpceq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjmycgdzidq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjmyehcjwkp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjmygmcpmco.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjmyoiajslp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjmywgc5iko.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjny-1jczaa.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjny-1kazwk.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjny-1kc5wf.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjny-1odzmb.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjny-1pcpkc.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjnyald5wbq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjnyapcpmlp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjnycldpedo.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjnyemcjifo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjnygpczabq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjnyqgdjkko.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjnyqoazgkq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjnysidzwfq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@e-2dj6wjnyumc5ebo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@ford.112.2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@free.wegcash[2].txt -> Spyware.Cookie.Wegcash : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@gde.adocean[2].txt -> Spyware.Cookie.Adocean : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@hypertracker[2].txt -> Spyware.Cookie.Hypertracker : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@image.masterstats[1].txt -> Spyware.Cookie.Masterstats : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@ivwbox[2].txt -> Spyware.Cookie.Ivwbox : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@marthastewart.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@microsoftwga.112.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@polo.112.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@programs.wegcash[2].txt -> Spyware.Cookie.Wegcash : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@rotator.adjuggler[1].txt -> Spyware.Cookie.Adjuggler : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@saksfifthavenue.122.2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@sales.liveperson[2].txt -> Spyware.Cookie.Liveperson : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@vip.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@www.burstbeacon[1].txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@www.cj[1].txt -> Spyware.Cookie.Cj : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@www.myaffiliateprogram[1].txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@y-1shz2prbmdj6wvny-1sez2pra2dj6wfkoklc5cdqqwdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@y-1shz2prbmdj6wvny-1sez2pra2dj6wfkywlajwbpwsdj6x9ny-1seq-2-2.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@y-1shz2prbmdj6wvny-1sez2pra2dj6wfliqhazcdqawdj6x9ny-1seq-2-2.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkyupczmhpgsdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@y-1shz2prbmdj6wvny-1sez2pra2dj6wjl4ugdzsbpw2dj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlykhajadqqydj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@y-1shz2prbmdj6wvny-1sez2pra2dj6wjmiglajkkpawdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@y-1shz2prbmdj6wvny-1sez2pra2dj6wjnyojdzmbqa2dj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\John Beggs\Cookies\john beggs@zdnet.com[1].txt -> Spyware.Cookie.Com : Cleaned with backup C:\Documents and Settings\John Beggs\Local Settings\Temp\Cookies\john beggs@adopt.specificclick[1].txt -> Spyware.Cookie.Specificclick : Cleaned with backup C:\Documents and Settings\John Beggs\Local Settings\Temp\Cookies\john beggs@cnn.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\John Beggs\Local Settings\Temp\Cookies\john beggs@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup C:\Documents and Settings\Lisa Beggs\Cookies\lisa beggs@2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\Lisa Beggs\Cookies\lisa beggs@ads.pointroll[1].txt -> Spyware.Cookie.Pointroll : Cleaned with backup C:\Documents and Settings\Lisa Beggs\Cookies\lisa beggs@advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup C:\Documents and Settings\Lisa Beggs\Cookies\lisa beggs@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup C:\Documents and Settings\Lisa Beggs\Cookies\lisa beggs@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup C:\Documents and Settings\Lisa Beggs\Cookies\lisa beggs@edge.ru4[2].txt -> Spyware.Cookie.Ru4 : Cleaned with backup C:\Documents and Settings\Lisa Beggs\Cookies\lisa beggs@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup C:\Documents and Settings\Lisa Beggs\Cookies\lisa beggs@msnportal.112.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\Lisa Beggs\Cookies\lisa beggs@statcounter[1].txt -> Spyware.Cookie.Statcounter : Cleaned with backup C:\Documents and Settings\Rachel Beggs\Cookies\rachel beggs@advertising[2].txt -> Spyware.Cookie.Advertising : Cleaned with backup C:\Program Files\WebSavingsfromEbates -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\ApplicationData -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\ApplicationData\John Beggs -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\ApplicationData\John Beggs\data_ebws400.dls -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\ApplicationData\John Beggs\data_excludes_ebws400.dls -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\ApplicationData\merchants.dls -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\ApplicationData\systemdata.dls -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\ApplicationData\systemdata1.dls -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\ApplicationData\updates.dls -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\Applications -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\Applications\cmpck.dls -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\Applications\mercj351.dls -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\Applications\psid412.dls -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\Applications\sunclass.dls -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\Applications\sunclassupdates.dls -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\Code -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\Code\o.class -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\Code\z.class -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\Html -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\Images -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\MTemp -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\MTemp\logfile.txt -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\System -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\Temp -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\Temp\dump.txt -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\Temp\ebws400_script0.htm -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\Temp\ebws400_script0_wo.htm -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\Temp\pref400a.htm -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\Temp\pref400a_wo.htm -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\Temp\spec400a.htm -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\Temp\spec400a_wo.htm -> Adware.MoneyMaker : Cleaned with backup C:\WINDOWS\bsx32 -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\ADBN1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\ADBN2.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\ADVC5.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\ADVCTX2.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\ASIWS3.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\AUTOS1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\AUTOS2.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\BID1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\BingoRoom1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\CARD2.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\CARS3.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\CASH2.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\DATE3.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\DATE4.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\DEBT1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\DENT1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\EML1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\FAST1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\FINC3.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\FINC4.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\FINC5.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\FLWR1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\FMND1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\HEAL4.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\HEAL5.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\HEBE1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\HEBE2.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\HERBS1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\HOGAR1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\HOGAR2.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\HOMES3.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\INK1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\INSUR4.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\JOBS3.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\JOBS4.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\MORT2.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\MORT3.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\MOVS1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\MOVS2.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\NEWS1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\NEWS2.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\OPPR2.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\SHOP1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\SHOP2.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\SPZ3.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\TECH1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\TECH2.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\TMP1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\TRVL2.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\TRVL5.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\TV1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\UTONE1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\UTONE2.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\VENUE1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\WOMEN1.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\WOMEN2.bsx -> Spyware.BookedSpace : Cleaned with backup C:\WINDOWS\bsx32\XTFL2.bsx -> Spyware.BookedSpace : Cleaned with backup ::Report End

