WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93112 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Windows Hijacked

Started by G35 , Apr 05 2007 05:09 PM

This topic is locked

11 replies to this topic

#1 G35

New Member

New Member
5 posts

Posted 05 April 2007 - 05:09 PM

Major problems with pop-ups the system running slow and sometimes I get a message that windows is already running like there is a second operating system working. I have run Spy bot search and destroy and CWshredder. I also have this lime wire bug that pops up on startup. I ran the Hijackthis program hoping I can still save my system. Thanks for your help in advance. G35 Here is the file.Logfile of HijackThis v1.99.1
Scan saved at 4:12:22 PM, on 4/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Nhksrv.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\MMKeybd.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe
C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\winupdates\winupdates.exe
C:\Program Files\outlook\outlook.exe
C:\WINDOWS\system32\tbctray.exe
C:\Program Files\Common Files\{18188459-05CB-1033-0802-010402010001}\Update.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\WgaTray.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
C:\Program Files\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Netropa\OSD.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Terry Corn\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/home.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Web Assistant - {04DCB78C-AB45-83AD-A86A-6DFB90277939} - C:\Program Files\psquery\psquery.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: 0 - {3B973FD2-D025-406E-94AF-CF16EBF0E20E} - C:\Program Files\Internet Explorer\tedaredas.dll
O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Zero Knowledge\Freedom\pkR.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ZKBho Class - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll
O2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-7bd156758a37} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: (no name) - {AFFD1644-5222-4F1D-9F32-CEEE7467AB36} - C:\Program Files\Windows NT\quroxuc.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\MMKeybd.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe"
O4 - HKLM\..\Run: [Freedom] C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O4 - HKLM\..\Run: [TraySantaCruz] C:\WINDOWS\system32\tbctray.exe
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HPAiODevice(hp officejet g series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {01010200-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Installer) - http://supportcenter...ad/tgctlins.cab
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://supportsoft.a...ad/tgctlins.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst20040510.cab
O16 - DPF: {E53458D2-5A83-4BD1-8DE2-EEEBE73BAB77} - http://dinet.info/n/us26/n.cab
O20 - AppInit_DLLs: dxclib303562752.dll
O20 - Winlogon Notify: DfLogon - C:\WINDOWS\SYSTEM32\LogonDll.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Client IP-IPX - Unknown owner - ".exe (file missing)
O23 - Service: DF5Serv - Faronics Corporation - C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

Advertisements

Register to Remove

#2 LDTate

Grand Poobah

Root Admin
57,211 posts

Posted 05 April 2007 - 05:25 PM

Hello and Welcome to the forum.

I suggest you do this:

Double-click My Computer.
Click the Tools menu, and then click Folder Options.
Click the View tab.
Clear "Hide file extensions for known file types."
Under the "Hidden files" folder, select "Show hidden files and folders."
Clear "Hide protected operating system files."
Click Apply, and then click OK.

Please do not delete anything unless instructed to.

1.Click Start > Settings > Control Panel.
2.Next, open Add/Remove Programs and remove if listed:
SurfSideKick

Please download Ewido Anti-Malware

Install Ewido Anti-Malware
Launch Ewido, there should be an icon on your desktop, double-click it.
The program will now open to the main screen.
When you run Ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.

You will need to update Ewido to the latest definition files.

On the left hand side of the main screen click update.
Then click on Start Update.
The update will start and a progress bar will show the updates being installed.
(the status bar at the bottom will display ("Update successful")
Exit Ewido, do not run the scan yet!

If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates

Click My Computer, then C:\
In the menu bar, File->New->Folder.
That will create a folder named New Folder, which you can rename to "BFU"

Please download Brute Force Uninstaller.
Unzip it to its own folder (c:\BFU)

Next, RIGHT-CLICK HERE and choose "Save As" (in IE it's "Save Target As") in order to download Alcra Remover. Save it in the folder you made earlier (c:\BFU).

Do not run the Uninstaller and the Remover yet.

Please reboot into Safemode:
Turn on the computer.
Immediately begin tapping the F8 key.
Use the arrow keys to highlight Safe Mode and press the Enter key.

*Click on Ewido>Scanner
Then select "Settings"
Under the bottom section "What to Scan?" make sure "Scan every file" is checked.
Select "OK" and you will return to scanning options.
*Click on Complete System Scan and the scan will begin.

This scan can take quite a while to run, so please be patient .
While the scan is in progress, you will be prompted to clean the first infected file it finds. Choose Clean. Then put a check next to 'Perform action on all infections' . Doing this, enables the scan to proceed automatically until its completion. Click OK

When the scan finishes, click on "Save Report". This will create a text file.
** Make sure you know where to find this file again. The best place to save it would probably be your Desktop.
Now close Ewido Anti Malware.

Open My Computer and navigate to the c:\BFU folder. Start the Brute Force Uninstaller by doubleclicking BFU.exe

Behind the scriptline to execute field click the folder icon and select alcanshorty.bfu

Press execute and let it do its job.

Wait for the complete script execution box to pop up and press OK.
Press exit to terminate the BFU program.

Please run HijackThis, click Scan, and check the following:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll
O2 - BHO: Web Assistant - {04DCB78C-AB45-83AD-A86A-6DFB90277939} - C:\Program Files\psquery\psquery.dll
O2 - BHO: 0 - {3B973FD2-D025-406E-94AF-CF16EBF0E20E} - C:\Program Files\Internet Explorer\tedaredas.dll
O2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-7bd156758a37} - (no file)
O2 - BHO: (no name) - {AFFD1644-5222-4F1D-9F32-CEEE7467AB36} - C:\Program Files\Windows NT\quroxuc.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O20 - AppInit_DLLs: dxclib303562752.dll
O20 - Winlogon Notify: DfLogon - C:\WINDOWS\SYSTEM32\LogonDll.dll
O23 - Service: Client IP-IPX - Unknown owner - ".exe (file missing)

Close all open windows except HijackThis, and click Fix Checked.

Reboot into normal windows and post the contents of Ewido text report that you saved and a new HiJackThis log.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

If you would like to for the help you received.

