# Microsoft Visual C++ Runtime Library for Maple Story



## illman (Nov 23, 2006)

I had the same problem...here's the log

Logfile of HijackThis v1.99.1
Scan saved at 2:20:43 PM, on 11/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Common Files\AOL\1141882642\ee\AOLSoftware.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.7.0\FotomatDeviceConnect.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\Program Files\Common Files\MotiveBrowser\MotiveBrowser.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Ananda\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dslstart.verizon.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_22.dll
O2 - BHO: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\WINDOWS\DOWNLO~1\vzbb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.7.0\ViewBarBHO.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar7.dll (file missing)
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\WINDOWS\DOWNLO~1\vzbb.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar7.dll (file missing)
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.7.0\IEViewBar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe
O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdateMgr.exe
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1141882642\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
O4 - HKLM\..\Run: [ViewpointPhotosDeviceConnect] C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.7.0\FotomatDeviceConnect.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Tanima\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sdcCommon/download/tgctlcm.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab50997.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab50997.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe


----------



## illman (Nov 23, 2006)

also maplestory doesn't show in my add/remove programs...wat's up with that, i hope someone can help me here


----------



## eddie5659 (Mar 19, 2001)

Hiya and welcome

I've split you off into your own thread, as its easier to work on one person's problem at a time 

I'll get someone to take a look at your log, as you have some infection there.

Regards

eddie


----------



## Cookiegal (Aug 27, 2003)

Hi and welcome to TSG,

Many people seem to be having problems with this particular game.

Go to Add/Remove programs and uninstall New.Net (NewDotNet). If it will not uninstall do this:

Go *here* and scroll to the bottom of the page to *Procedure 4* and download and run the New.Net uninstaller.

*Should you lose your Internet connection *as a result of removing NewDotNet, please do this:

Go to *Start *- *Run *- typein *cmd *and click OK.

At the command prompt type in:

*netsh winsock reset catalog*

Press enter.

then type in:

*netsh int ip reset resetlog.txt*

Press enter.

You will need to reboot afterwards.

Download *AVG Anti-Spyware* from *HERE* and save that file to your desktop.

When the trial period expires it becomes feature-limited freeware but is still worth keeping as a good on-demand scanner.


Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double click it to launch the set up program.
Once the setup is complete you will need run AVG Anti-Spyware and update the definition files.
On the main screen select the icon "*Update*" then select the "*Update now*" link.
Next select the "*Start Update*" button. The update will start and a progress bar will show the updates being installed.

Once the update has completed, select the "*Scanner*" icon at the top of the screen, then select the "*Settings*" tab.
Once in the Settings screen click on "*Recommended actions*" and then select "*Quarantine*".
Under "*Reports*"
Select "*Automatically generate report after every scan*"
Un-Select "*Only if threats were found*"

Close AVG Anti-Spyware. Do Not run a scan just yet, we will run it in safe mode.
Reboot your computer into *Safe Mode*. You can do this by restarting your computer and continually tapping the *F8* key until a menu appears. Use your up arrow key to highlight *Safe Mode* then hit enter.

*IMPORTANT:* Do not open any other windows or programs while AVG Anti-Spyware is scanning as it may interfere with the scanning process:

Launch AVG Anti-Spyware by double clicking the icon on your desktop.
Select the "*Scanner*" icon at the top and then the "*Scan*" tab then click on "*Complete System Scan*".
AVG will now begin the scanning process. Please be patient as this may take a little time.
*Once the scan is complete, do the following:*
If you have any infections you will be prompted. Then select "*Apply all actions.*"
Next select the "*Reports*" icon at the top.
Select the "*Save report as*" button in the lower lef- hand of the screen and save it to a text file on your system (make sure to remember where you saved that file. This is important).
Close AVG Anti-Spyware and reboot your system back into Normal Mode.

Please go *HERE* to run Panda's ActiveScan
Once you are on the Panda site click the *Scan your PC* button
A new window will open...click the *Check Now* button
Enter your *Country*
Enter your *State/Province*
Enter your *e-mail address* and click *send*
Select either *Home User* or *Company*
Click the big *Scan Now* button
If it wants to install an ActiveX component allow it
It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
When download is complete, click on *My Computer* to start the scan
When the scan completes, if anything malicious is detected, click the *See Report* button, *then Save Report* and save it to a convenient location. Post the contents of the ActiveScan report

*Come back here and post a new HijackThis log along with the logs from the AVG and Panda scans.*


----------



## illman (Nov 23, 2006)

Hey, it's me again with the maple story runtime error problem. I did the full system scan that you told me to, but I waited for almost 5 hours, then it just froze. Now what should I do? I really need some help. Just to say that I miss maplestory so much and I haven't played it for almost 5 months now. Please Reply!


----------



## Cookiegal (Aug 27, 2003)

Sorry I didn't reply sooner. I never received notification of your reply.

Which scan froze. AVG or Panda?


----------



## illman (Nov 23, 2006)

Oh, it was the AVG and it froze after it was still scanning for like 5 hours


----------



## Cookiegal (Aug 27, 2003)

Try doing a fast system scan instead of the full system scan and see if that completes.

Also, please run the Panda scan and post the results.


----------



## illman (Nov 23, 2006)

Ok Thanks a lot. I'll try that.


----------



## Cookiegal (Aug 27, 2003)

:up:


----------



## illman (Nov 23, 2006)

I did the fast system scan that you told me to and here are the results for AVG:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at:	7:03:36 PM 12/19/2006

+ Scan result:

