Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93112 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Baseline Hi Jack Log

Started by Howard Atkins , Apr 19 2007 11:41 PM

  • Please log in to reply
15 replies to this topic

#1 Howard Atkins

Howard Atkins

    New Member

  • New Member
  • Pip
  • 8 posts

Posted 19 April 2007 - 11:41 PM

Hijacks for these and other sites

http://www.errorprot...71BA6964213C7D4
http://www.winantivi...71BA6964213C7D4
http://www.amaena.co...71BA6964213C7D4

Firefox crashes which it never did before

Logfile of HijackThis v1.99.1
Scan saved at 08:39:35, on 20/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\Program Files\Retrospect\Retrospect 7.5\retrorun.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\Program Files\IBM ThinkVantage\Common\Logger\logmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Howard\Desktop\security\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: _URLHandler - {FA1CC83B-E99A-45C2-B2F7-5CE576B7953A} - C:\PROGRA~1\X-RAYF~1\INSTAN~1\sfquick.dll
R3 - URLSearchHook: Israel Radio Toolbar - {5dc2c36d-747c-4fee-8bc3-e86c21981440} - C:\Program Files\Israel_Radio\tbIsra.dll
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~2\fdiebar.dll
O3 - Toolbar: Israel Radio Toolbar - {5dc2c36d-747c-4fee-8bc3-e86c21981440} - C:\Program Files\Israel_Radio\tbIsra.dll
O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [PrintDrive] rundll32.exe "C:\WINDOWS\system32\hmlnqhte.dll",setvm
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\IBM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FreshDownload - {A5D8A5B6-BCEA-4CDB-94AC-1710B52974C7} - C:\Program Files\FreshDevices\FreshDownload\fd.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O15 - Trusted Zone: http://onecare.live.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onec...lscbase8300.cab
O16 - DPF: {BDEE1959-AB6B-4745-A29B-F492861102CC} -
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = lan.raviv.com
O17 - HKLM\Software\..\Telephony: DomainName = lan.raviv.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = lan.raviv.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = lan.raviv.com
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Lenovo PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - EMC Corporation - C:\Program Files\Retrospect\Retrospect 7.5\retrorun.exe
O23 - Service: Retrospect Helper - EMC Corporation - C:\Program Files\Retrospect\Retrospect 7.5\rthlpsvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: System Update (SUService) - - c:\program files\lenovo\system update\suservice.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe
O23 - Service: TVT Backup Service - Unknown owner - C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Unknown owner - C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe

Thank you very much

    Advertisements

Register to Remove

#2 Markka

Markka

    Advanced Member

  • Banned
  • PipPipPipPip
  • 784 posts

Posted 20 April 2007 - 06:33 AM

Hi and welcome to the forums. :) I'm Markka and I will be helping you with your malware issues. I'll check your HijackThis log. Right now I'm MRU Undergrad, everything that I post to you must be checked by teachers of Malware Removal University. Please be patient. :)

#3 Markka

Markka

    Advanced Member

  • Banned
  • PipPipPipPip
  • 784 posts

Posted 20 April 2007 - 01:47 PM

Hello :)

Rename HijackThis.exe to Scanner.exe and after that post a fresh HijackThis log to here :)

#4 Howard Atkins

Howard Atkins

    New Member

  • New Member
  • Pip
  • 8 posts

Posted 20 April 2007 - 03:39 PM

Thank you
I have been trying to remove with spybot and removed winvirus pro but windows would not start and I returned it

Logfile of HijackThis v1.99.1
Scan saved at 00:37:19, on 21/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\Program Files\Retrospect\Retrospect 7.5\retrorun.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\Program Files\IBM ThinkVantage\Common\Logger\logmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Howard\Desktop\security\hijackthis\scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: _URLHandler - {FA1CC83B-E99A-45C2-B2F7-5CE576B7953A} - C:\PROGRA~1\X-RAYF~1\INSTAN~1\sfquick.dll
R3 - URLSearchHook: Israel Radio Toolbar - {5dc2c36d-747c-4fee-8bc3-e86c21981440} - C:\Program Files\Israel_Radio\tbIsra.dll
O2 - BHO: (no name) - {170240F9-734D-425D-805E-5EC427B54A07} - C:\WINDOWS\system32\ursqp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - (no file)
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~2\fdiebar.dll
O3 - Toolbar: Israel Radio Toolbar - {5dc2c36d-747c-4fee-8bc3-e86c21981440} - C:\Program Files\Israel_Radio\tbIsra.dll
O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\IBM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FreshDownload - {A5D8A5B6-BCEA-4CDB-94AC-1710B52974C7} - C:\Program Files\FreshDevices\FreshDownload\fd.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O15 - Trusted Zone: http://onecare.live.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onec...lscbase8300.cab
O16 - DPF: {BDEE1959-AB6B-4745-A29B-F492861102CC} -
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = lan.raviv.com
O17 - HKLM\Software\..\Telephony: DomainName = lan.raviv.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B263F67-4DC7-49F0-8EB4-DF9E1CF82CB6}: NameServer = 212.179.44.3 212.179.44.2
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = lan.raviv.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = lan.raviv.com
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = lan.raviv.com
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: RegCompact - C:\WINDOWS\SYSTEM32\RegCompact.dll
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O20 - Winlogon Notify: ursqp - C:\WINDOWS\system32\ursqp.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: wintsu32 - wintsu32.dll (file missing)
O20 - Winlogon Notify: xxyvwvu - xxyvwvu.dll (file missing)
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Lenovo PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - EMC Corporation - C:\Program Files\Retrospect\Retrospect 7.5\retrorun.exe
O23 - Service: Retrospect Helper - EMC Corporation - C:\Program Files\Retrospect\Retrospect 7.5\rthlpsvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: System Update (SUService) - - c:\program files\lenovo\system update\suservice.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe
O23 - Service: TVT Backup Service - Unknown owner - C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Unknown owner - C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe


Thank you

#5 Markka

Markka

    Advanced Member

  • Banned
  • PipPipPipPip
  • 784 posts

Posted 21 April 2007 - 02:58 AM

Hello :)


Please download VundoFix.exe to your desktop.
  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
  • Please post the contents of C:\vundofix.txt and a new HiJackThis log.
Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.

#6 Howard Atkins

Howard Atkins

    New Member

  • New Member
  • Pip
  • 8 posts

Posted 21 April 2007 - 11:19 PM

Thank you,

after Vundofix hikacks

http://89.188.16.10/......mp;lid=http>
www.systemdoctor.com/download/2006/?p=19&ax=1&ex=1&ed=2&mpt=1177218856&aid=ffnm_ik_ff_ron&lid=http%3E&affid=nm_67298_B78F6FD2E4CD11DBA09F003048895BFC_78209083+F873E073A50F40A2B71BA6964213C7D4
Both in IE 6, Firefox is the default browser and the URL www.israrail.org. was open in firfox but with the IE rendering tool.
Firefox continue to crash, I will disable the IE rendering agent


VundoFix V6.3.19

Checking Java version...