Proud graduate of TC/WTT Classroom

#3 G35

New Member

New Member
5 posts

Posted 09 April 2007 - 02:12 PM

To LD Tate,

I have a feeling I may not have done something correctly with the scan but I did follow the instructions but I must admit to limited skills. The scan igorned some things I think need to be deleted but I could not get it to change once it had ignored them even on a reboot. Also when checking off items to delete with hijackthis the computer would not let this line be erased and sent an error message. 020 - AppInit_DLLs:dxclib303562752.dll Here is a copy of my scan and Hijack log.
Thanks for your help,

Terry

Logfile of HijackThis v1.99.1
Scan saved at 3:51:41 PM, on 4/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Nhksrv.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\MMKeybd.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe
C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
C:\WINDOWS\system32\tbctray.exe
C:\Program Files\Common Files\{18188459-05CB-1033-0802-010402010001}\Update.exe
C:\Program Files\Netropa\OSD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Terry Corn\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://comcast.net/
R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Zero Knowledge\Freedom\pkR.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ZKBho Class - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\MMKeybd.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe"
O4 - HKLM\..\Run: [Freedom] C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
O4 - HKLM\..\Run: [TraySantaCruz] C:\WINDOWS\system32\tbctray.exe
O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HPAiODevice(hp officejet g series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {01010200-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Installer) - http://supportcenter...ad/tgctlins.cab
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://supportsoft.a...ad/tgctlins.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst20040510.cab
O16 - DPF: {E53458D2-5A83-4BD1-8DE2-EEEBE73BAB77} - http://dinet.info/n/us26/n.cab
O20 - AppInit_DLLs: dxclib303562752.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\BFU\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DF5Serv - Faronics Corporation - C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

VG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 3:31:15 PM 4/9/2007

+ Scan result:

C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116099.exe -> Adware.180Solutions : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116101.exe -> Adware.180Solutions : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115700.exe -> Adware.888Bar : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115737.exe -> Adware.888Bar : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116756.exe -> Adware.888Bar : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116810.exe -> Adware.888Bar : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116855.exe -> Adware.888Bar : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116919.exe -> Adware.888Bar : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116755.dll -> Adware.Bar888 : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116879.dll -> Adware.Bar888 : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116918.dll -> Adware.Bar888 : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0117629.dll -> Adware.CommAd : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0117630.exe -> Adware.CommAd : Ignored.
C:\Program Files\DeluxeCommunications -> Adware.DeluxeCommunications : Ignored.
C:\Program Files\DeluxeCommunications\DxcBho.dll -> Adware.DeluxeCommunications : Ignored.
C:\Program Files\DeluxeCommunications\DxcCore.dll -> Adware.DeluxeCommunications : Ignored.
HKLM\SOFTWARE\Classes\CLSID\{A8BD6820-6ED7-423E-9558-2D1486B0FEEA} -> Adware.DeluxeCommunications : Ignored.
HKLM\SOFTWARE\DeluxeCommunications -> Adware.DeluxeCommunications : Ignored.
HKLM\SOFTWARE\DeluxeCommunications\Internet Explorer -> Adware.DeluxeCommunications : Ignored.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\DeluxeCommunications -> Adware.DeluxeCommunications : Ignored.
HKU\S-1-5-21-1390067357-152049171-854245398-1003\Software\DeluxeCommunications -> Adware.DeluxeCommunications : Ignored.
HKU\S-1-5-21-1390067357-152049171-854245398-1003\Software\DeluxeCommunications\Internet Explorer -> Adware.DeluxeCommunications : Ignored.
HKU\S-1-5-21-1390067357-152049171-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Run\\DeluxeCommunications -> Adware.DeluxeCommunications : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116085.exe -> Adware.HotBar : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116086.dll -> Adware.HotBar : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116089.exe -> Adware.HotBar : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116091.dll -> Adware.HotBar : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116094.exe -> Adware.HotBar : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116095.dll -> Adware.HotBar : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116097.exe -> Adware.HotBar : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116100.dll -> Adware.Hotbar : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116732.dll -> Adware.HotBar : Ignored.
C:\Documents and Settings\Andrew & Evan\Shared\finepix veiwer.exe -> Adware.Lop : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115629.dll -> Adware.NewDotNet : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116862.exe -> Adware.NewDotNet : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116863.exe -> Adware.NewDotNet : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116874.dll -> Adware.NewDotNet : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP538\A0117236.exe -> Adware.NewDotNet : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP538\A0117237.exe -> Adware.NewDotNet : Ignored.
C:\WINDOWS\system32\bund1\ClientBundle1.exe -> Adware.NewDotNet : Ignored.
C:\WINDOWS\system32\micro1\a1.exe -> Adware.NewDotNet : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP538\A0117238.exe -> Adware.Pesttrap : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115869.dll -> Adware.PurityScan : Ignored.
HKLM\SOFTWARE\Clickspring -> Adware.PurityScan : Ignored.
C:\Program Files\Common Files\{18188459-05CB-1033-0802-010402010001}\Update.exe -> Adware.Softomate : Ignored.
C:\RECYCLER\S-1-5-18\Dc1\Update.exe -> Adware.Softomate : Ignored.
C:\RECYCLER\S-1-5-18\Dc1\system.dll -> Adware.Softomate : Ignored.
C:\RECYCLER\S-1-5-21-1390067357-152049171-854245398-1003\Dc2\Update.exe -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115679.exe -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115744.dll -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115745.exe -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115841.dll -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115842.exe -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116821.dll -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116822.exe -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116823.dll -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116824.exe -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116870.dll -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116871.exe -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116925.dll -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116926.exe -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116927.dll -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116928.exe -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP539\A0117275.dll -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP539\A0117276.exe -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117397.dll -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117398.exe -> Adware.Softomate : Ignored.
[2116] C:\Program Files\Common Files\{18188459-05CB-1033-0802-010402010001}\Update.exe -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP538\A0117239.exe -> Adware.Spysheriff : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0117638.exe -> Adware.SurfSide : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0117640.exe -> Adware.SurfSide : Ignored.
C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[1004] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[1052] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[1104] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[1148] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[1204] C:\WINDOWS\System32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[1252] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[1320] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[1364] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[1604] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[1676] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[1692] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[1752] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[1796] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[1836] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[1880] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[1900] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[1932] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[1992] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[2008] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[2144] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[2168] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[2236] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[2320] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[2464] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[2496] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[2656] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[3068] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[328] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[3468] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[3956] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[408] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[776] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[824] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[836] C:\WINDOWS\system32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
[840] C:\WINDOWS\System32\dxclib303562752.dll -> Adware.SurfSide : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116773.exe -> Adware.Systemdoctor : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116774.dll -> Adware.Systemdoctor : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116775.exe -> Adware.Systemdoctor : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116787.exe -> Adware.Systemdoctor : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116788.exe -> Adware.Systemdoctor : Ignored.
C:\Program Files\SystemDoctor 2006 Free -> Adware.SystemDoctor2006 : Ignored.
C:\Program Files\SystemDoctor 2006 Free\hisbh.xml -> Adware.SystemDoctor2006 : Ignored.
C:\Program Files\SystemDoctor 2006 Free\lock.dat -> Adware.SystemDoctor2006 : Ignored.
C:\Program Files\SystemDoctor 2006 Free\sr.log -> Adware.SystemDoctor2006 : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116830.dll -> Adware.TargetServer : Ignored.
C:\Documents and Settings\Terry Corn\Desktop\backups\backup-20070409-140758-799.dll -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115630.dll -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115701.exe -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115712.dll -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115738.exe -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\snapshot\MFEX-1.DAT -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116761.exe -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116762.dll -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116779.dll -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116813.exe -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116834.dll -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116857.exe -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116873.dll -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116947.exe -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0117148.dll -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0117165.exe -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0117174.dll -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP538\A0117214.exe -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP538\A0117245.dll -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP538\A0117267.exe -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP539\snapshot\MFEX-1.DAT -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117300.dll -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117345.exe -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117350.dll -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117368.exe -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117376.dll -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117393.exe -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117401.dll -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117422.dll -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117556.exe -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\snapshot\MFEX-1.DAT -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0117570.dll -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0117594.exe -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0117600.dll -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0117617.exe -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0117622.dll -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0118653.dll -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\snapshot\MFEX-1.DAT -> Adware.TTC : Ignored.
C:\WINDOWS\VTTC.exe -> Adware.TTC : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115714.exe -> Adware.WebHancer : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115715.dll -> Adware.WebHancer : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115716.dll -> Adware.WebHancer : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116713.exe -> Adware.WebHancer : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116714.dll -> Adware.WebHancer : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116716.exe -> Adware.WebHancer : Ignored.
HKU\S-1-5-21-1390067357-152049171-854245398-1003\Software\ToolBar -> Adware.WebSearch : Ignored.
HKU\S-1-5-21-1390067357-152049171-854245398-1003\Software\ToolBar\all -> Adware.WebSearch : Ignored.
HKU\S-1-5-21-1390067357-152049171-854245398-1003\Software\ToolBar\all\History -> Adware.WebSearch : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116786.exe -> Adware.WinFixer : Ignored.
C:\Documents and Settings\Terry Corn\Desktop\backups\backup-20070409-140758-851.dll -> Adware.ZQuest : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0118652.dll -> Adware.ZQuest : Ignored.
C:\WINDOWS\system32\micro1\a3.exe -> Adware.ZQuest : Ignored.
C:\Documents and Settings\Andrew Corn\Desktop\Autodesk Inventor 10 Pro.rar/Setup.exe -> Backdoor.IRCBot.dd : Ignored.
C:\Documents and Settings\Andrew Corn\My Documents\Autodesk Inventor 10 Pro.rar/Setup.exe -> Backdoor.IRCBot.dd : Ignored.
C:\Documents and Settings\Andrew Corn\My Documents\Autodesk Inventor Pro 11 DVD ISO.rar/Setup.exe -> Backdoor.IRCBot.dd : Ignored.
C:\Documents and Settings\Andrew Corn\My Documents\Autodesk Inventor v.11 iSO.rar/Setup.exe -> Backdoor.IRCBot.dd : Ignored.
C:\Documents and Settings\Andrew Corn\Shared\Autodesk Inventor 10 Pro.rar/Setup.exe -> Backdoor.IRCBot.dd : Ignored.
C:\Documents and Settings\Andrew Corn\Shared\Autodesk Inventor Pro 11 DVD ISO.rar/Setup.exe -> Backdoor.IRCBot.dd : Ignored.