C:\WINDOWS\Downloaded Program Files\__delete_on_reboot__v_z_b_b_._d_l_l_ -> Adware.MegaSearch : Ignored.
HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : Ignored.
HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : Ignored.
HKU\S-1-5-21-3382822115-1265261335-3581706867-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Ignored.
C:\WINDOWS\system32\rlvknlg.exe -> Adware.RK : Ignored.
HKLM\SOFTWARE\Classes\WUSN.1 -> Adware.SaveNow : Ignored.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WhenUSaveMsg -> Adware.SaveNow : Ignored.
HKLM\SOFTWARE\WhenUSave -> Adware.SaveNow : Ignored.
HKLM\SOFTWARE\WhenUSave\Partners -> Adware.SaveNow : Ignored.
HKLM\SOFTWARE\WhenUSave\Partners\SNYG -> Adware.SaveNow : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.247realmedia : Ignored.
:mozilla.19:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.20:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.21:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
:mozilla.41:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.43:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.44:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Adbrite : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Adbrite : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Addynamix : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Admarketplace : Ignored.
:mozilla.59:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.60:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.74:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.75:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.76:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Adrevolver : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Adserver : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Adtech : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Adtrak : Ignored.
:mozilla.61:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Advertising : Ignored.
:mozilla.62:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Advertising : Ignored.
:mozilla.63:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Advertising : Ignored.
:mozilla.64:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Advertising : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Advertising : Ignored.
:mozilla.25:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Atdmt : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Atdmt : Ignored.
:mozilla.57:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Bfast : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Bfast : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Bluestreak : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Bridgetrack : Ignored.
:mozilla.106:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Burstbeacon : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Burstbeacon : Ignored.
:mozilla.100:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Burstnet : Ignored.
:mozilla.101:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Burstnet : Ignored.
:mozilla.99:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Burstnet : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Burstnet : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Burstnet : Ignored.
:mozilla.40:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.42:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.45:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.46:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.47:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Casalemedia : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Clickbank : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Com : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Coremetrics : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Coremetrics : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Counted : Ignored.
:mozilla.18:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Doubleclick : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Doubleclick : Ignored.
:mozilla.102:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Euroclick : Ignored.
:mozilla.103:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Euroclick : Ignored.
:mozilla.104:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Euroclick : Ignored.
:mozilla.105:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Euroclick : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Ignored.
:mozilla.88:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Fastclick : Ignored.
:mozilla.90:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Fastclick : Ignored.
:mozilla.91:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Fastclick : Ignored.
:mozilla.92:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Fastclick : Ignored.
:mozilla.93:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Fastclick : Ignored.
:mozilla.94:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Fastclick : Ignored.
:mozilla.95:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Fastclick : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Fastclick : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Hitslink : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Hypertracker : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Liveperson : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Liveperson : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Masterstats : Ignored.
:mozilla.109:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Mediaplex : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Mediaplex : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Myaffiliateprogram : Ignored.
:mozilla.172:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Overture : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Overture : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Overture : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Overture : Ignored.
:mozilla.173:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Pointroll : Ignored.
:mozilla.174:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Pointroll : Ignored.
:mozilla.175:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Pointroll : Ignored.
:mozilla.176:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Pointroll : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Pointroll : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Popuptraffic : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Qksrv : Ignored.
:mozilla.167:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Questionmarket : Ignored.
:mozilla.168:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Questionmarket : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Questionmarket : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Realcastmedia : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Revenue : Ignored.
:mozilla.146:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Ru4 : Ignored.
:mozilla.147:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Ru4 : Ignored.
:mozilla.148:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Ru4 : Ignored.
:mozilla.149:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Ru4 : Ignored.
:mozilla.150:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Ru4 : Ignored.
:mozilla.151:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Ru4 : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Ru4 : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Serving-sys : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.135:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Specificclick : Ignored.
:mozilla.136:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Specificclick : Ignored.
:mozilla.137:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Specificclick : Ignored.
:mozilla.138:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Specificclick : Ignored.
:mozilla.145:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Specificclick : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Specificclick : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Starware : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Starware : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.107:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Tacoda : Ignored.
:mozilla.108:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Tacoda : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Tacoda : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Tacoda : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Tacoda : Ignored.
:mozilla.129:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Targetnet : Ignored.
:mozilla.130:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Targetnet : Ignored.
:mozilla.134:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Targetnet : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Targetnet : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Targetnet : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Tradedoubler : Ignored.
:mozilla.65:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Trafficmp : Ignored.
:mozilla.66:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Trafficmp : Ignored.
:mozilla.67:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Trafficmp : Ignored.
:mozilla.68:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Trafficmp : Ignored.
:mozilla.69:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Trafficmp : Ignored.
:mozilla.70:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Trafficmp : Ignored.
:mozilla.71:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Trafficmp : Ignored.
:mozilla.72:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Trafficmp : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Trafficmp : Ignored.
:mozilla.48:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Tribalfusion : Ignored.
:mozilla.49:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Tribalfusion : Ignored.
:mozilla.50:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Tribalfusion : Ignored.
:mozilla.51:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Tribalfusion : Ignored.
:mozilla.52:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Tribalfusion : Ignored.
:mozilla.53:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Tribalfusion : Ignored.
:mozilla.54:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Tribalfusion : Ignored.
:mozilla.55:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Tribalfusion : Ignored.
:mozilla.56:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Tribalfusion : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Tribalfusion : Ignored.
:mozilla.116:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Valuead : Ignored.
:mozilla.117:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Valuead : Ignored.
:mozilla.118:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Valuead : Ignored.
:mozilla.119:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Valuead : Ignored.
:mozilla.120:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Valuead : Ignored.
:mozilla.121:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Valuead : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Valuead : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Valuead : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Valueclick : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Webtrendslive : Ignored.
:mozilla.131:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.132:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.133:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Ignored.
C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Zedo : Ignored.

::Report end

Here are the results for the Panda Active Scan:


----------



## illman (Nov 23, 2006)

Sorry I have to split it up because I can ony put 30000 characters.


----------



## illman (Nov 23, 2006)

Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Ananda\Cookies\[email protected][2].txt 
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Ananda\Cookies\[email protected][1].txt 
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Ananda\Cookies\[email protected][1].txt 
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Ananda\Cookies\[email protected][1].txt 
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Ananda\Cookies\[email protected][2].txt 
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Ananda\Cookies\[email protected][1].txt 
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Ananda\Cookies\[email protected][1].txt 
Potentially unwanted tool:Application/Zango Not disinfected C:\Documents and Settings\Ananda\Desktop\spamblockerutility.exe[SBTVSetup.exe][SBTV.exe] 
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt[.2o7.net/] 
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt[.atwola.com/] 
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt[.doubleclick.net/] 
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt[.atdmt.com/] 
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt[.questionmarket.com/] 
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt[.ads.pointroll.com/] 
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt[.serving-sys.com/] 
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt[.mediaplex.com/] 
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt[.statcounter.com/] 
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt 
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt 
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt 
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][3].txt 
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt 
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt 
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt 
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt 
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt  
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt 
Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt 
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt 
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt 
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt 
Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt 
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt 
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt 
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt 
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt 
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt  
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt 
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt 
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt 
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt 
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt 
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt 
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt 
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt 
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt 
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt 
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt  
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt 
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt[.atwola.com/] 
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt[.doubleclick.net/] 
Spyware:Cookie/2o7


----------



## illman (Nov 23, 2006)

Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt[.atdmt.com/] 
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt[.casalemedia.com/] 
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt[.tribalfusion.com/]  
Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt[.bfast.com/] 
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt[.adrevolver.com/] 
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt[.advertising.com/] 
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt[.trafficmp.com/] 
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt[.fastclick.net/] 
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt[.burstnet.com/] 
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt[www.burstbeacon.com/] 
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt[.mediaplex.com/] 
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt[.realmedia.com/] 
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt[.targetnet.com/] 
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt[ad.yieldmanager.com/] 
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt[.targetnet.com/] 
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt[.questionmarket.com/] 
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt[.overture.com/] 
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\rarxmwnz.default\cookies.txt[.ads.pointroll.com/] 
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt 
Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt  
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Bilbo.counted Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt  
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Bridgetrack Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Hitslink Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Coremetrics Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt  
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/Entrepreneur Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/FortuneCity Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt  
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/QkSrv Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/Server.iad.Liveperson


----------



## illman (Nov 23, 2006)

Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Tickle Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt  
Spyware:Cookie/Tickle Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt 
Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt 
Spyware:Cookie/SexList Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.sexlist.com/] 
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[searchportal.information.com/] 
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.fastclick.net/] 
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.advertising.com/] 
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.adrevolver.com/]  
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.advertising.com/] 
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.atdmt.com/] 
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.azjmp.com/] 
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.overture.com/] 
Spyware:Cookie/Hitslink Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[counter.hitslink.com/]


