I apologize i didn't follow the proper procedures. I am adding a ewido, rapport and hijackthis log. Please let me know if you need anything else.
Thanks
SmitFraudFix v2.37
Scan done at 23:48:28.77, Sun 04/30/2006
Run from C:\Documents and Settings\TCox.ADVANCEMAGS\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600]
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» End
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 11:47:01 PM, 4/30/2006
+ Report-Checksum: DDC992F6
+ Scan result:
:mozilla.44:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.45:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.101:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.102:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.103:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.104:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.125:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.126:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.127:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.128:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.129:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.147:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.149:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.150:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.151:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.152:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.153:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.154:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.155:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.156:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.157:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.158:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.159:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.160:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.161:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.164:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.165:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.166:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.167:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.177:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.186:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.187:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup
:mozilla.188:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.189:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.190:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.191:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.192:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.193:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.194:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.195:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.196:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.197:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.198:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.222:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.228:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.229:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.230:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.231:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.232:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.236:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.237:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.238:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.239:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.246:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.250:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.251:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.252:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Gator : Cleaned with backup
:mozilla.253:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.254:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.255:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.259:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
:mozilla.268:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.269:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.272:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.277:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.279:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup
:mozilla.282:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.283:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.284:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.285:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.287:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.291:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.293:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.294:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.295:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.296:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.297:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.301:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.302:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.303:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.304:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.305:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.307:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.309:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.310:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.311:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.312:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.313:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.314:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.316:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.317:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.318:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.319:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.320:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.321:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.343:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.344:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.345:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.346:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.347:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.353:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.383:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned with backup
:mozilla.389:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.390:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.391:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.392:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.393:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.399:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.406:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.407:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.408:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.413:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.415:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.419:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.420:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.421:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.422:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.423:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.424:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.425:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.426:C:\Documents and Settings\TCox\Application Data\Mozilla\Firefox\Profiles\mynrzliv.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
C:\Documents and Settings\TCox.ADVANCEMAGS\Application Data\Earthlink\6.0\tc_uk_13@earthlink.net\Cookies\tcox@sales.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.29:C:\Documents and Settings\TCox.ADVANCEMAGS\Application Data\Mozilla\Firefox\Profiles\1auhh1q1.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.30:C:\Documents and Settings\TCox.ADVANCEMAGS\Application Data\Mozilla\Firefox\Profiles\1auhh1q1.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.31:C:\Documents and Settings\TCox.ADVANCEMAGS\Application Data\Mozilla\Firefox\Profiles\1auhh1q1.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.32:C:\Documents and Settings\TCox.ADVANCEMAGS\Application Data\Mozilla\Firefox\Profiles\1auhh1q1.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\WINDOWS\system32\dmqld.exe -> Trojan.Pakes : Cleaned with backup
::Report End
Logfile of HijackThis v1.99.1
Scan saved at 11:54:12 PM, on 4/30/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\LANDesk\Shared Files\residentagent.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\SQLLIB\bin\db2jds.exe
C:\Program Files\SQLLIB\bin\db2sec.exe
C:\PROGRA~1\NavNT\DefWatch.exe
C:\Program Files\LANDesk\LDClient\LocalSch.EXE
C:\WINDOWS\system32\cba\pds.exe
C:\Program Files\LANDesk\LDClient\tmcsvc.exe
C:\PROGRA~1\LANDesk\LDClient\issuser.exe
C:\Program Files\Symantec\Ghost\ngctw32.exe
C:\PROGRA~1\NavNT\Rtvscan.exe
C:\win32app\nsr\bin\nsrexecd.exe
C:\orant\bin\OWASTsvr.exe
C:\win32app\nsr\bin\portmap.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\LANDesk\LDClient\softmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\NavNT\vptray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\LANDesk\LDClient\webportal\sdclientmonitor.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\Program Files\SpywareBlaster\spywareblaster.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\unzipped\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Advance Magazine Publishers,Inc.