C:\Documents and Settings\Andrew Corn\Shared\Autodesk Inventor v.11 iSO.rar/Setup.exe -> Backdoor.IRCBot.dd : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0118645.exe -> Backdoor.Rbot : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115736.exe -> Downloader.Agent.bca : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116753.exe -> Downloader.Agent.bca : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116809.exe -> Downloader.Agent.bca : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116852.exe -> Downloader.Agent.bca : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116891.exe -> Downloader.Agent.bca : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116917.exe -> Downloader.Agent.bca : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117372.exe -> Downloader.Agent.bca : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117441.exe -> Downloader.Agent.bca : Ignored.
C:\WINDOWS\system32\svchosts.exe -> Downloader.Agent.bca : Ignored.
C:\Documents and Settings\Andrew & Evan\Shared\(CLONECD) finepix veiwer (full version) [Radio.Version].zip/Setup.exe -> Downloader.Agent.bdr : Ignored.
C:\Documents and Settings\Andrew & Evan\Shared\(EViL) finepix veiwer _cracked_ (Extended.Edition).exe -> Downloader.Agent.bdr : Ignored.
C:\Documents and Settings\Andrew & Evan\Shared\[[[[[ finepix veiwer ]]]]] (Unreleased).zip/Setup.exe -> Downloader.Agent.bdr : Ignored.
C:\Documents and Settings\Andrew Corn\Shared\(Centropy) inventor 10 (full) (Divx).zip/Setup.exe -> Downloader.Agent.bdr : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115873.exe -> Downloader.PurityScan.eb : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115875.exe -> Downloader.PurityScan.eh : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115877.exe -> Downloader.PurityScan.eh : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116829.exe -> Downloader.TSUpdate.f : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116828.exe -> Downloader.TSUpdate.l : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116835.exe -> Downloader.TSUpdate.n : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116827.exe -> Downloader.TSUpdate.r : Ignored.
C:\Documents and Settings\Andrew Corn\Shared\Autodesk Inventor 10 Pro.exe -> Dropper.VB.lu : Ignored.
C:\Documents and Settings\Andrew Corn\Shared\Autodesk Inventor Professional 10.exe -> Dropper.VB.lu : Ignored.
C:\Documents and Settings\Andrew Corn\Shared\Autodesk Inventor Professional v11.exe -> Dropper.VB.lu : Ignored.
C:\Documents and Settings\Andrew Corn\Shared\Autodesk Inventor v.11 iSO.exe -> Dropper.VB.lu : Ignored.
C:\Documents and Settings\Andrew Corn\Shared\Autodesk Inventor v11.exe -> Dropper.VB.lu : Ignored.
C:\WINDOWS\Downloaded Program Files\USDR6_7777_BHLP0611NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.q : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP534\A0115329.exe -> Not-A-Virus.Hoax.Win32.Renos.eo : Ignored.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP538\A0117235.exe -> Not-A-Virus.Monitor.Win32.NetMon.a : Ignored.
:mozilla.43:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.247realmedia : Ignored.
:mozilla.10:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.11:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.12:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.13:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.210:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.211:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.213:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.214:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.215:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.216:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.217:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.218:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.460:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.468:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@2o7[2].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@cbs.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@powellsbooks.122.2o7[1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@2o7[1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@nike.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored.
:mozilla.195:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.196:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.198:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.200:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adbrite : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@adbrite[1].txt -> TrackingCookie.Adbrite : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Ignored.
C:\Documents and Settings\LocalService\Cookies\system@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Ignored.
:mozilla.122:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Adjuggler : Ignored.
:mozilla.123:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Adjuggler : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@ad.admarketplace[1].txt -> TrackingCookie.Admarketplace : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@admarketplace[1].txt -> TrackingCookie.Admarketplace : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@www.adobe[1].txt -> TrackingCookie.Adobe : Ignored.
:mozilla.42:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.43:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.44:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.45:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.46:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.47:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.48:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.694:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.695:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@adrevolver[3].txt -> TrackingCookie.Adrevolver : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@adrevolver[1].txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.10:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Advertising : Ignored.
:mozilla.11:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Advertising : Ignored.
:mozilla.13:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Advertising : Ignored.
:mozilla.8:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Advertising : Ignored.
:mozilla.9:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Advertising : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@advertising[1].txt -> TrackingCookie.Advertising : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@advertising[2].txt -> TrackingCookie.Advertising : Ignored.
:mozilla.12:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Atdmt : Ignored.
:mozilla.23:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Atdmt : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@atdmt[2].txt -> TrackingCookie.Atdmt : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@atdmt[2].txt -> TrackingCookie.Atdmt : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@bfast[2].txt -> TrackingCookie.Bfast : Ignored.
:mozilla.572:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Bluestreak : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@bluestreak[1].txt -> TrackingCookie.Bluestreak : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@bluestreak[1].txt -> TrackingCookie.Bluestreak : Ignored.
:mozilla.621:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Bridgetrack : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@citi.bridgetrack[2].txt -> TrackingCookie.Bridgetrack : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@citi.bridgetrack[2].txt -> TrackingCookie.Bridgetrack : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Ignored.
:mozilla.134:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Burstnet : Ignored.
:mozilla.37:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Burstnet : Ignored.
:mozilla.38:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Burstnet : Ignored.
:mozilla.40:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Burstnet : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@burstnet[1].txt -> TrackingCookie.Burstnet : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@burstnet[2].txt -> TrackingCookie.Burstnet : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@www.burstnet[1].txt -> TrackingCookie.Burstnet : Ignored.
:mozilla.142:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.143:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.144:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.145:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.146:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@casalemedia[2].txt -> TrackingCookie.Casalemedia : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@casalemedia[1].txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.630:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Clickzs : Ignored.
:mozilla.631:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Clickzs : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@cz3.clickzs[1].txt -> TrackingCookie.Clickzs : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@cz7.clickzs[2].txt -> TrackingCookie.Clickzs : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@cz8.clickzs[2].txt -> TrackingCookie.Clickzs : Ignored.
:mozilla.55:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Com : Ignored.
:mozilla.659:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Com : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@com[1].txt -> TrackingCookie.Com : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@connextra[2].txt -> TrackingCookie.Connextra : Ignored.
:mozilla.62:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Cpvfeed : Ignored.
:mozilla.63:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Cpvfeed : Ignored.
:mozilla.64:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Cpvfeed : Ignored.
:mozilla.65:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Cpvfeed : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Ignored.
C:\Documents and Settings\LocalService\Cookies\system@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Ignored.
:mozilla.340:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Dealtime : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@dealtime[2].txt -> TrackingCookie.Dealtime : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@stat.dealtime[1].txt -> TrackingCookie.Dealtime : Ignored.
:mozilla.39:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Doubleclick : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@doubleclick[2].txt -> TrackingCookie.Doubleclick : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wfkoqpcpefo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wfkouhczwhq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wfkysjajmho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wfl4ciczikp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wjk4ckdjwko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wjkoegc5ihp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wjkowkdpolo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wjkyokdjmlo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wjliciczgep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wjligldjakq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wjlyamdpogo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wjlyaoc5alq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Ignored.
:mozilla.688:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Euroclick : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@as-us.falkag[2].txt -> TrackingCookie.Falkag : Ignored.
C:\Documents and Settings\LocalService\Cookies\system@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Ignored.
:mozilla.111:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Fastclick : Ignored.
:mozilla.112:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Fastclick : Ignored.
:mozilla.25:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Fastclick : Ignored.
:mozilla.26:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Fastclick : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@fastclick[1].txt -> TrackingCookie.Fastclick : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@fastclick[1].txt -> TrackingCookie.Fastclick : Ignored.
C:\Documents and Settings\LocalService\Cookies\system@findwhat[2].txt -> TrackingCookie.Findwhat : Ignored.
:mozilla.40:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Fortunecity : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@tracking.g3x[1].txt -> TrackingCookie.G3x : Ignored.
:mozilla.476:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Hitbox : Ignored.
:mozilla.571:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Hitbox : Ignored.
:mozilla.611:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@ehg-bestbuy.hitbox[2].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@ehg-bizjournals.hitbox[1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@ehg-hollywoodmedia.hitbox[2].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@hitbox[2].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@ehg-gamespyinc.hitbox[1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@ehg-hollywoodmedia.hitbox[2].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@hitbox[1].txt -> TrackingCookie.Hitbox : Ignored.
:mozilla.500:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Idot : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@idot[1].txt -> TrackingCookie.Idot : Ignored.
:mozilla.635:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Imrworldwide : Ignored.
:mozilla.636:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Imrworldwide : Ignored.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@searchportal.information[2].txt -> TrackingCookie.Information : Ignored.
:mozilla.465:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Linksynergy : Ignored.
:mozilla.466:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Linksynergy : Ignored.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@linksynergy[1].txt -> TrackingCookie.Linksynergy : Ignored.
:mozilla.124:C:\Docu