----------



## illman (Nov 23, 2006)

Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[server.iad.liveperson.net/] 
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.perf.overture.com/]  
Spyware:Cookie/Findwhat Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.findwhat.com/] 
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[server.iad.liveperson.net/hc/14150385] 
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.casalemedia.com/] 
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[ad.yieldmanager.com/] 
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.revenue.net/] 
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.doubleclick.net/] 
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.realmedia.com/] 
Spyware:Cookie/WebPower Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.webpower.com/] 
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.adultfriendfinder.com/] 
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[statse.webtrendslive.com/] 
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.hitbox.com/]  
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.ehg-eline.hitbox.com/] 
Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[landing.domainsponsor.com/] 
Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[stat.onestat.com/] 
Spyware:Cookie/cs.sexcounter Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.cs.sexcounter.com/] 
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.statcounter.com/] 
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.zedo.com/] 
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.serving-sys.com/] 
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.ads.pointroll.com/] 
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.mediaplex.com/] 
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.xiti.com/] 
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.atwola.com/] 
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.2o7.net/] 
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.questionmarket.com/] 
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.tribalfusion.com/] 
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.com.com/] 
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Shah Alam\Application Data\Mozilla\Firefox\Profiles\f2n6iapy.default\cookies.txt[.z1.adserver.com/] 
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][1].txt 
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][2].txt 
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][1].txt 
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][3].txt 
Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][2].txt 
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][1].txt 
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][2].txt 
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][2].txt 
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][2].txt 
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][1].txt 
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][1].txt 
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][1].txt 
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][2].txt 
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][1].txt 
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][1].txt 
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][2].txt 
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][2].txt 
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][1].txt 
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][1].txt 
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][1].txt 
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][1].txt 
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][2].txt 
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][1].txt 
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][2].txt 
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][2].txt 
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][1].txt 
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][2].txt 
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][1].txt 
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Shah Alam\Cookies\shah [email protected][2].txt 
Adware:Adware/Trymedia Not disinfected C:\Downloads\BunchSetup-dm[1].exe 
Adware:Adware/Trymedia Not disinfected C:\Downloads\Chainz2_Setup-dm[1].exe 
Adware:Adware/Trymedia Not disinfected C:\Downloads\ChuzzleSetup-dm[1].exe 
Adware:Adware/Trymedia Not disinfected C:\Downloads\DropExtremeSetup-dm[1].exe 
Adware:Adware/Trymedia Not disinfected C:\Downloads\LockerSetup-dm[1].exe 
Potentially unwanted tool:Application/KillApp.B Not disinfected C:\hp\bin\KillIt.exe 
Spyware:Spyware/New.net  Not disinfected C:\Program Files\Real Bowling\NNSUNA3_88.exe 
Spyware:Spyware/New.net Not disinfected C:\Program Files\Real Pool\NNSUNA3_88.exe 
Adware:Adware/SaveNow Not disinfected C:\Program Files\Save\ACM.dll 
Adware:Adware/SaveNow Not disinfected C:\Program Files\Save\ffext.mod 
Adware:Adware/SaveNow Not disinfected C:\Program Files\Save\Save.exe 
Adware:Adware/SaveNow Not disinfected C:\Program Files\Save\SaveUninst.exe 
Potentially unwanted tool:Application/DriveCleaner Not disinfected C:\RECYCLER\S-1-5-21-3382822115-1265261335-3581706867-1008\Dc690.exe 
Adware:Adware/Naupoint Not disinfected C:\WINDOWS\Downloaded Program Files\__delete_on_reboot__v_z_b_b_._d_l_l_


----------



## Cookiegal (Aug 27, 2003)

Clean your Cache and Cookies in IE: 
Close all instances of Outlook Express and Internet Explorer 
Go to Control Panel > Internet Options > General tab 
Click the "Delete Cookies" button 
Next to it, Click the "Delete Files" button 
When prompted, place a check in: "Delete all offline content", click OK
*
Clean your Cache and Cookies in Firefox: 
Click Privacy in the menu on the left side of the Options window. 
Click the Clear button located to the right of each option (History, Cookies, Cache). 
Click OK to close the Options window
Alternatively, you can clear all information stored while browsing by clicking Clear All. 
A confirmation dialog box will be shown before clearing the information


Now try and do the full system scan with AVG-AS but be sure to follow my previous instructions so that it quarantines what it found. If the full scan won't run, do the quick scan again but quarantine the items.


Then run another Panda scan and post the results along with a new HijackThis log. AVG-AS will have eliminated some stuff.


----------



## illman (Nov 23, 2006)

ok thanks, I hope it will work


----------



## Cookiegal (Aug 27, 2003)

Me too.


----------



## illman (Nov 23, 2006)

Hey it's me again. Here's the results for the AVG results:

AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at:	7:43:37 PM 12/21/2006

+ Scan result:

C:\WINDOWS\Downloaded Program Files\__delete_on_reboot__v_z_b_b_._d_l_l_ -> Adware.MegaSearch : Cleaned with backup (quarantined).
HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : Error during cleaning.
HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : Error during cleaning.
C:\WINDOWS\system32\rlvknlg.exe -> Adware.RK : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\WUSN.1 -> Adware.SaveNow : Error during cleaning.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WhenUSaveMsg -> Adware.SaveNow : Error during cleaning.
HKLM\SOFTWARE\WhenUSave -> Adware.SaveNow : Error during cleaning.
HKLM\SOFTWARE\WhenUSave\Partners -> Adware.SaveNow : Error during cleaning.
HKLM\SOFTWARE\WhenUSave\Partners\SNYG -> Adware.SaveNow : Error during cleaning.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Ru4 : Cleaned.

::Report end


----------



## illman (Nov 23, 2006)

Hey, the I tried the Panda Scan a few scans but it doesn't work. What do you think I should do?


----------



## Cookiegal (Aug 27, 2003)

What happens when you try to run Panda?


----------



## illman (Nov 23, 2006)

Here's what happens when it finishes loading one bar:

An error has occurred downloading Panda ActiveScan. Please repeat the process. If the error occurs again, restart your system and try againPossible causes of this error are: 

Not allowing the application's ActiveX control to be downloaded. 

Problems with the Internet connection. 

The error could be due to a download error or an installation error due to lack of hard disk space, privileges etc.


----------



## illman (Nov 23, 2006)

I restarted the computer a few times but it still doesn't work. Do you know why it's not working?


----------



## Cookiegal (Aug 27, 2003)

!! Reset your ActiveX security settings like so... Go to Internet Options > Security > Internet, press 'default level', then OK. 
Now press "Custom Level." 
In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to 'prompt', and 'Initialize and Script ActiveX controls not marked as safe" to 'disable'. 



Then try running Panda again please.


----------



## illman (Nov 23, 2006)

ok thanks, I will post the results in a few.


----------



## Cookiegal (Aug 27, 2003)

:up:


----------



## illman (Nov 23, 2006)

I don't understand, I did what you said and then tried the panda scan. It still doesn't work and says "try again".


----------



## Cookiegal (Aug 27, 2003)

That's weird. You were able to run it before.

Download the Hoster from here UnZip the file and press "Restore Original Hosts" and press "OK". Exit Program.

Then try again please.