Java version is 1.5.0.2
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Scan started at 21:55:40 20/04/2007

Listing files found while scanning....


VundoFix V6.3.19

Checking Java version...

Java version is 1.5.0.2
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Scan started at 22:50:12 20/04/2007

Listing files found while scanning....

C:\WINDOWS\system32\pqsru.bak2
C:\WINDOWS\system32\pqsru.ini
C:\WINDOWS\system32\pqsru.ini2
C:\WINDOWS\system32\pqsru.tmp
C:\WINDOWS\system32\ursqp.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\pqsru.bak2
C:\WINDOWS\system32\pqsru.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\pqsru.ini
C:\WINDOWS\system32\pqsru.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\pqsru.ini2
C:\WINDOWS\system32\pqsru.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\pqsru.tmp
C:\WINDOWS\system32\pqsru.tmp Has been deleted!

Attempting to delete C:\WINDOWS\system32\ursqp.dll
C:\WINDOWS\system32\ursqp.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\pqsru.ini
C:\WINDOWS\system32\pqsru.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\pqsru.ini2
C:\WINDOWS\system32\pqsru.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\ursqp.dll
C:\WINDOWS\system32\ursqp.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Logfile of HijackThis v1.99.1
Scan saved at 08:04:56, on 22/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\Program Files\Retrospect\Retrospect 7.5\retrorun.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\lenovo\system update\suservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IBM ThinkVantage\Common\Logger\logmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Documents and Settings\Howard\Desktop\security\hijackthis\scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: _URLHandler - {FA1CC83B-E99A-45C2-B2F7-5CE576B7953A} - C:\PROGRA~1\X-RAYF~1\INSTAN~1\sfquick.dll
R3 - URLSearchHook: Israel Radio Toolbar - {5dc2c36d-747c-4fee-8bc3-e86c21981440} - C:\Program Files\Israel_Radio\tbIsra.dll
O2 - BHO: (no name) - {30ECFE5A-E59E-4C48-98C0-4140241955EA} - C:\WINDOWS\system32\ursqp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - (no file)
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~2\fdiebar.dll
O3 - Toolbar: Israel Radio Toolbar - {5dc2c36d-747c-4fee-8bc3-e86c21981440} - C:\Program Files\Israel_Radio\tbIsra.dll
O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\IBM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FreshDownload - {A5D8A5B6-BCEA-4CDB-94AC-1710B52974C7} - C:\Program Files\FreshDevices\FreshDownload\fd.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O15 - Trusted Zone: http://onecare.live.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onec...lscbase8300.cab
O16 - DPF: {BDEE1959-AB6B-4745-A29B-F492861102CC} -
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = lan.raviv.com
O17 - HKLM\Software\..\Telephony: DomainName = lan.raviv.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = lan.raviv.com
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: RegCompact - C:\WINDOWS\SYSTEM32\RegCompact.dll
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O20 - Winlogon Notify: ursqp - C:\WINDOWS\system32\ursqp.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: wintsu32 - wintsu32.dll (file missing)
O20 - Winlogon Notify: xxyvwvu - xxyvwvu.dll (file missing)
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Lenovo PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - EMC Corporation - C:\Program Files\Retrospect\Retrospect 7.5\retrorun.exe
O23 - Service: Retrospect Helper - EMC Corporation - C:\Program Files\Retrospect\Retrospect 7.5\rthlpsvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: System Update (SUService) - - c:\program files\lenovo\system update\suservice.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe
O23 - Service: TVT Backup Service - Unknown owner - C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Unknown owner - C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe

Thanks for the help

#7 Howard Atkins

Howard Atkins

    New Member

  • New Member
  • Pip
  • 8 posts

Posted 21 April 2007 - 11:22 PM

After I posted this hijack
http://www.winantivi...71BA6964213C7D4

Thanks

#8 Markka

Markka

    Advanced Member

  • Banned
  • PipPipPipPip
  • 784 posts

Posted 22 April 2007 - 03:36 AM

Hello :)


Please download VundoFix.exe to your desktop.
  • Double-click VundoFix.exe to run it.
  • Put a check next to Run VundoFix as a task.
  • You will receive a message saying vundofix will close and re-open in a minute or less. Click OK
  • When VundoFix re-opens,Click Scan for Vundo button.
  • Once the scan is complete, Right Click inside the listbox (white box) and click add more files
  • Copy&Paste the 2 entries below into the top 2 boxes

    • C:\WINDOWS\system32\ursqp.dll
    • C:\WINDOWS\system32\pqsru.*
  • Click Add Files and Click Close Window
  • Click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will shutdown your computer, click OK.
  • Turn your computer back on.
  • Please post the contents of C:\vundofix.txt and a new HiJackThis log.

#9 Howard Atkins

Howard Atkins

    New Member

  • New Member
  • Pip
  • 8 posts

Posted 22 April 2007 - 05:55 AM

Hello

I could not find any way of "Put a check next to Run VundoFix as a task."
I ran the fix added the files and with the reboot windows did not load properly. I tried last know configuration and this did not boot properly.
I did a system restore to about 3 hours before this and ran Vundofix again added the files and the computer booted ok

undoFix V6.3.19

Checking Java version...

Java version is 1.5.0.2
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Scan started at 21:55:40 20/04/2007

Listing files found while scanning....


VundoFix V6.3.19

Checking Java version...

Java version is 1.5.0.2
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Scan started at 22:50:12 20/04/2007

Listing files found while scanning....

C:\WINDOWS\system32\pqsru.bak2
C:\WINDOWS\system32\pqsru.ini
C:\WINDOWS\system32\pqsru.ini2
C:\WINDOWS\system32\pqsru.tmp
C:\WINDOWS\system32\ursqp.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\pqsru.bak2
C:\WINDOWS\system32\pqsru.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\pqsru.ini
C:\WINDOWS\system32\pqsru.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\pqsru.ini2
C:\WINDOWS\system32\pqsru.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\pqsru.tmp
C:\WINDOWS\system32\pqsru.tmp Has been deleted!

Attempting to delete C:\WINDOWS\system32\ursqp.dll
C:\WINDOWS\system32\ursqp.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\pqsru.ini
C:\WINDOWS\system32\pqsru.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\pqsru.ini2
C:\WINDOWS\system32\pqsru.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\ursqp.dll
C:\WINDOWS\system32\ursqp.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.3.19

Checking Java version...