#10 little eagle

little eagle

    spyware hawk

  • Visiting Fellow
  • PipPipPipPipPipPip
  • 8,968 posts
  • Interests:spyware

Posted 31 January 2006 - 08:41 AM

Can you post another log from hijackthis?
Posted Image
My Website
ATF Cleaner for removing temporary files
HijackThis download
Donations to this site

    Advertisements

Register to Remove

#11 penpourri

penpourri

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 31 January 2006 - 07:51 PM

Yes, re-ran HJT and here's the latest log:

Logfile of HijackThis v1.99.1
Scan saved at 8:35:20 PM, on 1/31/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\SK6200dm.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\SealedMedia\sealmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\SecuritySuite.exe
C:\WINDOWS\System32\macromed\flash\GetFlash.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.adelphia.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot\SDHelper.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: PopUpCop - {DB43E4E6-FF8A-4018-8C8E-F68587A44A73} - C:\PROGRA~1\PopUpCop\PopUpCop.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Hot Key Kbd 2690 Daemon] SK6200dm.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [sealmon] C:\Program Files\SealedMedia\sealmon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [TaskTray] C:\Program Files\Creative\SBAudigy\Taskbar\CTLTray.exe
O4 - HKCU\..\Run: [Taskbar] C:\Program Files\Creative\SBAudigy\Taskbar\CTLTask.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: iM StartCenter.lnk = ?
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: Open Image in New Window - res://C:\Program Files\PopUpCop\popupcop.dll/imagenew
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1108822299430
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://us-housecall....ivex/hcImpl.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://67.133.209.14...sCamControl.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalci...illama/ampx.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

#12 little eagle

little eagle

    spyware hawk

  • Visiting Fellow
  • PipPipPipPipPipPip
  • 8,968 posts
  • Interests:spyware

Posted 01 February 2006 - 08:30 AM

Log looks clean how is it running?
Posted Image
My Website
ATF Cleaner for removing temporary files
HijackThis download
Donations to this site

#13 penpourri

penpourri

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 02 February 2006 - 09:09 AM

The computer is still running very slow when opening new programs, right-clicking on files, making new folders, etc. When starting these tasks, it seems to be swapping to disk very heavily. I may need some kind of disk or process monitoring utility that can tell me what processes are swapping to disk all the time. Any suggestions?

#14 little eagle

little eagle

    spyware hawk

  • Visiting Fellow
  • PipPipPipPipPipPip
  • 8,968 posts
  • Interests:spyware

Posted 02 February 2006 - 09:54 AM

Click start > control panel > user accounts > change the way users log on or off > uncheck fast user switching > restart you computor.

Download, unzip and run 'RootkitRevealer' from Sysinternals:
http://www.sysintern...itRevealer.html
Once the program has started, press Scan and let it run.
When the scan is done, use 'File > Save' to place the logfile in a convenient location (such as the desktop). The default filename will be 'RootkitReveal.txt'.

Save your Log File
Copy/Paste the contecnts of that logfile into your next reply

NOT touch the PC at ALL for Whatever reason/s until it has 100% completed its scan, or attempted scan in case of some error etc !

That way you should have a much simpler and clearer log file in which to peruse and evaluate.
Posted Image
My Website
ATF Cleaner for removing temporary files
HijackThis download
Donations to this site

#15 penpourri

penpourri

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 03 February 2006 - 08:58 PM

OK, I ran RootKitReveal but I cannot get it to save a log file. Each time I try to have it save a log file, the computer runs so slow and the RootKitReveal program stops responding. The RootKit file that I tried to save has no contents. However, the scan did find a large number of discrepancies, over 92,000.

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·