----------



## illman (Nov 23, 2006)

Just to say that when the panda scan loads at first, the bar fills up and it's really fast, and then another one appears. When that one is finished, it says "try again". Thats what happened


----------



## Cookiegal (Aug 27, 2003)

Let's try this one instead:

Run Kaspersky online virus scan *Kaspersky Online Scanner*.

After the updates have downloaded, click on the "Scan Settings" button.
Choose the *"Extended database" *for the scan.
Under "Please select a target to scan", click "My Computer".
When the scan is finished, Save the results from the scan!

*Note:* You have to use Internet Explorer to do the online scan.

*Post a new HiJackThis log along with the results from Kaspersky scan*


----------



## illman (Nov 23, 2006)

Ok, thanks. I hope this one works.


----------



## Cookiegal (Aug 27, 2003)

:up:


----------



## illman (Nov 23, 2006)

Hey sorry I didn't post something earlier. In a few minutes, I will post the results as I am downloading the scan right now.


----------



## illman (Nov 23, 2006)

Hello I was gone and sorry I didn't reply sooner. I did ran the Kaspersky Online Scanner a few times but at the end it always says "Failed to download" and that I need administrator's privelages. The Admin's account is my sister's account and I even tried to download it there, but it's still not working. What should I do?


----------



## Cookiegal (Aug 27, 2003)

Please post a new HijackThis log.


----------



## illman (Nov 23, 2006)

What do you mean by "Hijack this log" ? Sorry,


----------



## Cookiegal (Aug 27, 2003)

Like you did in your very first post.


----------



## illman (Nov 23, 2006)

hello cookie gal. Sorry for the wait. Here are the Result---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at:	6:18:53 PM 1/14/2007

+ Scan result:

HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : No action taken.
HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : No action taken.
HKLM\SOFTWARE\Classes\WUSN.1 -> Adware.SaveNow : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WhenUSaveMsg -> Adware.SaveNow : No action taken.
HKLM\SOFTWARE\WhenUSave -> Adware.SaveNow : No action taken.
HKLM\SOFTWARE\WhenUSave\Partners -> Adware.SaveNow : No action taken.
HKLM\SOFTWARE\WhenUSave\Partners\SNYG -> Adware.SaveNow : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.35:C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.36:C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Addynamix : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][3].txt -> TrackingCookie.Adrevolver : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Advertising : No action taken.
:mozilla.21:C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Bfast : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Burstbeacon : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Casalemedia : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Clickbank : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Com : No action taken.
:mozilla.22:C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Euroclick : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.20:C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Pro-market : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Ru4 : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Specificclick : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Statcounter : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Trafficmp : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.23:C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.24:C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Zedo : No action taken.

::Report ends:


----------



## illman (Nov 23, 2006)

Oh ya and Happy New Year!


----------



## Cookiegal (Aug 27, 2003)

Happy New Year to you too.

You need to run AVG-AS again and follow my previous instructions carefully so that it quarantines what it found and post the log.


Then, post a new HijackThis log please.


----------



## illman (Nov 23, 2006)

Ok, got it. Thanks.


----------



## Cookiegal (Aug 27, 2003)

:up:


----------



## illman (Nov 23, 2006)

Is this what you are looking for? 

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at:	6:49:00 PM 1/15/2007

+ Scan result:

HKU\S-1-5-21-3382822115-1265261335-3581706867-1014\Software\DriveCleaner 2006 Free -> Adware.DriveCleaner : Cleaned with backup (quarantined).
HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : Error during cleaning.
HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : Error during cleaning.
HKLM\SOFTWARE\Classes\WUSN.1 -> Adware.SaveNow : Error during cleaning.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WhenUSaveMsg -> Adware.SaveNow : Error during cleaning.
HKLM\SOFTWARE\WhenUSave -> Adware.SaveNow : Error during cleaning.
HKLM\SOFTWARE\WhenUSave\Partners -> Adware.SaveNow : Error during cleaning.
HKLM\SOFTWARE\WhenUSave\Partners\SNYG -> Adware.SaveNow : Error during cleaning.
[3732] C:\Program Files\Common Files\DriveCleaner 2006 Free\udcsdr.exe -> Adware.WinFixer : Error during cleaning.
[3780] C:\Program Files\Common Files\DriveCleaner 2006 Free\udcpas.exe -> Adware.WinFixer : Error during cleaning.
[3816] C:\Program Files\Common Files\DriveCleaner 2006 Free\udcsdr.exe -> Adware.WinFixer : Cleaned with backup (quarantined).
[3828] C:\Program Files\Common Files\DriveCleaner 2006 Free\udcpas.exe -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.35:C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.36:C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.21:C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Bfast : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Clickbank : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Com : Cleaned.
:mozilla.22:C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.20:C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Pro-market : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.23:C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.24:C:\Documents and Settings\Ananda.GENIUS\Application Data\Mozilla\Firefox\Profiles\ejy8jwuy.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Zedo : Cleaned.

::Report end


----------



## Cookiegal (Aug 27, 2003)

Go to Control Panel - Add/Remove programs and remove these, if there:

*NewdotNet
DriveCleaner 2006 Free
WhenUSave*

Reboot and run AVG-AS again and post the results please.


----------



## illman (Nov 23, 2006)

Ok. Thanks, I'll do that.


----------



## Cookiegal (Aug 27, 2003)

:up:


----------



## illman (Nov 23, 2006)

here's the AVG Anti-Spyware - Scan Report

+ Created at:	7:34:20 PM 1/24/2007

+ Scan result:

HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : Error during cleaning.
HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : Error during cleaning.
HKLM\SOFTWARE\Classes\WUSN.1 -> Adware.SaveNow : Error during cleaning.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Ananda.GENIUS\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned.

::Report end


----------



## Cookiegal (Aug 27, 2003)

May I see a new HijackThis log please?


----------



## illman (Nov 23, 2006)

wat do you mean by a new hijackthis log?? please explain


----------



## Cookiegal (Aug 27, 2003)

A log like you posted in your very first post.


----------



## illman (Nov 23, 2006)

Sorry for the very late post, here is the logfile of hijackthis 

Logfile of HijackThis v1.99.1
Scan saved at 5:29:45 PM, on 2/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe
C:\Program Files\Common Files\AOL\1141882642\ee\AOLSoftware.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.7.0\FotomatDeviceConnect.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\AGEIA Technologies\TrayIcon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\Program Files\Common Files\MotiveBrowser\MotiveBrowser.exe
C:\WINDOWS\RTHDCPL.EXE
c:\windows\system\hpsysdrv.exe
C:\DOCUME~1\ANANDA~1.GEN\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\WINDOWS\DOWNLO~1\vzbb.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.7.0\ViewBarBHO.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar7.dll (file missing)
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\WINDOWS\DOWNLO~1\vzbb.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar7.dll (file missing)
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.7.0\IEViewBar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe
O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdateMgr.exe
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1141882642\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
O4 - HKLM\..\Run: [ViewpointPhotosDeviceConnect] C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.7.0\FotomatDeviceConnect.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SDR6_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcsdr.exe"
O4 - HKLM\..\Run: [PAS_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcpas.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Tanima\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sdcCommon/download/tgctlcm.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab50997.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab50997.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe


----------



## Cookiegal (Aug 27, 2003)

I'm attaching a Fixillman.zip file to this post. Save it to your desktop. Unzip it and double click on the Fixillman.reg file and allow it to enter into the registry.