Java version is 1.5.0.2
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Scan started at 12:53:11 22/04/2007

Listing files found while scanning....

C:\WINDOWS\system32\pqsru.bak1
C:\WINDOWS\system32\pqsru.ini
C:\WINDOWS\system32\pqsru.ini2
C:\WINDOWS\system32\pqsru.tmp
C:\WINDOWS\system32\ursqp.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\pqsru.bak1
C:\WINDOWS\system32\pqsru.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\pqsru.ini
C:\WINDOWS\system32\pqsru.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\pqsru.ini2
C:\WINDOWS\system32\pqsru.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\pqsru.tmp
C:\WINDOWS\system32\pqsru.tmp Has been deleted!

Attempting to delete C:\WINDOWS\system32\ursqp.dll
C:\WINDOWS\system32\ursqp.dll Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.3.19

Checking Java version...

Java version is 1.5.0.2
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Scan started at 14:18:04 22/04/2007

Listing files found while scanning....


VundoFix V6.3.19

Checking Java version...

Java version is 1.5.0.2
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Scan started at 14:21:05 22/04/2007

Listing files found while scanning....


VundoFix V6.3.19

Checking Java version...

Java version is 1.5.0.2
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Scan started at 14:25:11 22/04/2007

Listing files found while scanning....

C:\WINDOWS\system32\pqsru.bak1
C:\WINDOWS\system32\pqsru.ini
C:\WINDOWS\system32\ursqp.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\pqsru.bak1
C:\WINDOWS\system32\pqsru.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\pqsru.ini
C:\WINDOWS\system32\pqsru.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\ursqp.dll
C:\WINDOWS\system32\ursqp.dll Has been deleted!

Performing Repairs to the registry.
Done!


Logfile of HijackThis v1.99.1
Scan saved at 14:52:02, on 22/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
C:\Program Files\IBM ThinkVantage\Rescue and Recovery\br_funcs.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.EXE
C:\Program Files\Symantec AntiVirus\DoScan.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Documents and Settings\Howard\Desktop\security\hijackthis\scanner.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\IBM ThinkVantage\Common\Logger\logmon.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: _URLHandler - {FA1CC83B-E99A-45C2-B2F7-5CE576B7953A} - C:\PROGRA~1\X-RAYF~1\INSTAN~1\sfquick.dll
R3 - URLSearchHook: Israel Radio Toolbar - {5dc2c36d-747c-4fee-8bc3-e86c21981440} - C:\Program Files\Israel_Radio\tbIsra.dll
O2 - BHO: (no name) - {1FCAC625-57BE-4308-9A37-6A87097B3DB3} - C:\WINDOWS\system32\ursqp.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - (no file)
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~2\fdiebar.dll
O3 - Toolbar: Israel Radio Toolbar - {5dc2c36d-747c-4fee-8bc3-e86c21981440} - C:\Program Files\Israel_Radio\tbIsra.dll
O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\IBM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FreshDownload - {A5D8A5B6-BCEA-4CDB-94AC-1710B52974C7} - C:\Program Files\FreshDevices\FreshDownload\fd.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O15 - Trusted Zone: http://onecare.live.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onec...lscbase8300.cab
O16 - DPF: {BDEE1959-AB6B-4745-A29B-F492861102CC} -
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = lan.raviv.com
O17 - HKLM\Software\..\Telephony: DomainName = lan.raviv.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = lan.raviv.com
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: RegCompact - C:\WINDOWS\SYSTEM32\RegCompact.dll
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: wintsu32 - wintsu32.dll (file missing)
O20 - Winlogon Notify: xxyvwvu - xxyvwvu.dll (file missing)
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Lenovo PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: System Update (SUService) - - c:\program files\lenovo\system update\suservice.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe
O23 - Service: TVT Backup Service - Unknown owner - C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Unknown owner - C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
O23 - Service: Windows Live OneCare (winss) - Unknown owner - C:\Program Files\Microsoft Windows OneCare Live\winss.exe (file missing)



Thanks again for all you trouble

All the best

#10 Markka

Markka

    Advanced Member

  • Banned
  • PipPipPipPip
  • 784 posts

Posted 23 April 2007 - 06:19 AM

Hello :)


Please download AVG Anti-Spyware to your Desktop or to your usual Download Folder.
http://www.ewido.net/en/download/
  • Install AVG Anti-Spyware by double clicking the installer.
  • Follow the prompts. Make sure that Launch AVG Anti-Spyware is checked.
  • On the main screen under Your Computer's security.
    • Click on Change state next to Resident shield. It should now change to inactive.
    • Click on Change state next to Automatic updates. It should now change to inactive.
    • Next to Last Update, click on Update now. (You will need an active internet connection to perform this)
    • Wait until you see the Update succesfull message.
  • Right-click the AVG Anti-Spyware Tray Icon and uncheck Start with Windows.
  • Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
If you are having problems with the updater, you can use this link to manually update ewido.
AVG Anti-Spyware manual updates.
Download the Full database to your Desktop or to your usual Download Folder and install it by double clicking the file. Make sure that AVG Anti-Spyware is closed before installing the update.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Open HijackThis, Click Do a system scan only, checkmark these. Then close all others windows except HijackThis and press fix checked.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: _URLHandler - {FA1CC83B-E99A-45C2-B2F7-5CE576B7953A} - C:\PROGRA~1\X-RAYF~1\INSTAN~1\sfquick.dll
O2 - BHO: (no name) - {1FCAC625-57BE-4308-9A37-6A87097B3DB3} - C:\WINDOWS\system32\ursqp.dll (file missing)
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - (no file)
O20 - Winlogon Notify: wintsu32 - wintsu32.dll (file missing)
O20 - Winlogon Notify: xxyvwvu - xxyvwvu.dll (file missing)


Make your hidden files visible:
  • Click start
  • Click my computer
  • Select the Tools menu and click Folder Options.
  • After the new window appears select the View tab.
  • Put a checkmark in the checkbox labeled Display the contents of system folders.
  • Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
  • Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
  • Remove the checkmark from the checkbox labeled Hide protected operating system files.
  • Press the Apply button and then the OK button and shutdown My Computer.

Please download ATF-cleaner and save it to your desktop.
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main choose: Select All
  • Click the Empty Selected button.

    If you use Firefox browser:

  • Click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.

    If you use Opera browser:

  • Click Opera at the top and choose: Select All
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.

Please then reboot your computer in Safe Mode by doing the following:
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, the Advanced Options Menu should appear;
  • Select the first option, to run Windows in Safe Mode, then press Enter.
  • Choose your usual account.