#4 LDTate

Grand Poobah

Root Admin
57,211 posts

Posted 09 April 2007 - 03:41 PM

Lets try this again. Be sure to change the settings.

Once the setup is complete you will need run ewido and update the definition
files.
On the main screen select the icon "Update" then select the "
Update now" link.
- Next select the "Start Update" button, the update will start and a
  progress bar will show the updates being installed.
Once the update has completed select the "Scanner" icon at the top of
the screen, then select the "Settings" tab.
Once in the Settings screen click on "Recommended actions" and then
select " "DELETE" .".
Under "Reports"
- Select "Automatically generate report after every scan"
- Un-Select "Only if threats were found"

Close AVG Anti-Spyware, Do Not run a scan just yet, we will shortly.

Reboot your computer into SafeMode. You can do this by restarting
your computer and continually tapping the F8 key until a menu appears.

Use your up arrow key to highlight SafeMode then hit enter.
IMPORTANT: Do not open any other windows or
programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
Lauch AVG Anti-Spyware by double-clicking the icon on your desktop.
Select the "Scanner" icon at the top and then the "Scan" tab
then click on "Complete System Scan".
ewido will now begin the scanning process, be patient this may take a little
time.
Once the scan is complete do the following:
If you have any infections you will prompted, then select "Apply all
actions"
Next select the "Reports" icon at the top.
Select the "Save report as" button in the lower left hand of the
screen and save it to a text file on your system (make sure to remember where
you saved that file, this is important).
Close AVG Anti-Spyware and reboot your system back into Normal Mode and post the
results of the AVG Anti-Spyware report scan along with a new HijackThis log.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

If you would like to for the help you received.