Go to Control Panel - Add/Remove programs and remove:

*WildTangent
DriveCleaner 2006 Free*

You may also want to remove the Viewpoint Toolbar as it's considered to be foistware.

Rescan with HijackThis, close all browser windows except HijackThis, put a check mark beside these entries and click *fix checked*.

*O15 - Trusted Zone: http://*.trymedia.com (HKLM)*

Reboot and post a new HijackThis log and a new Panda scan log please.


----------



## PEP (Mar 1, 2006)

wow i thought this problem was fixed by now..


----------



## illman (Nov 23, 2006)

Hi. Here's the new Hijack this results:

Logfile of HijackThis v1.99.1
Scan saved at 7:51:20 PM, on 2/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe
C:\Program Files\Common Files\AOL\1141882642\ee\AOLSoftware.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.7.0\FotomatDeviceConnect.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\AGEIA Technologies\TrayIcon.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\Program Files\Common Files\MotiveBrowser\MotiveBrowser.exe
C:\DOCUME~1\ANANDA~1.GEN\LOCALS~1\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\WINDOWS\DOWNLO~1\vzbb.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.7.0\ViewBarBHO.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar7.dll (file missing)
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\WINDOWS\DOWNLO~1\vzbb.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar7.dll (file missing)
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.7.0\IEViewBar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe
O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdateMgr.exe
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1141882642\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
O4 - HKLM\..\Run: [ViewpointPhotosDeviceConnect] C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.7.0\FotomatDeviceConnect.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SDR6_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcsdr.exe"
O4 - HKLM\..\Run: [PAS_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcpas.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Tanima\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sdcCommon/download/tgctlcm.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab50997.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab50997.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe


----------



## Cookiegal (Aug 27, 2003)

Please run a new Panda scan as requested.


----------



## illman (Nov 23, 2006)

Sorry, but I tried the panda scan but it's not working. It keeps saying "try again" after it loads. What do you think I should do?


----------



## Cookiegal (Aug 27, 2003)

Download *WinPFind.exe* to your desktop and double click on it open it and then select extract to extract the files. This will create a folder named *WinPFind* on your desktop.

*Start in Safe Mode Using the F8 method:*


Restart the computer.
As soon as the BIOS is loaded begin tapping the *F8* key until the boot menu appears.
Use the arrow keys to select the *Safe Mode* menu item.
Press the *Enter* key.

Double click on the WinPFind folder on your desktop to open it and then double click on the *WinPFind.exe* file to start the program.


Click Configure scan options
Under Run AdOns select the following:
Policies.def
Security.def

Click apply
Click "*Start Scan*"
*It will scan the entire System, so please be patient and let it complete.*

When the scan is complete reboot normally and post the *WinPFind.txt* file (located in the WinPFind folder) back here along with a new HijackThis log.


----------



## illman (Nov 23, 2006)

Ok thanks a lot. I'll try that.


----------



## Cookiegal (Aug 27, 2003)

I understand the program has completely changed so once you've extracted the files, just click on Run Scan (don't change anything).


----------



## illman (Nov 23, 2006)

I tried the scan in safe mode, but in the middle it just froze. What do you think I should do?


----------



## Cookiegal (Aug 27, 2003)

Let's try a different one instead.

Download *ComboFix* to your Desktop.

Reboot to Safe mode:

Restart your computer and begin tapping the F8 key on your keyboard just before Windows starts to load. If done properly a Windows Advanced Options menu will appear. Select the Safe Mode option and press Enter.

Perform the following actions in *Safe Mode*.

Double click *combofix.exe * and follow the prompts.
When finished, it will produce a log for you. Post that log and a new *HijackThis* log in your next reply
*Note: Do not mouseclick combofix's window while it's running as that may cause it to stall*


----------



## illman (Nov 23, 2006)

Ok thanks a lot. I hope THIS ONE works for me.


----------



## Cookiegal (Aug 27, 2003)

How's it going here? If you haven't already run CombFix, please *do NOT run it*. Let me know please.


----------



## illman (Nov 23, 2006)

I haven't run it yet because I have been away from my computer for a week. why?


----------



## Cookiegal (Aug 27, 2003)

A new rootkit has been found that interferes with the way ComboFix works and running it could cause damage to your system so the tool has been pulled for the time being.


----------



## Cookiegal (Aug 27, 2003)

Download GMER from: http://majorgeeks.com/download.php?det=5198

Save it somewhere on your hard drive and unzip it to desktop.

Double click the gmer.exe to run it and select the rootkit tab, press scan and when it has finished press save and copy the log back here please.


----------



## illman (Nov 23, 2006)

the gmer scan does not work. It says that I could copy but I can not scan... what should I do now?


----------



## Cookiegal (Aug 27, 2003)

Are you sure you unzipped it to your desktop?


----------



## illman (Nov 23, 2006)

I did but it still didn't work.


----------



## Cookiegal (Aug 27, 2003)

Try this one:

Download RootkitRevealer from *here* (link is at the very bottom of the page).
Unzip it to your desktop.
Open the RootkitRevealer folder and double-click *rootkitrevealer.exe*
Click the *Scan* button (bottom right)
It may take a while to scan (don't do anything while it's running)
When it's done, go up to *File - Save*. Choose to save it to your desktop.
Open *RootkitRevealer.txt* on your desktop and copy the entire contents and paste them here.


----------



## illman (Nov 23, 2006)

Ok thanks. Hopefully this one will give me no problems.


----------



## Cookiegal (Aug 27, 2003)

Let's hope not.


----------



## illman (Nov 23, 2006)

RootkitRevealer was unable to scan. What should I do NOW?


----------



## Cookiegal (Aug 27, 2003)

*Click here* to download FindAWF.exe and save it to your desktop.
Double-click on the FindAWF.exe file to run it.
It will open a command prompt and ask you to "Press any key to continue".
Press any key and the FindAWF tool will begin scanning your computer for the infected AWF files and the backups the trojan created.
It may take a few minutes to complete so be patient.
When it is complete, it will open a text file in notepad called AWF.txt which will automatically be saved to your desktop or whatever location you ran the file from.
Come back here to this thread and copy and paste the contents of the AWF.txt file in your next reply.


----------



## illman (Nov 23, 2006)

Ok thanks a lot. I 'll try this one.