Delete this file: (if found)
C:\Program files\X-RAYF~1\INSTAN~1\sfquick.dll


Close ALL open Windows / Programs / Folders. Please start AVG Anti-Spyware and run a full scan.
  • Click on Scanner on the toolbar.
  • Click on the Settings tab.
    • Under How to act?
      • Click on Recommended Action and choose Quarantine from the popup menu.
    • Under How to scan?
      • All checkboxes should be ticked.
    • Under Possibly unwanted software:
      • All checkboxes should be ticked.
    • Under Reports:
      • Select Automatically generate report after every scan and uncheck Only if threats were found.
    • Under What to scan?
      • Select Scan every file.
  • Click on the Scan tab.
  • Click on Complete System Scan to start the scan process.
  • Let the program scan the machine.
  • When the scan has finished, follow the instructions below.
    IMPORTANT : Don't click on the "Save Scan Report" button before you did hit the "Apply all Actions" button.
    • Make sure that Set all elements to: shows Quarantine (1), if not click on the link and choose Quarantine from the popup menu. (2)
    • At the bottom of the window click on the Apply all Actions button. (3)
      Posted Image
  • When done, click the Save Scan Report button. (4)
    • Click the Save Report as button.
    • Save the report to your Desktop.
  • Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
Reboot in Normal Mode.



Post:
- A fresh HijackThis log
- AVG's log

    Advertisements

Register to Remove

#11 Howard Atkins

Howard Atkins

    New Member

  • New Member
  • Pip
  • 8 posts

Posted 24 April 2007 - 09:15 AM

Thaqnk you for your continual help

Logfile of HijackThis v1.99.1
Scan saved at 18:10:04, on 24/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Symantec AntiVirus\DoScan.exe
C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\Program Files\IBM ThinkVantage\Common\Logger\logmon.exe
C:\Documents and Settings\Howard\Desktop\security\hijackthis\scanner.exe

R3 - URLSearchHook: Israel Radio Toolbar - {5dc2c36d-747c-4fee-8bc3-e86c21981440} - C:\Program Files\Israel_Radio\tbIsra.dll
O2 - BHO: (no name) - {1FCAC625-57BE-4308-9A37-6A87097B3DB3} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~2\fdiebar.dll
O3 - Toolbar: Israel Radio Toolbar - {5dc2c36d-747c-4fee-8bc3-e86c21981440} - C:\Program Files\Israel_Radio\tbIsra.dll
O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\IBM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FreshDownload - {A5D8A5B6-BCEA-4CDB-94AC-1710B52974C7} - C:\Program Files\FreshDevices\FreshDownload\fd.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O15 - Trusted Zone: http://onecare.live.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onec...lscbase8300.cab
O16 - DPF: {BDEE1959-AB6B-4745-A29B-F492861102CC} -
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = lan.raviv.com
O17 - HKLM\Software\..\Telephony: DomainName = lan.raviv.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = lan.raviv.com
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: RegCompact - C:\WINDOWS\SYSTEM32\RegCompact.dll
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Lenovo PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: System Update (SUService) - - c:\program files\lenovo\system update\suservice.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe
O23 - Service: TVT Backup Service - Unknown owner - C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Unknown owner - C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
O23 - Service: Windows Live OneCare (winss) - Unknown owner - C:\Program Files\Microsoft Windows OneCare Live\winss.exe (file missing)



---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 17:58:36 24/04/2007

+ Scan result:



:mozilla.502:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.247realmedia : Error during cleaning.
:mozilla.160:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.161:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.161:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.162:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.162:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.163:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.163:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.164:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.164:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.165:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.165:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.166:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.166:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.167:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.167:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.168:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.168:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.169:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.169:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.170:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.170:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.171:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.171:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.172:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.172:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.173:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.173:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.174:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.174:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.175:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.175:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.176:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.176:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.177:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.177:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.178:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.179:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.180:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.181:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.182:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.183:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.184:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.185:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.186:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.187:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.188:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.189:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.190:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.191:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.192:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.193:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.194:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.195:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.196:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.197:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.198:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.199:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.200:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.201:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.202:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.203:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.204:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.205:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.206:C:\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.236:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.313:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.345:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.647:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.710:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.718:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.788:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.844:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.946:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.207:C:\cookies.txt -> TrackingCookie.Abcsearch : Error during cleaning.
:mozilla.561:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Adbrite : Error during cleaning.
:mozilla.562:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Adbrite : Error during cleaning.
:mozilla.587:C:\cookies.txt -> TrackingCookie.Admarketplace : Error during cleaning.
:mozilla.731:C:\cookies.txt -> TrackingCookie.Adobe : Error during cleaning.
:mozilla.732:C:\cookies.txt -> TrackingCookie.Adobe : Error during cleaning.
:mozilla.654:C:\cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.655:C:\cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.656:C:\cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.672:C:\cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.870:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.871:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.573:C:\cookies.txt -> TrackingCookie.Adserver : Error during cleaning.
:mozilla.574:C:\cookies.txt -> TrackingCookie.Adserver : Error during cleaning.
:mozilla.575:C:\cookies.txt -> TrackingCookie.Adserver : Error during cleaning.
:mozilla.576:C:\cookies.txt -> TrackingCookie.Adserver : Error during cleaning.
:mozilla.577:C:\cookies.txt -> TrackingCookie.Adserver : Error during cleaning.
:mozilla.230:C:\cookies.txt -> TrackingCookie.Adtech : Error during cleaning.
:mozilla.231:C:\cookies.txt -> TrackingCookie.Adtech : Error during cleaning.
:mozilla.977:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Adtech : Error during cleaning.
:mozilla.978:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Adtech : Error during cleaning.
:mozilla.179:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.180:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.181:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.182:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.183:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.46:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Atdmt : Error during cleaning.
:mozilla.243:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Bluestreak : Error during cleaning.
:mozilla.26:C:\cookies.txt -> TrackingCookie.Burstnet : Error during cleaning.
:mozilla.27:C:\cookies.txt -> TrackingCookie.Burstnet : Error during cleaning.
:mozilla.100:C:\cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.101:C:\cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.102:C:\cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.103:C:\cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.104:C:\cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.105:C:\cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.778:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.779:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.97:C:\cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.98:C:\cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.99:C:\cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.124:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Castup : Error during cleaning.
:mozilla.289:C:\cookies.txt -> TrackingCookie.Centrport : Error during cleaning.
:mozilla.290:C:\cookies.txt -> TrackingCookie.Centrport : Error during cleaning.
:mozilla.801:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Centrport : Error during cleaning.
:mozilla.293:C:\cookies.txt -> TrackingCookie.Clickbank : Error during cleaning.
:mozilla.590:C:\cookies.txt -> TrackingCookie.Clickhype : Error during cleaning.
:mozilla.178:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Cnn : Error during cleaning.
:mozilla.592:C:\cookies.txt -> TrackingCookie.Cnn : Error during cleaning.
:mozilla.593:C:\cookies.txt -> TrackingCookie.Co : Error during cleaning.
:mozilla.150:C:\cookies.txt -> TrackingCookie.Com : Error during cleaning.
:mozilla.151:C:\cookies.txt -> TrackingCookie.Com : Error during cleaning.
:mozilla.152:C:\cookies.txt -> TrackingCookie.Com : Error during cleaning.
:mozilla.153:C:\cookies.txt -> TrackingCookie.Com : Error during cleaning.
:mozilla.154:C:\cookies.txt -> TrackingCookie.Com : Error during cleaning.
:mozilla.90:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Com : Error during cleaning.
:mozilla.595:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Commission-junction : Error during cleaning.
:mozilla.596:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Commission-junction : Error during cleaning.
:mozilla.45:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Doubleclick : Error during cleaning.
:mozilla.883:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Esomniture : Error during cleaning.
:mozilla.150:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Estat : Error during cleaning.
:mozilla.551:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Euroclick : Error during cleaning.
:mozilla.84:C:\cookies.txt -> TrackingCookie.Falkag : Error during cleaning.
:mozilla.85:C:\cookies.txt -> TrackingCookie.Falkag : Error during cleaning.
:mozilla.86:C:\cookies.txt -> TrackingCookie.Falkag : Error during cleaning.
:mozilla.87:C:\cookies.txt -> TrackingCookie.Falkag : Error during cleaning.
:mozilla.88:C:\cookies.txt -> TrackingCookie.Falkag : Error during cleaning.
:mozilla.89:C:\cookies.txt -> TrackingCookie.Falkag : Error during cleaning.
:mozilla.414:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.415:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.323:C:\cookies.txt -> TrackingCookie.Findwhat : Error during cleaning.
:mozilla.139:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Gemius : Error during cleaning.
:mozilla.140:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Gemius : Error during cleaning.
:mozilla.350:C:\cookies.txt -> TrackingCookie.Gemius : Error during cleaning.
:mozilla.114:C:\cookies.txt -> TrackingCookie.Googleadservices : Error during cleaning.
:mozilla.149:C:\cookies.txt -> TrackingCookie.Googleadservices : Error during cleaning.
:mozilla.279:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Googleadservices : Error during cleaning.
:mozilla.808:C:\cookies.txt -> TrackingCookie.Googleadservices : Error during cleaning.
:mozilla.809:C:\cookies.txt -> TrackingCookie.Googleadservices : Error during cleaning.
:mozilla.810:C:\cookies.txt -> TrackingCookie.Googleadservices : Error during cleaning.
:mozilla.103:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.104:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.105:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.230:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.232:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.547:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.700:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.719:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.722:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.759:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.760:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.794:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.797:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.808:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.839:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.840:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.843:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.860:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.901:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.912:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.264:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Hotlog : Error during cleaning.
:mozilla.100:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Imrworldwide : Error during cleaning.
:mozilla.101:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Imrworldwide : Error during cleaning.
:mozilla.364:C:\cookies.txt -> TrackingCookie.Imrworldwide : Error during cleaning.
:mozilla.365:C:\cookies.txt -> TrackingCookie.Imrworldwide : Error during cleaning.
:mozilla.77:C:\cookies.txt -> TrackingCookie.Intelli-direct : Error during cleaning.
:mozilla.556:C:\cookies.txt -> TrackingCookie.Intelli-tracker : Error during cleaning.
:mozilla.947:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Live : Error during cleaning.
:mozilla.948:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Live : Error during cleaning.
:mozilla.949:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Live : Error during cleaning.
:mozilla.115:C:\cookies.txt -> TrackingCookie.Liveperson : Error during cleaning.
:mozilla.116:C:\cookies.txt -> TrackingCookie.Liveperson : Error during cleaning.
:mozilla.117:C:\cookies.txt -> TrackingCookie.Liveperson : Error during cleaning.
:mozilla.692:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Liveperson : Error during cleaning.
:mozilla.693:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Liveperson : Error during cleaning.
:mozilla.694:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Liveperson : Error during cleaning.
:mozilla.701:C:\cookies.txt -> TrackingCookie.Liveperson : Error during cleaning.
:mozilla.702:C:\cookies.txt -> TrackingCookie.Liveperson : Error during cleaning.
:mozilla.703:C:\cookies.txt -> TrackingCookie.Liveperson : Error during cleaning.
:mozilla.704:C:\cookies.txt -> TrackingCookie.Liveperson : Error during cleaning.