Proud graduate of TC/WTT Classroom

#5 G35

New Member

New Member
5 posts

Posted 11 April 2007 - 07:53 PM

Hey LD Tate,
Hopefully I did a better job on the spyware scan in safemode this time. I made the sure the setting was on delete. I have included the new scan and a new hijacklog to look for any follow-up issues. Thanks again for your time.
Terry

Logfile of HijackThis v1.99.1
Scan saved at 9:31:23 PM, on 4/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Nhksrv.exe
C:\BFU\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\MMKeybd.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe
C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
C:\WINDOWS\system32\tbctray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\Netropa\OSD.exe
C:\Program Files\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Documents and Settings\Terry Corn\Desktop\HijackThis.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://comcast.net/
R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Zero Knowledge\Freedom\pkR.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ZKBho Class - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\MMKeybd.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe"
O4 - HKLM\..\Run: [Freedom] C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
O4 - HKLM\..\Run: [TraySantaCruz] C:\WINDOWS\system32\tbctray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HPAiODevice(hp officejet g series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {01010200-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Installer) - http://supportcenter...ad/tgctlins.cab
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://supportsoft.a...ad/tgctlins.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst20040510.cab
O16 - DPF: {E53458D2-5A83-4BD1-8DE2-EEEBE73BAB77} - http://dinet.info/n/us26/n.cab
O20 - AppInit_DLLs: dxclib303562752.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\BFU\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DF5Serv - Faronics Corporation - C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

Logfile of HijackThis v1.99.1
Scan saved at 9:31:23 PM, on 4/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Nhksrv.exe
C:\BFU\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\MMKeybd.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe
C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
C:\WINDOWS\system32\tbctray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\Netropa\OSD.exe
C:\Program Files\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Documents and Settings\Terry Corn\Desktop\HijackThis.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://comcast.net/
R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Zero Knowledge\Freedom\pkR.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ZKBho Class - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\MMKeybd.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe"
O4 - HKLM\..\Run: [Freedom] C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
O4 - HKLM\..\Run: [TraySantaCruz] C:\WINDOWS\system32\tbctray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HPAiODevice(hp officejet g series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {01010200-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Installer) - http://supportcenter...ad/tgctlins.cab
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://supportsoft.a...ad/tgctlins.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst20040510.cab
O16 - DPF: {E53458D2-5A83-4BD1-8DE2-EEEBE73BAB77} - http://dinet.info/n/us26/n.cab
O20 - AppInit_DLLs: dxclib303562752.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\BFU\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DF5Serv - Faronics Corporation - C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 9:25:55 PM 4/11/2007

+ Scan result:

C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116099.exe -> Adware.180Solutions : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116101.exe -> Adware.180Solutions : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115700.exe -> Adware.888Bar : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115737.exe -> Adware.888Bar : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116756.exe -> Adware.888Bar : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116810.exe -> Adware.888Bar : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116855.exe -> Adware.888Bar : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116919.exe -> Adware.888Bar : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116755.dll -> Adware.Bar888 : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116879.dll -> Adware.Bar888 : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116918.dll -> Adware.Bar888 : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0117629.dll -> Adware.CommAd : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0117630.exe -> Adware.CommAd : No action taken.
C:\Program Files\DeluxeCommunications -> Adware.DeluxeCommunications : No action taken.
C:\Program Files\DeluxeCommunications\DxcBho.dll -> Adware.DeluxeCommunications : No action taken.
C:\Program Files\DeluxeCommunications\DxcCore.dll -> Adware.DeluxeCommunications : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{A8BD6820-6ED7-423E-9558-2D1486B0FEEA} -> Adware.DeluxeCommunications : No action taken.
HKLM\SOFTWARE\DeluxeCommunications -> Adware.DeluxeCommunications : No action taken.
HKLM\SOFTWARE\DeluxeCommunications\Internet Explorer -> Adware.DeluxeCommunications : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\DeluxeCommunications -> Adware.DeluxeCommunications : No action taken.
HKU\S-1-5-21-1390067357-152049171-854245398-1003\Software\DeluxeCommunications -> Adware.DeluxeCommunications : No action taken.
HKU\S-1-5-21-1390067357-152049171-854245398-1003\Software\DeluxeCommunications\Internet Explorer -> Adware.DeluxeCommunications : No action taken.
HKU\S-1-5-21-1390067357-152049171-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Run\\DeluxeCommunications -> Adware.DeluxeCommunications : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116085.exe -> Adware.HotBar : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116086.dll -> Adware.HotBar : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116089.exe -> Adware.HotBar : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116091.dll -> Adware.HotBar : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116094.exe -> Adware.HotBar : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116095.dll -> Adware.HotBar : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116097.exe -> Adware.HotBar : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116100.dll -> Adware.Hotbar : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116732.dll -> Adware.HotBar : No action taken.
C:\Documents and Settings\Andrew & Evan\Shared\finepix veiwer.exe -> Adware.Lop : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115629.dll -> Adware.NewDotNet : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116862.exe -> Adware.NewDotNet : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116863.exe -> Adware.NewDotNet : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116874.dll -> Adware.NewDotNet : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP538\A0117236.exe -> Adware.NewDotNet : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP538\A0117237.exe -> Adware.NewDotNet : No action taken.
C:\WINDOWS\system32\bund1\ClientBundle1.exe -> Adware.NewDotNet : No action taken.
C:\WINDOWS\system32\micro1\a1.exe -> Adware.NewDotNet : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP538\A0117238.exe -> Adware.Pesttrap : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115869.dll -> Adware.PurityScan : No action taken.
HKLM\SOFTWARE\Clickspring -> Adware.PurityScan : No action taken.
C:\Program Files\Common Files\{18188459-05CB-1033-0802-010402010001}\Update.exe -> Adware.Softomate : No action taken.
C:\RECYCLER\S-1-5-18\Dc1\Update.exe -> Adware.Softomate : No action taken.
C:\RECYCLER\S-1-5-18\Dc1\system.dll -> Adware.Softomate : No action taken.
C:\RECYCLER\S-1-5-21-1390067357-152049171-854245398-1003\Dc2\Update.exe -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115679.exe -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115744.dll -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115745.exe -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115841.dll -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115842.exe -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116821.dll -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116822.exe -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116823.dll -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116824.exe -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116870.dll -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116871.exe -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116925.dll -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116926.exe -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116927.dll -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116928.exe -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP539\A0117275.dll -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP539\A0117276.exe -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117397.dll -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117398.exe -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP538\A0117239.exe -> Adware.Spysheriff : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP542\A0118702.dll -> Adware.SurfSide : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116773.exe -> Adware.Systemdoctor : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116774.dll -> Adware.Systemdoctor : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116775.exe -> Adware.Systemdoctor : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116787.exe -> Adware.Systemdoctor : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116788.exe -> Adware.Systemdoctor : No action taken.
C:\Program Files\SystemDoctor 2006 Free -> Adware.SystemDoctor2006 : No action taken.
C:\Program Files\SystemDoctor 2006 Free\hisbh.xml -> Adware.SystemDoctor2006 : No action taken.
C:\Program Files\SystemDoctor 2006 Free\lock.dat -> Adware.SystemDoctor2006 : No action taken.
C:\Program Files\SystemDoctor 2006 Free\sr.log -> Adware.SystemDoctor2006 : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116830.dll -> Adware.TargetServer : No action taken.
C:\Documents and Settings\Terry Corn\Desktop\backups\backup-20070409-140758-799.dll -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115630.dll -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115701.exe -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115712.dll -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115738.exe -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\snapshot\MFEX-1.DAT -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116761.exe -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116762.dll -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116779.dll -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116813.exe -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116834.dll -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116857.exe -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116873.dll -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116947.exe -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0117148.dll -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0117165.exe -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0117174.dll -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP538\A0117214.exe -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP538\A0117245.dll -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP538\A0117267.exe -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP539\snapshot\MFEX-1.DAT -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117300.dll -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117345.exe -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117350.dll -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117368.exe -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117376.dll -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117393.exe -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117401.dll -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117422.dll -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\A0117556.exe -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP540\snapshot\MFEX-1.DAT -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0117570.dll -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0117594.exe -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0117600.dll -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0117617.exe -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0117622.dll -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0118653.dll -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\snapshot\MFEX-1.DAT -> Adware.TTC : No action taken.
C:\WINDOWS\VTTC.exe -> Adware.TTC : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115714.exe -> Adware.WebHancer : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115715.dll -> Adware.WebHancer : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP535\A0115716.dll -> Adware.WebHancer : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116713.exe -> Adware.WebHancer : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116714.dll -> Adware.WebHancer : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116716.exe -> Adware.WebHancer : No action taken.
HKU\S-1-5-21-1390067357-152049171-854245398-1003\Software\ToolBar -> Adware.WebSearch : No action taken.
HKU\S-1-5-21-1390067357-152049171-854245398-1003\Software\ToolBar\all -> Adware.WebSearch : No action taken.
HKU\S-1-5-21-1390067357-152049171-854245398-1003\Software\ToolBar\all\History -> Adware.WebSearch : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP537\A0116786.exe -> Adware.WinFixer : No action taken.
C:\Documents and Settings\Terry Corn\Desktop\backups\backup-20070409-140758-851.dll -> Adware.ZQuest : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP541\A0118652.dll -> Adware.ZQuest : No action taken.
C:\WINDOWS\system32\micro1\a3.exe -> Adware.ZQuest : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP542\A0118698.exe -> Downloader.Agent.bca : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP542\A0118692.exe -> Dropper.VB.lu : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP542\A0118693.exe -> Dropper.VB.lu : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP542\A0118694.exe -> Dropper.VB.lu : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP542\A0118695.exe -> Dropper.VB.lu : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP542\A0118696.exe -> Dropper.VB.lu : No action taken.
C:\WINDOWS\Downloaded Program Files\USDR6_7777_BHLP0611NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.q : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP534\A0115329.exe -> Not-A-Virus.Hoax.Win32.Renos.eo : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP538\A0117235.exe -> Not-A-Virus.Monitor.Win32.NetMon.a : No action taken.
:mozilla.60:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.11:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.12:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.13:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.14:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.210:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.211:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.213:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.214:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.215:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.216:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.217:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.218:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.460:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.468:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@cbs.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@powellsbooks.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@nike.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
:mozilla.195:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.196:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.198:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.200:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@adbrite[1].txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@ads.addynamix[2].txt -> TrackingCookie.Addynamix : No action taken.
C:\Documents and Settings\LocalService\Cookies\system@ads.addynamix[1].txt -> TrackingCookie.Addynamix : No action taken.
:mozilla.137:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.138:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Adjuggler : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@ad.admarketplace[1].txt -> TrackingCookie.Admarketplace : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@admarketplace[1].txt -> TrackingCookie.Admarketplace : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@www.adobe[1].txt -> TrackingCookie.Adobe : No action taken.
:mozilla.42:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.43:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.44:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.45:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.46:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.47:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.48:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.694:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.695:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@adrevolver[3].txt -> TrackingCookie.Adrevolver : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@adrevolver[1].txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.10:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.11:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.13:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.8:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.9:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@advertising[1].txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@advertising[2].txt -> TrackingCookie.Advertising : No action taken.
:mozilla.12:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.38:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@bfast[2].txt -> TrackingCookie.Bfast : No action taken.
:mozilla.572:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@bluestreak[1].txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@bluestreak[1].txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.621:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Bridgetrack : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@citi.bridgetrack[2].txt -> TrackingCookie.Bridgetrack : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@citi.bridgetrack[2].txt -> TrackingCookie.Bridgetrack : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : No action taken.
:mozilla.149:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.37:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.38:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.40:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@burstnet[1].txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@burstnet[2].txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@www.burstnet[1].txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.142:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.143:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.144:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.145:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.146:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@casalemedia[2].txt -> TrackingCookie.Casalemedia : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@casalemedia[1].txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.630:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.631:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@cz3.clickzs[1].txt -> TrackingCookie.Clickzs : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@cz7.clickzs[2].txt -> TrackingCookie.Clickzs : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@cz8.clickzs[2].txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.659:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Com : No action taken.
:mozilla.71:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@com[1].txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@connextra[2].txt -> TrackingCookie.Connextra : No action taken.
:mozilla.78:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Cpvfeed : No action taken.
:mozilla.79:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Cpvfeed : No action taken.
:mozilla.80:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Cpvfeed : No action taken.
:mozilla.81:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Cpvfeed : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : No action taken.
C:\Documents and Settings\LocalService\Cookies\system@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : No action taken.
:mozilla.340:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Dealtime : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@dealtime[2].txt -> TrackingCookie.Dealtime : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@stat.dealtime[2].txt -> TrackingCookie.Dealtime : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@stat.dealtime[1].txt -> TrackingCookie.Dealtime : No action taken.
:mozilla.39:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@doubleclick[2].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wfkoqpcpefo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wfkouhczwhq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wfkysjajmho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wfl4ciczikp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wjk4ckdjwko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wjkoegc5ihp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wjkowkdpolo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wjkyokdjmlo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wjliciczgep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wjligldjakq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wjlyamdpogo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@e-2dj6wjlyaoc5alq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.688:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@as-eu.falkag[2].txt -> TrackingCookie.Falkag : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@as-us.falkag[2].txt -> TrackingCookie.Falkag : No action taken.
C:\Documents and Settings\LocalService\Cookies\system@as-eu.falkag[2].txt -> TrackingCookie.Falkag : No action taken.
:mozilla.111:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.112:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.15:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.16:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.29:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.30:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.31:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.32:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\LocalService\Cookies\system@findwhat[2].txt -> TrackingCookie.Findwhat : No action taken.
:mozilla.58:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Fortunecity : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@tracking.g3x[1].txt -> TrackingCookie.G3x : No action taken.
:mozilla.476:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.571:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.611:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@ehg-bestbuy.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@ehg-bizjournals.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@ehg-hollywoodmedia.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@ehg-gamespyinc.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@ehg-hollywoodmedia.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.500:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Idot : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@idot[1].txt -> TrackingCookie.Idot : No action taken.
:mozilla.635:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken.
:mozilla.636:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@searchportal.information[2].txt -> TrackingCookie.Information : No action taken.
:mozilla.465:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Linksynergy : No action taken.
:mozilla.466:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Linksynergy : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@linksynergy[1].txt -> TrackingCookie.Linksynergy : No action taken.
:mozilla.139:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.140:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.141:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.692:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.693:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@sales.liveperson[2].txt -> TrackingCookie.Liveperson : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@image.masterstats[1].txt -> TrackingCookie.Masterstats : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@image.masterstats[1].txt -> TrackingCookie.Masterstats : No action taken.
:mozilla.78:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.79:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@mediaplex[2].txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@mediaplex[2].txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.371:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Msn : No action taken.
:mozilla.372:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Msn : No action taken.
:mozilla.373:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Msn : No action taken.
:mozilla.377:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Msn : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@search.msn[1].txt -> TrackingCookie.Msn : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@search.msn[1].txt -> TrackingCookie.Msn : No action taken.
:mozilla.273:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : No action taken.
:mozilla.430:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Netflame : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : No action taken.
:mozilla.107:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.423:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.454:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.455:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.456:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@data3.perf.overture[1].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@overture[2].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@perf.overture[1].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@overture[2].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@perf.overture[1].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@www.paypal[1].txt -> TrackingCookie.Paypal : No action taken.
:mozilla.61:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.62:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.63:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.64:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.680:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.681:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.685:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@ads.pointroll[1].txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@ads.pointroll[2].txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@qksrv[2].txt -> TrackingCookie.Qksrv : No action taken.
:mozilla.109:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.110:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.124:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.125:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@questionmarket[2].txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@questionmarket[1].txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@real[2].txt -> TrackingCookie.Real : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@www.real[1].txt -> TrackingCookie.Real : No action taken.
:mozilla.111:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.49:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.50:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.51:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@realmedia[1].txt -> TrackingCookie.Realmedia : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@realmedia[1].txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.450:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@revenue[2].txt -> TrackingCookie.Revenue : No action taken.
:mozilla.100:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.101:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.102:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.103:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.104:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.105:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.106:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.107:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.108:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.109:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.112:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.113:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.114:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.115:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@revsci[2].txt -> TrackingCookie.Revsci : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@revsci[1].txt -> TrackingCookie.Revsci : No action taken.
:mozilla.201:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.202:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.203:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.204:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.205:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@edge.ru4[2].txt -> TrackingCookie.Ru4 : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@edge.ru4[1].txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.380:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.381:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.383:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.385:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.386:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.574:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.642:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.643:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.665:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.666:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.705:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@starware[2].txt -> TrackingCookie.Starware : No action taken.
:mozilla.307:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.308:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.312:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.317:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@statcounter[1].txt -> TrackingCookie.Statcounter : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@statcounter[2].txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.130:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.33:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.34:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.35:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.36:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.41:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.661:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@anad.tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@anat.tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@tacoda[2].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@anad.tacoda[2].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@anat.tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@tacoda[2].txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.161:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.131:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.132:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.133:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.134:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.135:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.136:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.137:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.138:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.139:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@trafficmp[2].txt -> TrackingCookie.Trafficmp : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@trafficmp[1].txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.125:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Trafic : No action taken.
:mozilla.126:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.133:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.147:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.50:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Valuead : No action taken.
:mozilla.51:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Valuead : No action taken.
:mozilla.52:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Valuead : No action taken.
:mozilla.53:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Valuead : No action taken.
:mozilla.54:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Valuead : No action taken.
:mozilla.55:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Valuead : No action taken.
:mozilla.333:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Web-stat : No action taken.
:mozilla.335:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Web-stat : No action taken.
:mozilla.336:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Web-stat : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@webstat[1].txt -> TrackingCookie.Web-stat : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@m.webtrends[1].txt -> TrackingCookie.Webtrends : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@m.webtrends[1].txt -> TrackingCookie.Webtrends : No action taken.
:mozilla.359:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.407:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.410:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.411:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.412:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.413:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@free.wegcash[2].txt -> TrackingCookie.Wegcash : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@programs.wegcash[2].txt -> TrackingCookie.Wegcash : No action taken.
:mozilla.44:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.45:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.46:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.47:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.48:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.49:C:\Documents and Settings\Terry Corn\Application Data\Mozilla\Firefox\Profiles\fubm5j4i.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.77:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.80:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.81:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.82:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.83:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.84:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.85:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.86:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.91:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.92:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.93:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.94:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.95:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.149:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.150:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.151:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.152:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.153:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.154:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.155:C:\Documents and Settings\Andrew Corn\Application Data\Mozilla\Firefox\Profiles\j712x32h.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
C:\Documents and Settings\Andrew & Evan\Cookies\andrew & evan@zedo[2].txt -> TrackingCookie.Zedo : No action taken.
C:\Documents and Settings\Andrew Corn\Cookies\andrew corn@zedo[2].txt -> TrackingCookie.Zedo : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP542\A0118697.exe -> Trojan.Obfuscated.en : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP542\A0118699.vbs -> Trojan.Small : No action taken.
C:\System Volume Information\_restore{A42E15E2-C712-416B-A8E9-526ECA370114}\RP542\A0118700.exe -> Trojan.Small.mf : No action taken.