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_5_7_0.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [AtiPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\NavNT\vptray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [LTAClientEnforcer] C:\Program Files\LANDesk\LDClient\LTAClientEnforcer.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [IntelAPMClient] "C:\Program Files\LANDesk\LDClient\amclient.exe" /apm /s /ro
O4 - HKLM\..\Run: [LANDeskInventoryClient] "C:\Program Files\LANDesk\LDClient\LDIScn32.exe" /NTT=SAMGNYA17:5007 /S=SAMGNYA17 /I=HTTP://SAMGNYA17/ldlogon/ldappl3.ldz /NOUI
O4 - HKLM\..\Run: [SDClientMonitor] "C:\Program Files\LANDesk\LDClient\webportal\sdclientmonitor.exe"
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - Startup: Inventory Scan.LNK = C:\LDClient\LDISCN32.EXE
O4 - Startup: Ubisoft register.lnk = ?
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -
http://us.dl1.yimg.c...nst20040510.cab
O16 - DPF: {CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} (Java Runtime Environment 1.3.1_09) -
http://samgdeba06/An...dows-i586-i.exe
O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) -
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) -
http://zone.msn.com/...outLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} -
http://zone.msn.com/...aploader_v5.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) -
http://www.gamespot.com/KDX/kdx.cab
O16 - DPF: {FBE37597-190E-4A06-978F-E39037999049} (Genesys Component Installer) -
http://content101.mc...mcinstaller.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = advancemags.com
O17 - HKLM\Software\..\Telephony: DomainName = advancemags.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{66EE9581-2B3E-47A7-A49A-B3DE304F90B7}: NameServer = 85.255.116.163,85.255.112.102
O17 - HKLM\System\CCS\Services\Tcpip\..\{67B3F441-ABC9-4615-A610-E82DB42FBA8F}: NameServer = 85.255.116.163,85.255.112.102
O17 - HKLM\System\CCS\Services\Tcpip\..\{85CF30E7-2637-4F13-84E4-60DAF674B951}: NameServer = 85.255.116.163,85.255.112.102
O17 - HKLM\System\CCS\Services\Tcpip\..\{D9B43A30-56A7-4C0F-9959-7C29C21A4A36}: NameServer = 85.255.116.163 85.255.112.102
O17 - HKLM\System\CCS\Services\Tcpip\..\{E37BA073-7C4B-401F-9CA8-57532D7C2CDD}: NameServer = 85.255.116.163,85.255.112.102
O17 - HKLM\System\CCS\Services\Tcpip\..\{FD8CC68D-AFE7-4D0D-8C33-A962E1507176}: NameServer = 85.255.116.163,85.255.112.102
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = advancemags.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = condenast.com,advancemags.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = advancemags.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = condenast.com,advancemags.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = condenast.com,advancemags.com
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: LANDesk® Management Agent (CBA8) - LANDesk Software, Ltd. - C:\Program Files\LANDesk\Shared Files\residentagent.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: DB2 - DB2 (DB2) - International Business Machines Corporation - C:\PROGRA~1\SQLLIB\bin\db2syscs.exe
O23 - Service: DB2 JDBC Applet Server - Control Center (DB2ControlCenterServer) - Unknown owner - C:\Program Files\SQLLIB\bin\db2ccs.exe
O23 - Service: DB2 - DB2DAS00 (DB2DAS00) - International Business Machines Corporation - C:\PROGRA~1\SQLLIB\bin\db2syscs.exe