:mozilla.705:C:\cookies.txt -> TrackingCookie.Liveperson : Error during cleaning.
:mozilla.91:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Mediaplex : Error during cleaning.
:mozilla.96:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Mediaplex : Error during cleaning.
:mozilla.695:C:\cookies.txt -> TrackingCookie.Msn : Error during cleaning.
:mozilla.696:C:\cookies.txt -> TrackingCookie.Msn : Error during cleaning.
:mozilla.849:C:\cookies.txt -> TrackingCookie.Myaffiliateprogram : Error during cleaning.
:mozilla.123:C:\cookies.txt -> TrackingCookie.Navrcholu : Error during cleaning.
:mozilla.713:C:\cookies.txt -> TrackingCookie.Onestat : Error during cleaning.
:mozilla.714:C:\cookies.txt -> TrackingCookie.Onestat : Error during cleaning.
:mozilla.715:C:\cookies.txt -> TrackingCookie.Onestat : Error during cleaning.
:mozilla.716:C:\cookies.txt -> TrackingCookie.Onestat : Error during cleaning.
:mozilla.717:C:\cookies.txt -> TrackingCookie.Onestat : Error during cleaning.
:mozilla.718:C:\cookies.txt -> TrackingCookie.Onestat : Error during cleaning.
:mozilla.719:C:\cookies.txt -> TrackingCookie.Onestat : Error during cleaning.
:mozilla.450:C:\cookies.txt -> TrackingCookie.Overture : Error during cleaning.
:mozilla.451:C:\cookies.txt -> TrackingCookie.Overture : Error during cleaning.
:mozilla.455:C:\cookies.txt -> TrackingCookie.Overture : Error during cleaning.
:mozilla.588:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Overture : Error during cleaning.
:mozilla.589:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Overture : Error during cleaning.
:mozilla.590:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Overture : Error during cleaning.
:mozilla.789:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Overture : Error during cleaning.
:mozilla.69:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Paypal : Error during cleaning.
:mozilla.69:C:\cookies.txt -> TrackingCookie.Paypal : Error during cleaning.
:mozilla.226:C:\cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.227:C:\cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.228:C:\cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.229:C:\cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.748:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.749:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.750:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.751:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.323:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Pro-market : Error during cleaning.
:mozilla.324:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Pro-market : Error during cleaning.
:mozilla.325:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Pro-market : Error during cleaning.
:mozilla.462:C:\cookies.txt -> TrackingCookie.Pro-market : Error during cleaning.
:mozilla.463:C:\cookies.txt -> TrackingCookie.Pro-market : Error during cleaning.
:mozilla.464:C:\cookies.txt -> TrackingCookie.Pro-market : Error during cleaning.
:mozilla.465:C:\cookies.txt -> TrackingCookie.Pro-market : Error during cleaning.
:mozilla.466:C:\cookies.txt -> TrackingCookie.Qksrv : Error during cleaning.
:mozilla.467:C:\cookies.txt -> TrackingCookie.Qksrv : Error during cleaning.
:mozilla.845:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Qksrv : Error during cleaning.
:mozilla.846:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Qksrv : Error during cleaning.
:mozilla.470:C:\cookies.txt -> TrackingCookie.Questionmarket : Error during cleaning.
:mozilla.525:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Questionmarket : Error during cleaning.
:mozilla.526:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Questionmarket : Error during cleaning.
:mozilla.472:C:\cookies.txt -> TrackingCookie.Realmedia : Error during cleaning.
:mozilla.473:C:\cookies.txt -> TrackingCookie.Realmedia : Error during cleaning.
:mozilla.474:C:\cookies.txt -> TrackingCookie.Realmedia : Error during cleaning.
:mozilla.475:C:\cookies.txt -> TrackingCookie.Realmedia : Error during cleaning.
:mozilla.847:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Realmedia : Error during cleaning.
:mozilla.848:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Realmedia : Error during cleaning.
:mozilla.849:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Realmedia : Error during cleaning.
:mozilla.850:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Realmedia : Error during cleaning.
:mozilla.95:C:\cookies.txt -> TrackingCookie.Revenue : Error during cleaning.
:mozilla.869:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Revsci : Error during cleaning.
:mozilla.92:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Revsci : Error during cleaning.
:mozilla.93:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Revsci : Error during cleaning.
:mozilla.94:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Revsci : Error during cleaning.
:mozilla.95:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Revsci : Error during cleaning.
:mozilla.97:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Revsci : Error during cleaning.
:mozilla.98:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Revsci : Error during cleaning.
:mozilla.99:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Revsci : Error during cleaning.
:mozilla.867:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Ru4 : Error during cleaning.
:mozilla.868:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Ru4 : Error during cleaning.
:mozilla.237:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.238:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.239:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.240:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.241:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.242:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.490:C:\cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.491:C:\cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.492:C:\cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.493:C:\cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.610:C:\cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.144:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Sitestat : Error during cleaning.
:mozilla.606:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Sitestat : Error during cleaning.
:mozilla.607:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Sitestat : Error during cleaning.
:mozilla.608:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Sitestat : Error during cleaning.
:mozilla.609:C:\cookies.txt -> TrackingCookie.Sitestat : Error during cleaning.
:mozilla.635:C:\cookies.txt -> TrackingCookie.Sitestat : Error during cleaning.
:mozilla.636:C:\cookies.txt -> TrackingCookie.Sitestat : Error during cleaning.
:mozilla.637:C:\cookies.txt -> TrackingCookie.Sitestat : Error during cleaning.
:mozilla.39:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Skype : Error during cleaning.
:mozilla.40:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Skype : Error during cleaning.
:mozilla.41:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Skype : Error during cleaning.
:mozilla.717:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Skype : Error during cleaning.
:mozilla.979:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Smartadserver : Error during cleaning.
:mozilla.223:C:\cookies.txt -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.725:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.265:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Spylog : Error during cleaning.
:mozilla.501:C:\cookies.txt -> TrackingCookie.Spylog : Error during cleaning.
:mozilla.128:C:\cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.129:C:\cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.130:C:\cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.131:C:\cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.132:C:\cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.133:C:\cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.134:C:\cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.135:C:\cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.136:C:\cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.137:C:\cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.138:C:\cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.139:C:\cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.140:C:\cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.141:C:\cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.142:C:\cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.143:C:\cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.144:C:\cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.145:C:\cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.57:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.58:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.59:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.60:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.61:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.62:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.63:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.64:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.65:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.660:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Statistik-gallup : Error during cleaning.
:mozilla.423:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Tacoda : Error during cleaning.
:mozilla.424:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Tacoda : Error during cleaning.
:mozilla.509:C:\cookies.txt -> TrackingCookie.Tacoda : Error during cleaning.
:mozilla.510:C:\cookies.txt -> TrackingCookie.Tacoda : Error during cleaning.
:mozilla.796:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Tacoda : Error during cleaning.
:mozilla.522:C:\cookies.txt -> TrackingCookie.Toplist : Error during cleaning.
:mozilla.582:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Total-media : Error during cleaning.
:mozilla.455:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Tradedoubler : Error during cleaning.
:mozilla.456:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Tradedoubler : Error during cleaning.
:mozilla.523:C:\cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.524:C:\cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.525:C:\cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.526:C:\cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.527:C:\cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.528:C:\cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.791:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.792:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.793:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.255:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Trafic : Error during cleaning.
:mozilla.83:C:\cookies.txt -> TrackingCookie.Trafic : Error during cleaning.
:mozilla.530:C:\cookies.txt -> TrackingCookie.Tribalfusion : Error during cleaning.
:mozilla.73:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Tribalfusion : Error during cleaning.
:mozilla.256:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Valuead : Error during cleaning.
:mozilla.257:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Valuead : Error during cleaning.
:mozilla.258:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Valuead : Error during cleaning.
:mozilla.259:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Valuead : Error during cleaning.
:mozilla.260:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Valuead : Error during cleaning.
:mozilla.261:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Valuead : Error during cleaning.
:mozilla.262:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Valuead : Error during cleaning.
:mozilla.534:C:\cookies.txt -> TrackingCookie.Valueclick : Error during cleaning.
:mozilla.361:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Web-stat : Error during cleaning.
:mozilla.362:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Web-stat : Error during cleaning.
:mozilla.363:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Web-stat : Error during cleaning.
:mozilla.706:C:\cookies.txt -> TrackingCookie.Web-stat : Error during cleaning.
:mozilla.707:C:\cookies.txt -> TrackingCookie.Web-stat : Error during cleaning.
:mozilla.43:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Webtrends : Error during cleaning.
:mozilla.812:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.566:C:\cookies.txt -> TrackingCookie.Yadro : Error during cleaning.
:mozilla.106:C:\cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.107:C:\cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.108:C:\cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.109:C:\cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.110:C:\cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.233:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.234:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.235:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.578:C:\cookies.txt -> TrackingCookie.Zedo : Error during cleaning.
:mozilla.579:C:\cookies.txt -> TrackingCookie.Zedo : Error during cleaning.
:mozilla.580:C:\cookies.txt -> TrackingCookie.Zedo : Error during cleaning.
:mozilla.855:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Zedo : Error during cleaning.
:mozilla.856:C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv/cookies.txt -> TrackingCookie.Zedo : Error during cleaning.