----------



## illman (Nov 23, 2006)

Here are the results: 


Find AWF report by noahdfear ©2006


21504 byte files found
~~~~~~~~~~~~~



21504 byte files sorted with strings
~~~~~~~~~~~~~~~~~~~~~



25600 byte files found
~~~~~~~~~~~~~



25600 byte files sorted with strings
~~~~~~~~~~~~~~~~~~~~~



26450 byte files found
~~~~~~~~~~~~~



26450 byte files sorted with strings
~~~~~~~~~~~~~~~~~~~~~



bak folders found
~~~~~~~~~~~



Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~



end of report


----------



## Cookiegal (Aug 27, 2003)

Download ComboScan by Deckard from *Here* and save it to your Desktop. 

Double click *comboScan.exe * and follow the prompts.
When finished, it will produce a log for you. 
Post the contents of that log in your next reply.
Using Windows Explorer (to get there right-click your Start button and go to "Explore"), navigate to the *C:\ComboScan *folder. You will find two logs in the folder, *ComboScan.txt *and *Supplementary.txt*.
Open the *Supplementary.txt* log in Notepad
Also Copy and Paste its contents in a reply.


----------



## illman (Nov 23, 2006)

ok thanks again.


----------



## Cookiegal (Aug 27, 2003)

:up:


----------



## illman (Nov 23, 2006)

ComboScan v20070226.18 run by HP_Administrator on 2007-02-28 at 19:57:15
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Successfully created restore point.
Performed disk cleanup.


-- HijackThis (run as HP_Administrator.exe) -------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 7:59:36 PM, on 2/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdateMgr.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe
C:\Program Files\Common Files\AOL\1141882642\ee\AOLSoftware.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.7.0\FotomatDeviceConnect.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\AGEIA Technologies\TrayIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Plaxo\2.12.1.1\PlaxoHelper.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\Program Files\Common Files\MotiveBrowser\MotiveBrowser.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\RTHDCPL.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\MSN\MSNCoreFiles\msn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Documents and Settings\Ananda.GENIUS\Desktop\comboscan.exe
C:\DOCUME~1\Ananda\Desktop\HP_Administrator.exe
C:\Program Files\Messenger\msmsgs.exe


----------



## illman (Nov 23, 2006)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dslstart.verizon.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://as.starware.com/dp/search?x=...q/jsijF1iQoSVWpQVZAR5uPBnPTiGPg6RhRgRkhJde0Zq
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\WINDOWS\DOWNLO~1\vzbb.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.7.0\ViewBarBHO.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar7.dll (file missing)
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\WINDOWS\DOWNLO~1\vzbb.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar7.dll (file missing)
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.7.0\IEViewBar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe
O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdateMgr.exe
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1141882642\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
O4 - HKLM\..\Run: [ViewpointPhotosDeviceConnect] C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.7.0\FotomatDeviceConnect.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SDR6_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcsdr.exe"
O4 - HKLM\..\Run: [PAS_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcpas.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.12.1.1\PlaxoHelper.exe -a
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Tanima\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*


----------



## illman (Nov 23, 2006)

O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sdcCommon/download/tgctlcm.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab50997.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab50997.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: CFF - Unknown owner - C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\CFF.exe (file missing)
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: ETLXZTXQVUTNWLQA - Unknown owner - C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\ETLXZTXQVUTNWLQA.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: JXLQTRKFIXU - Unknown owner - C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\JXLQTRKFIXU.exe (file missing)
O23 - Service: KFTWSYKY - Unknown owner - C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\KFTWSYKY.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe


----------



## illman (Nov 23, 2006)

-- File Associations ------------------------------------------------------------

.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ----------------------

3R AgereSoftModem (Agere Systems Soft Modem) - C:\WINDOWS\system32\drivers\AGRSM.sys
3R aracpi - C:\WINDOWS\system32\drivers\aracpi.sys
3S arhidfltr (MS Ar HID Filter Driver) - C:\WINDOWS\system32\drivers\arhidfltr.sys
3R arkbcfltr (Microsoft PS2 Keyboard Filter) - C:\WINDOWS\system32\drivers\arkbcfltr.sys
3R armoucfltr (Microsoft PS2 Mouse Filter) - C:\WINDOWS\system32\drivers\armoucfltr.sys
3R Arp1394 (1394 ARP Client Protocol) - C:\WINDOWS\system32\drivers\arp1394.sys
3R ARPolicy - C:\WINDOWS\system32\drivers\arpolicy.sys
3R ati2mtag - C:\WINDOWS\system32\drivers\ati2mtag.sys
1R AVG Anti-Spyware Driver - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
1R AvgAsCln (AVG Anti-Spyware Clean Driver) - C:\WINDOWS\system32\drivers\AvgAsCln.sys
0R bb-run (Promise driver accelerator) - C:\WINDOWS\system32\drivers\bb-run.sys
2R CSS DVP - C:\WINDOWS\system32\drivers\css-dvp.sys
1R eeCtrl (Symantec Eraser Control driver) - C:\Program Files\Common Files\Symantec Shared\eengine\eectrl.sys
3R EraserUtilRebootDrv - C:\Program Files\Common Files\Symantec Shared\eengine\EraserUtilRebootDrv.sys
0R ftsata2 - C:\WINDOWS\system32\drivers\ftsata2.sys
3R GEARAspiWDM - C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
3S hamachi_oem (PlayLinc Adapter) - C:\WINDOWS\system32\drivers\gan_adapter.sys
3R HDAudBus (Microsoft UAA Bus Driver for High Definition Audio) - C:\WINDOWS\system32\drivers\Hdaudbus.sys
3S HidUsb (Microsoft HID Class Driver) - C:\WINDOWS\system32\drivers\hidusb.sys
3S HPZid412 (IEEE-1284.4 Driver HPZid412) - C:\WINDOWS\system32\drivers\HPZid412.sys