::Report end

#6 LDTate

Grand Poobah

Root Admin
57,211 posts

Posted 11 April 2007 - 08:03 PM

Note: This will remove all previous Restore Points

Turn off System Restore:

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

Restart your computer, turn it back on.

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Remove the Check Turn off System Restore.
Click Apply, and then click OK.

Next:

Please download ATF Cleaner by Atribune.
Download - ATF Cleaner»

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

(If you use FireFox or the Opera browser
To keep saved passwords, click No at the prompt.)

It's normal after running ATF cleaner that the PC will be slower to boot the first time.

[*]Reboot your computer into SafeMode. You can do this by restarting
your computer and continually tapping the F8 key until a menu appears.

Use your up arrow key to highlight SafeMode then hit enter.
IMPORTANT: Do not open any other windows or
programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
[*]Lauch AVG Anti-Spyware by double-clicking the icon on your desktop.
[*]Select the "Scanner" icon at the top and then the "Scan" tab
then click on "Complete System Scan".
[*]ewido will now begin the scanning process, be patient this may take a little
time.
Once the scan is complete do the following:
[*]If you have any infections you will prompted, then select "Apply all
actions"
[*]Next select the "Reports" icon at the top.
[*]Select the "Save report as" button in the lower left hand of the
screen and save it to a text file on your system (make sure to remember where
you saved that file, this is important).
[*]Close AVG Anti-Spyware and reboot your system back into Normal Mode and post the
results of the AVG Anti-Spyware report scan along with a new HijackThis log.
[/list]

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

If you would like to for the help you received.

Proud graduate of TC/WTT Classroom

#7 G35

New Member

New Member
5 posts

Posted 11 April 2007 - 09:57 PM

Hey LD Tate,
Things look clear on the scan but you will need to check the hijack log. I do have this one continuing issue on startup I get this information box that states " RTL unable to start driver for hpoipm07.exe" I can click on it but it will not go away and it was not fixed by this last clean up. Any suggestions? Here are the logs:

AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 11:38:33 PM 4/11/2007

+ Scan result:

Nothing found.

::Report end

Logfile of HijackThis v1.99.1
Scan saved at 11:44:47 PM, on 4/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Nhksrv.exe
C:\BFU\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
C:\WINDOWS\MMKeybd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Netropa\OSD.exe
C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe
C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
C:\WINDOWS\system32\tbctray.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Terry Corn\Desktop\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://comcast.net/
R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Zero Knowledge\Freedom\pkR.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ZKBho Class - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\MMKeybd.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe"
O4 - HKLM\..\Run: [Freedom] C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
O4 - HKLM\..\Run: [TraySantaCruz] C:\WINDOWS\system32\tbctray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HPAiODevice(hp officejet g series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {01010200-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Installer) - http://supportcenter...ad/tgctlins.cab
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://supportsoft.a...ad/tgctlins.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst20040510.cab
O16 - DPF: {E53458D2-5A83-4BD1-8DE2-EEEBE73BAB77} - http://dinet.info/n/us26/n.cab
O20 - AppInit_DLLs: dxclib303562752.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\BFU\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DF5Serv - Faronics Corporation - C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

#8 LDTate

Grand Poobah

Root Admin
57,211 posts

Posted 12 April 2007 - 03:35 PM

" RTL unable to start driver for hpoipm07.exe"

Try re-installing your HP Printer.

I suggest you do this:

Please do not delete anything unless instructed to.

1.Click Start > Settings > Control Panel.
2.Next, open Add/Remove Programs and remove if listed:
Viewpoint Manager

Run hijackthis. Hit None of the above, Click Do a System Scan Only. Put a Check in the box on the left side on these:

R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - (no file)
O4 - HKLM\..\Run: [LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe"
O20 - AppInit_DLLs: dxclib303562752.dll
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

Close ALL windows and browsers except HijackThis and click "Fix checked"

Next:

1. launch Notepad (Start>All Programs>Accessories), and copy/paste all the BOLD REGEDIT below to it. Don't forget to include REGEDIT4.
Save in: Desktop
File Name: fixme.reg
Save as Type: All files
Click: Save

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

2. Save this text as fixme.reg. Make sure the "Save as type:" is "All Files (*.*)" and save it to your desktop. Include the word REGEDIT4

3. Double-click on fixme.reg. When it asks you to merge the information to the registry click Yes.

4.Empty Recycle Bin

Reboot and "copy/paste" a new log file into this thread.
Also please describe how your computer behaves at the moment.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

If you would like to for the help you received.

Proud graduate of TC/WTT Classroom

#9 LDTate

Grand Poobah

Root Admin
57,211 posts

Posted 15 April 2007 - 06:35 AM

How are you doing with the fix?

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

If you would like to for the help you received.

Proud graduate of TC/WTT Classroom

#10 G35

New Member

New Member
5 posts

Posted 15 April 2007 - 04:07 PM

LD,

Sorry for delay in getting back to you but I have been out of town. I was able to remove the Viewpoint Manager and to run the hijackthis like you requested checking the correct lines then clicking the Fix checked. After this I lost my mind and could not follow the rest of your instructions. I am sure it is simple but sometimes I just get locked up and can't get going no matter how many times I start over. Also, I tried to delete my HP Printer to reinstall the software but when I went to add and delete programs and clicked on it it would not let me remove the program so I could reinstall it.

I ran another AVG scan in safe mode it was still clear. Here is my latest. hijackthis log.

Thanks again for your time,
Terry

Logfile of HijackThis v1.99.1
Scan saved at 5:46:26 PM, on 4/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Nhksrv.exe
C:\BFU\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
C:\WINDOWS\MMKeybd.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Netropa\OSD.exe
C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
C:\WINDOWS\system32\tbctray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Terry Corn\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://comcast.net/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Zero Knowledge\Freedom\pkR.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ZKBho Class - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\MMKeybd.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [Freedom] C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
O4 - HKLM\..\Run: [TraySantaCruz] C:\WINDOWS\system32\tbctray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HPAiODevice(hp officejet g series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {01010200-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Installer) - http://supportcenter...ad/tgctlins.cab
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://supportsoft.a...ad/tgctlins.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst20040510.cab
O16 - DPF: {E53458D2-5A83-4BD1-8DE2-EEEBE73BAB77} - http://dinet.info/n/us26/n.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\BFU\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DF5Serv - Faronics Corporation - C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe

#11 LDTate

Grand Poobah

Root Admin
57,211 posts

Posted 15 April 2007 - 04:12 PM

I tried to delete my HP Printer to reinstall the software but when I went to add and delete programs and clicked on it it would not let me remove the program so I could reinstall it.

If you are you still getting that error, then put the HP printer CD in the CD drive and let it install.

Log looks good:

Double-click My Computer.
Click the Tools menu, and then click Folder Options.
Click the View tab.
Check "Hide file extensions for known file types."
Under the "Hidden files" folder, Uncheck "Show hidden files and folders."
Check "Hide protected operating system files."
Click Apply, and then click OK.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

If you would like to for the help you received.

Proud graduate of TC/WTT Classroom

#12 LDTate

Grand Poobah

Root Admin
57,211 posts

Posted 22 April 2007 - 08:47 PM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

Coyote's Installed programs for prevention:

http://forums.tomcoy...showtopic=31418

The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online.

Visit the CoyoteStore http://TomCoyote.org/coyotestore.php

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

If you would like to for the help you received.

Proud graduate of TC/WTT Classroom

Body Background

skin color theme