::Report end

#12 Markka

Markka

    Advanced Member

  • Banned
  • PipPipPipPip
  • 784 posts

Posted 25 April 2007 - 08:13 AM

Hello :)

Open HijackThis, Click Do a system scan only, checkmark this. Then close all others windows except HijackThis and press fix checked.

O2 - BHO: (no name) - {1FCAC625-57BE-4308-9A37-6A87097B3DB3} - (no file)


Please download ATF-cleaner and save it to your desktop.
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main choose: Select All
  • Click the Empty Selected button.

    If you use Firefox browser:

  • Click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.

    If you use Opera browser:

  • Click Opera at the top and choose: Select All
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.

Panda online scanner works only with IE!

  • Please go HERE to run PandaActiveScan...

  • Once you are on the Panda site click the Scan your PC button
  • A new window will open...click the Check Now button
  • Enter your Country
  • Enter your State/Province
  • Enter your e-mail address and click send
  • Select either Home User or Company
  • Click the big Scan Now button
  • If it wants to install an ActiveX component allow it
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)

  • When download is complete, click on My Computer to start the scan
  • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report.



Post:
- A fresh HijackThis log
- The report of Panda

#13 Howard Atkins

Howard Atkins

    New Member

  • New Member
  • Pip
  • 8 posts

Posted 26 April 2007 - 03:13 AM

Thank you for your continual support.
The hijacking seems to be gone at the moment

Here are the reports


Incident Status Location

Adware:adware/windowenhancer Not disinfected c:\windows\system32\SBUtils
Spyware:Cookie/BurstNet Not disinfected C:\cookies.txt[.burstnet.com/]
Spyware:Cookie/Falkag Not disinfected C:\cookies.txt[.as-us.falkag.net/]
Spyware:Cookie/Belnk Not disinfected C:\cookies.txt[.ath.belnk.com/]
Spyware:Cookie/Belnk Not disinfected C:\cookies.txt[.belnk.com/]
Spyware:Cookie/WUpd Not disinfected C:\cookies.txt[.revenue.net/]
Spyware:Cookie/Belnk Not disinfected C:\cookies.txt[.dist.belnk.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\cookies.txt[.casalemedia.com/]
Spyware:Cookie/YieldManager Not disinfected C:\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\cookies.txt[server.iad.liveperson.net/hc/76611681]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\cookies.txt[server.iad.liveperson.net/]
Spyware:Cookie/Maxserving Not disinfected C:\cookies.txt[.maxserving.com/]
Spyware:Cookie/Statcounter Not disinfected C:\cookies.txt[.statcounter.com/]
Spyware:Cookie/Tucows Not disinfected C:\cookies.txt[.tucows.com/]
Spyware:Cookie/Com.com Not disinfected C:\cookies.txt[.com.com/]
Spyware:Cookie/2o7 Not disinfected C:\cookies.txt[.112.2o7.net/]
Spyware:Cookie/2o7 Not disinfected C:\cookies.txt[.2o7.net/]
Spyware:Cookie/Abcsearch Not disinfected C:\cookies.txt[.abcsearch.com/]
Spyware:Cookie/PointRoll Not disinfected C:\cookies.txt[.ads.pointroll.com/]
Spyware:Cookie/Adtech Not disinfected C:\cookies.txt[.adtech.de/]
Spyware:Cookie/Apmebf Not disinfected C:\cookies.txt[.apmebf.com/]
Spyware:Cookie/Atwola Not disinfected C:\cookies.txt[.atwola.com/]
Spyware:Cookie/bravenetA Not disinfected C:\cookies.txt[.bravenet.com/]
Spyware:Cookie/CentrPort Not disinfected C:\cookies.txt[.centrport.net/]
Spyware:Cookie/Clickbank Not disinfected C:\cookies.txt[.clickbank.net/]
Spyware:Cookie/Findwhat Not disinfected C:\cookies.txt[.findwhat.com/]
Spyware:Cookie/Go Not disinfected C:\cookies.txt[.go.com/]
Spyware:Cookie/GoStats Not disinfected C:\cookies.txt[.gostats.com/]
Spyware:Cookie/Lop Not disinfected C:\cookies.txt[.mp3search.ru/]
Spyware:Cookie/Overture Not disinfected C:\cookies.txt[.overture.com/]
Spyware:Cookie/Overture Not disinfected C:\cookies.txt[.perf.overture.com/]
Spyware:Cookie/QkSrv Not disinfected C:\cookies.txt[.qksrv.net/]
Spyware:Cookie/QuestionMarket Not disinfected C:\cookies.txt[.questionmarket.com/]
Spyware:Cookie/RealMedia Not disinfected C:\cookies.txt[.realmedia.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\cookies.txt[.serving-sys.com/]
Spyware:Cookie/SpyLog Not disinfected C:\cookies.txt[.spylog.com/]
Spyware:Cookie/Toplist Not disinfected C:\cookies.txt[.toplist.cz/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\cookies.txt[.trafficmp.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/Intelli-tracker Not disinfected C:\cookies.txt[.www.intelli-tracker.com/]
Spyware:Cookie/Xiti Not disinfected C:\cookies.txt[.xiti.com/]
Spyware:Cookie/Yadro Not disinfected C:\cookies.txt[.yadro.ru/]
Spyware:Cookie/Adserver Not disinfected C:\cookies.txt[.z1.adserver.com/]
Spyware:Cookie/Zedo Not disinfected C:\cookies.txt[.zedo.com/]
Spyware:Cookie/Secrets Not disinfected C:\cookies.txt[advertisers-secrets.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\cookies.txt[bs.serving-sys.com/]
Spyware:Cookie/GoStats Not disinfected C:\cookies.txt[c3.gostats.com/]
Spyware:Cookie/Humanclick Not disinfected C:\cookies.txt[hc2.humanclick.com/]
Spyware:Cookie/Humanclick Not disinfected C:\cookies.txt[hc2.humanclick.com/hc/48515196]
Spyware:Cookie/Humanclick Not disinfected C:\cookies.txt[hc2.humanclick.com/hc/75850083]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\cookies.txt[server.iad.liveperson.net/hc/20368012]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\cookies.txt[server.iad.liveperson.net/hc/52423075]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\cookies.txt[server.iad.liveperson.net/hc/89574035]
Spyware:Cookie/onestat.com Not disinfected C:\cookies.txt[stat.onestat.com/]
Spyware:Cookie/myaffiliateprogram Not disinfected C:\cookies.txt[www.myaffiliateprogram.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-1.txt[.go.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-10.txt[.go.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-11.txt[.go.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-12.txt[.go.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-13.txt[.go.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-14.txt[.go.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-15.txt[.go.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-16.txt[.go.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-17.txt[.go.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-18.txt[.go.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-19.txt[.go.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-2.txt[.go.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-20.txt[.go.com/]
Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-21.txt[.metriweb.be/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-21.txt[.go.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-22.txt[.go.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-3.txt[.go.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-4.txt[.go.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-5.txt[.go.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-6.txt[.go.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-7.txt[.go.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-8.txt[.go.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Howard\Application Data\Mozilla\Firefox\Profiles\s8e2bqq3.default\cookies-9.txt[.go.com/]
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\HowardA\Application Data\Mozilla\Firefox\Profiles\ufwh8gmh.default\cookies.txt[hc2.humanclick.com/]
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\HowardA\Application Data\Mozilla\Firefox\Profiles\ufwh8gmh.default\cookies.txt[hc2.humanclick.com/hc/75850083]
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\HowardA\Application Data\Mozilla\Firefox\Profiles\ufwh8gmh.default\cookies.txt[hc2.humanclick.com/hc/48515196]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\HowardA\Application Data\Mozilla\Firefox\Profiles\ufwh8gmh.default\cookies.txt[.belnk.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\HowardA\Application Data\Mozilla\Firefox\Profiles\ufwh8gmh.default\cookies.txt[.dist.belnk.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\HowardA\Application Data\Mozilla\Firefox\Profiles\ufwh8gmh.default\cookies.txt[.ath.belnk.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\HowardA\Application Data\Mozilla\Firefox\Profiles\ufwh8gmh.default\cookies.txt[.atwola.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\HowardA\Application Data\Mozilla\Firefox\Profiles\ufwh8gmh.default\cookies.txt[.go.com/]
Spyware:Cookie/Tucows Not disinfected C:\Documents and Settings\HowardA\Application Data\Mozilla\Firefox\Profiles\ufwh8gmh.default\cookies.txt[.tucows.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.doubleclick.net/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.atdmt.com/]
Spyware:Cookie/Statcounter Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.statcounter.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.tribalfusion.com/]
Spyware:Cookie/Com.com Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.com.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.mediaplex.com/]
Spyware:Cookie/Hitbox Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.hitbox.com/]
Spyware:Cookie/MetriWeb Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.metriweb.be/]
Spyware:Cookie/2o7 Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.2o7.net/]
Spyware:Cookie/Advertising Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.advertising.com/]
Spyware:Cookie/Atwola Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.atwola.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][ad.yieldmanager.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.serving-sys.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.bs.serving-sys.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.serving-sys.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.bluestreak.com/]
Spyware:Cookie/bravenetA Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.bravenet.com/]
Spyware:Cookie/HotLog Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.hotlog.ru/]
Spyware:Cookie/SpyLog Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.spylog.com/]
Spyware:Cookie/FastClick Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.fastclick.net/]
Spyware:Cookie/Tradedoubler Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.tradedoubler.com/]
Spyware:Cookie/Humanclick Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][hc2.humanclick.com/hc/64849153]
Spyware:Cookie/Humanclick Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][hc2.humanclick.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.247realmedia.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.questionmarket.com/]
Spyware:Cookie/360i Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.ct.360i.com/]
Spyware:Cookie/Overture Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.overture.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.apmebf.com/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][server.iad.liveperson.net/hc/34292599]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][server.iad.liveperson.net/]
Spyware:Cookie/PointRoll Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.ads.pointroll.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.casalemedia.com/]
Spyware:Cookie/Overture Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.perf.overture.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.trafficmp.com/]
Spyware:Cookie/CentrPort Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.centrport.net/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][statse.webtrendslive.com/]
Spyware:Cookie/QkSrv Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.qksrv.net/]
Spyware:Cookie/RealMedia Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.realmedia.com/]
Spyware:Cookie/Zedo Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.zedo.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.adrevolver.com/]
Spyware:Cookie/Adtech Not disinfected C:\Program Files\MozBackup 1.4.5 ENG\Firefox 2.0 en-GB - 2007-02-21.pcv[cookies.txt][.adtech.de/]