O23 - Service: DB2 Governor (DB2GOVERNOR) - International Business Machines Corporation - C:\Program Files\SQLLIB\bin\db2govds.exe
O23 - Service: DB2 JDBC Applet Server (DB2JDS) - Unknown owner - C:\Program Files\SQLLIB\bin\db2jds.exe
O23 - Service: DB2 Security Server (DB2NTSECSERVER) - International Business Machines Corporation - C:\Program Files\SQLLIB\bin\db2sec.exe
O23 - Service: DB2 Remote Command (DB2REMOTECMD) - International Business Machines Corporation - C:\Program Files\SQLLIB\bin\db2rcmd.exe
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\NavNT\DefWatch.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Intel Local Scheduler Service - LANDesk Software, Ltd. - C:\Program Files\LANDesk\LDClient\LocalSch.EXE
O23 - Service: Intel PDS - LANDesk Software Ltd. - C:\WINDOWS\system32\cba\pds.exe
O23 - Service: LANDesk Targeted Multicast (Intel Targeted Multicast) - LANDesk Software, Ltd. - C:\Program Files\LANDesk\LDClient\tmcsvc.exe
O23 - Service: LANDesk Remote Control Service (ISSUSER) - LANDesk Software, Ltd. - C:\PROGRA~1\LANDesk\LDClient\issuser.exe
O23 - Service: Symantec Ghost Client Agent (NGClient) - Symantec Corporation - C:\Program Files\Symantec\Ghost\ngctw32.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\NavNT\Rtvscan.exe
O23 - Service: NetWorker Backup and Recover Server (nsrd) - Unknown owner - C:\win32app\nsr\bin\nsrd (file missing)
O23 - Service: NetWorker Remote Exec Service (nsrexecd) - Unknown owner - C:\win32app\nsr\bin\nsrexecd (file missing)
O23 - Service: OracleAgent80 - oracle - C:\orant\agentbin\DBSNMP.EXE
O23 - Service: OracleClientCache80 - Unknown owner - C:\orant\BIN\ONRSD80.EXE
O23 - Service: OracleCMAdminService80 - Unknown owner - C:\orant\BIN\CMADM80.EXE
O23 - Service: OracleCManService80 - Unknown owner - C:\orant\BIN\CMGW80.EXE
O23 - Service: OracleConTextService80 - Oracle Corporation - C:\orant\BIN\CTXSVC80.EXE
O23 - Service: OracleDataGatherer - Unknown owner - C:\orant\bin\vppdc.exe
O23 - Service: OracleExtprocAgent - Unknown owner - C:\orant\BIN\EXTPROCT.EXE
O23 - Service: OracleNamesService80 - Unknown owner - C:\orant\BIN\NAMES80.EXE
O23 - Service: OraclePGMSService - Unknown owner - C:\orant\BIN\PGMS.EXE
O23 - Service: OracleServiceORC0 - Oracle Corporation - c:\orant\bin\oracle80.exe
O23 - Service: OracleServiceORC1 - Oracle Corporation - c:\orant\bin\oracle80.exe
O23 - Service: OracleServiceORC2 - Oracle Corporation - c:\orant\bin\oracle80.exe
O23 - Service: OracleServiceORC3 - Oracle Corporation - c:\orant\bin\oracle80.exe
O23 - Service: OracleServiceORCL - Oracle Corporation - c:\orant\bin\oracle80.exe
O23 - Service: OracleStartORC0 - Unknown owner - C:\orant\BIN\strtdb80.exe
O23 - Service: OracleStartORC1 - Unknown owner - C:\orant\BIN\strtdb80.exe
O23 - Service: OracleStartORC2 - Unknown owner - C:\orant\BIN\strtdb80.exe
O23 - Service: OracleStartORC3 - Unknown owner - C:\orant\BIN\strtdb80.exe
O23 - Service: OracleStartORCL - Unknown owner - C:\orant\BIN\strtdb80.exe
O23 - Service: OracleTNSListener80 - Unknown owner - C:\orant\BIN\TNSLSNR80.EXE
O23 - Service: OracleWebAssistant - Oracle Corporation - C:\orant\bin\OWASTsvr.exe
O23 - Service: Storage Management Portmapper (portmap) - Unknown owner - C:\win32app\nsr\bin\portmap (file missing)
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: LANDesk® Software Monitoring Service (Softmon) - LANDesk Software, Ltd. - C:\Program Files\LANDesk\LDClient\softmon.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