3S HPZipr12 (Print Class Driver for IEEE-1284.4 HPZipr12) - C:\WINDOWS\system32\drivers\HPZipr12.sys
3S HPZius12 (USB to IEEE-1284.4 Translation Driver HPZius12) - C:\WINDOWS\system32\drivers\HPZius12.sys
0R iaStor (Intel RAID Controller) - C:\WINDOWS\system32\drivers\iaStor.sys
3R IntcAzAudAddService (Service for Realtek HD Audio (WDM)) - C:\WINDOWS\system32\drivers\RtkHDAud.sys
1R intelppm (Intel Processor Driver) - C:\WINDOWS\system32\drivers\intelppm.sys
3S MHNDRV (MHN driver) - C:\WINDOWS\system32\drivers\mhndrv.sys
3S mouhid (Mouse HID Driver) - C:\WINDOWS\system32\drivers\mouhid.sys
3S MREMPR5 (MREMPR5 NDIS Protocol Driver) - C:\Program Files\Common Files\Motive\MREMPR5.sys
3S MRENDIS5 (MRENDIS5 NDIS Protocol Driver) - C:\Program Files\Common Files\Motive\MRENDIS5.sys
3R NAVENG - C:\Program Files\Common Files\Symantec Shared\VirusDefs\20070228.017\NAVENG.SYS
3R NAVEX15 - C:\Program Files\Common Files\Symantec Shared\VirusDefs\20070228.017\NAVEX15.SYS
3R NIC1394 (1394 Net Driver) - C:\WINDOWS\system32\drivers\nic1394.sys
0R ohci1394 (VIA OHCI Compliant IEEE 1394 Host Controller) - C:\WINDOWS\system32\drivers\ohci1394.sys
3R Ps2 - C:\WINDOWS\system32\drivers\PS2.sys
0R PxHelp20 - C:\WINDOWS\system32\drivers\pxhelp20.sys
3R RTL8023xp (Realtek 10/100/1000 NIC Family all in one NDIS XP Driver) - C:\WINDOWS\system32\drivers\Rtlnicxp.sys
3S rtl8139 (Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver) - C:\WINDOWS\system32\drivers\RTL8139.sys
3R SAVRT - C:\Program Files\Norton AntiVirus\savrt.sys
1R SAVRTPEL - C:\Program Files\Norton AntiVirus\Savrtpel.sys
1R SPBBCDrv - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
3R SYMDNS - C:\WINDOWS\system32\drivers\symdns.sys
3R SymEvent - C:\Program Files\Symantec\SYMEVENT.SYS
3R SYMFW - C:\WINDOWS\system32\drivers\symfw.sys
3R SYMIDS - C:\WINDOWS\system32\drivers\symids.sys
3R SYMIDSCO - C:\Program Files\Common Files\Symantec Shared\SymcData\ids-diskless\20070221.002\SymIDSCo.sys
2R symlcbrd - C:\WINDOWS\system32\drivers\symlcbrd.sys
3R SYMNDIS - C:\WINDOWS\system32\drivers\symndis.sys
3R SYMREDRV - C:\WINDOWS\system32\drivers\symredrv.sys
1R SYMTDI - C:\WINDOWS\system32\drivers\symtdi.sys
3S usbccgp (Microsoft USB Generic Parent Driver) - C:\WINDOWS\system32\drivers\usbccgp.sys
3R usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - C:\WINDOWS\system32\drivers\usbehci.sys
3R usbohci (Microsoft USB Open Host Controller Miniport Driver) - C:\WINDOWS\system32\drivers\usbohci.sys
3S usbprint (Microsoft USB PRINTER Class) - C:\WINDOWS\system32\drivers\usbprint.sys
3S usbscan (USB Scanner Driver) - C:\WINDOWS\system32\drivers\usbscan.sys
3R usbstor (USB Mass Storage Driver) - C:\WINDOWS\system32\drivers\usbstor.sys
1R WS2IFSL (Windows Socket 2.0 Non-IFS Service Provider Support Environment) - C:\WINDOWS\system32\drivers\ws2ifsl.sys
3S WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - C:\WINDOWS\system32\drivers\WudfPf.sys
3S WudfRd (Windows Driver Foundation - User-mode Driver Framework Reflector) - C:\WINDOWS\system32\drivers\WudfRd.sys


----------



## illman (Nov 23, 2006)

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

2R ARSVC - C:\WINDOWS\arservice.exe
3S aspnet_state (ASP.NET State Service) - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
2R Ati HotKey Poller - C:\WINDOWS\system32\Ati2evxx.exe
2S ATI Smart - C:\WINDOWS\system32\ati2sgag.exe
2R AVG Anti-Spyware Guard - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
2R ccEvtMgr (Symantec Event Manager) - "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
2R ccSetMgr (Symantec Settings Manager) - "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
3S CFF - C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\CFF.exe
2R dvpapi - "C:\Program Files\Common Files\Command Software\dvpapi.exe"
2R ehRecvr (Media Center Receiver Service) - C:\WINDOWS\eHome\ehRecvr.exe
2R ehSched (Media Center Scheduler Service) - C:\WINDOWS\eHome\ehSched.exe
3S ETLXZTXQVUTNWLQA - C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\ETLXZTXQVUTNWLQA.exe
3S Fax - C:\WINDOWS\system32\fxssvc.exe
3S IDriverT (InstallDriver Table Manager) - "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
3R iPod Service - "C:\Program Files\iPod\bin\iPodService.exe"
3S JXLQTRKFIXU - C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\JXLQTRKFIXU.exe
3S KFTWSYKY - C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\KFTWSYKY.exe
2R LightScribeService (LightScribeService Direct Disc Labeling Service) - "C:\Program Files\Common Files\LightScribe\LSSrvc.exe"
2R McrdSvc (Media Center Extender Service) - C:\WINDOWS\ehome\mcrdsvc.exe
3S MHN - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R navapsvc (Norton AntiVirus Auto-Protect Service) - "C:\Program Files\Norton AntiVirus\navapsvc.exe"
2R NPFMntor (Norton AntiVirus Firewall Monitor Service) - "C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe"
3R NSCService (Norton Protection Center Service) - "C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE"
3S ose (Office Source Engine) - "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
0S Pml Driver HPZ12 - \SystemRoot\C:\WINDOWS\system32\HPZipm12.exe
3S SAVScan (Symantec AVScan) - "C:\Program Files\Norton AntiVirus\SAVScan.exe"
2R SNDSrvc (Symantec Network Drivers Service) - "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"
2R SPBBCSvc - "C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"
2R Symantec Core LC - "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"
3S usprserv (User Privilege Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R Viewpoint Manager Service - "C:\Program Files\Viewpoint\Common\ViewpointService.exe"

-- Scheduled Tasks --------------------------------------------------------------

2007-02-28 18:50:52 386 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job<SYMANT~1.JOB>
2007-02-23 20:00:00 532 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - Tanima.job<NORTON~1.JOB>
2007-02-18 22:47:00 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job<APPLES~1.JOB>
2007-02-01 03:00:00 394 --a------ C:\WINDOWS\Tasks\RegCure.job

-- Files created between 2007-01-28 and 2007-02-28 ------------------------------

2007-02-21 15:39:14 0 d-------- C:\Documents and Settings\Ananda.GENIUS\System
2007-02-21 15:39:14 0 d-------- C:\Documents and Settings\Ananda.GENIUS\Application Data\SmartDraw<SMARTD~1>
2007-02-19 18:48:19 80 --a------ C:\WINDOWS\gmer_uninstall.cmd<GMER_U~1.CMD>
2007-02-18 12:10:15 0 d-------- C:\Documents and Settings\Ananda.GENIUS\Application Data\MSNInstaller<MSNINS~1>