Logfile of HijackThis v1.99.1
Scan saved at 12:11:07, on 26/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\Program Files\IBM ThinkVantage\Common\Logger\logmon.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\1XConfig.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Flexigen\ActualDoc\bin\actualdocagent.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Howard\Desktop\security\hijackthis\scanner.exe

R3 - URLSearchHook: Israel Radio Toolbar - {5dc2c36d-747c-4fee-8bc3-e86c21981440} - C:\Program Files\Israel_Radio\tbIsra.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~2\fdiebar.dll
O3 - Toolbar: Israel Radio Toolbar - {5dc2c36d-747c-4fee-8bc3-e86c21981440} - C:\Program Files\Israel_Radio\tbIsra.dll
O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: ActualDoc.lnk = ?
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\IBM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FreshDownload - {A5D8A5B6-BCEA-4CDB-94AC-1710B52974C7} - C:\Program Files\FreshDevices\FreshDownload\fd.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O15 - Trusted Zone: http://onecare.live.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - https://www-307.ibm....ntent/AcpIR.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onec...lscbase8300.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {BDEE1959-AB6B-4745-A29B-F492861102CC} -
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = lan.raviv.com
O17 - HKLM\Software\..\Telephony: DomainName = lan.raviv.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = lan.raviv.com
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: RegCompact - C:\WINDOWS\SYSTEM32\RegCompact.dll
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Lenovo PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: System Update (SUService) - - c:\program files\lenovo\system update\suservice.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe
O23 - Service: TVT Backup Service - Unknown owner - C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Unknown owner - C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
O23 - Service: Windows Live OneCare (winss) - Unknown owner - C:\Program Files\Microsoft Windows OneCare Live\winss.exe (file missing)



Thank you

#14 Markka

Markka

    Advanced Member

  • Banned
  • PipPipPipPip
  • 784 posts

Posted 26 April 2007 - 09:50 AM

Hello :)


Delete this folder:
C:\windows\system32\SBUtils

Otherwise your HijackThis log is clean. How is your computer running now?

#15 Howard Atkins

Howard Atkins

    New Member

  • New Member
  • Pip
  • 8 posts

Posted 26 April 2007 - 10:37 PM

It seems to be OK. I would like to thank you very much for the help that you have given me and others. :thumbup: :thumbup:

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·