2007-02-18 12:10:14 0 d-------- C:\Documents and Settings\Ananda.GENIUS\Application Data\MSN6
2007-02-18 00:55:50 0 d-------- C:\WINDOWS\ie7updates<IE7UPD~1>
2007-02-14 20:14:22 0 d-------- C:\WINDOWS\WBEM
2007-02-14 20:14:21 0 d-------- C:\WINDOWS\system32\en-US
2007-02-14 20:12:47 0 d--h---c- C:\WINDOWS\ie7
2007-02-14 20:11:05 121856 -----n--- C:\WINDOWS\system32\xmllite.dll
2007-02-14 20:10:28 0 d-------- C:\WINDOWS\network diagnostic<NETWOR~1>
2007-02-14 17:50:10 0 d-------- C:\Documents and Settings\Ananda.GENIUS\Application Data\Viewpoint<VIEWPO~1>
2007-02-11 19:35:58 21456 --a------ C:\WINDOWS\system32\drivers\SilvrLnk.sys
2007-02-11 19:35:33 0 d-------- C:\Program Files\Common Files\TI Shared<TISHAR~1>
2007-02-11 19:35:32 0 d-------- C:\Program Files\TI Education<TIEDUC~1>
2007-02-11 19:34:02 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard<WISEIN~1>
2007-02-09 02:53:42 0 d-------- C:\Documents and Settings\Shah Alam\Application Data\HPQ
2007-02-04 21:16:40 12160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2007-02-04 21:16:34 9600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2007-02-04 11:12:54 0 d-------- C:\Documents and Settings\Ananda.GENIUS\Application Data\Sun
2007-01-30 15:48:13 0 d-------- C:\Program Files\GameTop.com
2007-01-29 03:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe


----------



## illman (Nov 23, 2006)

-- Find3M Report ----------------------------------------------------------------

2007-02-28 18:40:43 0 d-------- C:\Documents and Settings\HP_Administrator\Application Data\MSN6
2007-02-28 18:22:37 0 d-------- C:\Program Files\Plaxo
2007-02-28 07:39:02 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-02-27 07:24:02 0 d-------- C:\Program Files\Java
2007-02-23 10:50:41 0 d-------- C:\Program Files\Common Files\Symantec Shared<SYMANT~1>
2007-02-10 15:29:16 0 d-------- C:\Program Files\WildTangent<WILDTA~1>
2007-01-28 15:52:31 0 d-------- C:\Program Files\Common Files\Adobe
2007-01-28 15:47:47 0 d-------- C:\Documents and Settings\HP_Administrator\Application Data\AdobeUM
2007-01-22 17:55:47 0 d-------- C:\Program Files\EA GAMES<EAGAME~1>
2007-01-22 17:55:46 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-01-18 22:03:44 0 d-------- C:\Program Files\Common Files\Motive
2007-01-18 18:13:23 0 d-------- C:\Program Files\SupportSoft<SUPPOR~1>
2007-01-18 18:13:10 0 d-------- C:\Documents and Settings\HP_Administrator\Application Data\MSNInstaller<MSNINS~1>
2007-01-18 18:05:54 0 d-------- C:\Program Files\Verizon
2007-01-18 18:02:18 0 d-------- C:\Program Files\PlayLinc
2007-01-15 21:12:31 0 d-------- C:\Program Files\Real Pool<REALPO~1>
2007-01-15 18:48:45 0 d-------- C:\Program Files\Common Files\DriveCleaner 2006 Free<DRIVEC~1>
2007-01-12 19:30:53 0 d-------- C:\Program Files\Viewpoint<VIEWPO~1>
2007-01-12 09:27:42 232960 --a------ C:\WINDOWS\system32\webcheck.dll
2007-01-12 09:27:42 51712 -----n--- C:\WINDOWS\system32\msfeedsbs.dll<MSFEED~1.DLL>
2007-01-12 09:27:42 458752 -----n--- C:\WINDOWS\system32\msfeeds.dll
2007-01-12 09:27:42 6054400 -----n--- C:\WINDOWS\system32\ieframe.dll
2007-01-08 19:04:54 105984 --a------ C:\WINDOWS\system32\url.dll
2007-01-08 19:04:08 102400 --a------ C:\WINDOWS\system32\occache.dll
2007-01-08 19:02:04 266752 --a------ C:\WINDOWS\system32\iertutil.dll
2007-01-08 19:02:04 44544 --a------ C:\WINDOWS\system32\iernonce.dll
2007-01-08 19:02:02 384000 --a------ C:\WINDOWS\system32\iedkcs32.dll
2007-01-08 19:02:02 383488 -----n--- C:\WINDOWS\system32\ieapfltr.dll
2007-01-08 19:02:02 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2007-01-08 19:02:02 230400 --a------ C:\WINDOWS\system32\ieaksie.dll
2007-01-08 19:02:02 153088 --a------ C:\WINDOWS\system32\ieakeng.dll
2007-01-08 19:01:14 17408 --a------ C:\WINDOWS\system32\corpol.dll
2007-01-08 19:00:48 124928 --a------ C:\WINDOWS\system32\advpack.dll
2007-01-08 18:08:14 56832 --a------ C:\WINDOWS\system32\ie4uinit.exe
2007-01-08 18:08:10 13824 --a------ C:\WINDOWS\system32\ieudinit.exe
2007-01-07 20:57:32 0 d---s---- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft<MICROS~1>
2007-01-04 18:23:26 0 d-------- C:\Documents and Settings\HP_Administrator\Application Data\Google
2007-01-04 18:22:51 0 d-------- C:\Program Files\Google
2007-01-04 15:54:09 0 d-------- C:\Program Files\GameHouse<GAMEHO~1>
2007-01-04 14:36:03 0 d-------- C:\Program Files\Circulate<CIRCUL~1>
2006-12-19 16:52:18 134656 --a------ C:\WINDOWS\system32\shsvcs.dll
2006-12-19 13:16:47 333824 --a------ C:\WINDOWS\system32\wiaservc.dll
2006-12-18 02:18:39 225280 --a------ C:\PlayerHost.dll<PLAYER~1.DLL>
2006-12-17 11:06:31 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll<CMDLIN~1.DLL>
2006-12-09 19:02:48 88433 --a------ C:\WINDOWS\hpoins06.dat


----------



## illman (Nov 23, 2006)

-- Registry Dump ----------------------------------------------------------------

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"PlaxoUpdate"="C:\\Program Files\\Plaxo\\2.12.1.1\\PlaxoHelper.exe -a"
"Aim6"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
"AlwaysReady Power Message APP"="ARPWRMSG.EXE"
"DISCover"="C:\\Program Files\\DISC\\DISCover.exe"
"DiscUpdateManager"="C:\\Program Files\\DISC\\DiscUpdateMgr.exe"
@=""
"PCDrProfiler"=""
"HPBootOp"="\"C:\\Program Files\\Hewlett-Packard\\HP Boot Optimizer\\HPBootOp.exe\" /run"
"HP Software Update"=hex(2):43,3a,5c,50,72,6f,67,72,61,6d,20,46,69,6c,65,73,5c,\
48,50,5c,48,50,20,53,6f,66,74,77,61,72,65,20,55,70,64,61,74,65,5c,48,50,77,\
75,53,63,68,64,32,2e,65,78,65,00
"Motive SmartBridge"="C:\\PROGRA~1\\Verizon\\SMARTB~1\\MotiveSB.exe"
"HostManager"="C:\\Program Files\\Common Files\\AOL\\1141882642\\ee\\AOLSoftware.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\""
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"Microsoft Works Update Detection"="C:\\Program Files\\Common Files\\Microsoft Shared\\Works Shared\\WkUFind.exe"
"A Verizon App"="C:\\PROGRA~1\\VERIZO~1\\HELPSU~1\\VERIZO~1.EXE"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"VerizonServicepoint.exe"="C:\\Program Files\\Verizon\\Servicepoint\\VerizonServicepoint.exe"
"ViewpointPhotosDeviceConnect"="C:\\Program Files\\Common Files\\Viewpoint\\Toolbar Runtime\\3.7.0\\FotomatDeviceConnect.exe"
"Google Desktop Search"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
"SDR6_Check"="\"C:\\Program Files\\Common Files\\DriveCleaner 2006 Free\\udcsdr.exe\""
"PAS_Check"="\"C:\\Program Files\\Common Files\\DriveCleaner 2006 Free\\udcpas.exe\""
"ATIPTA"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\""
"AGEIA PhysX SysTray"="C:\\Program Files\\AGEIA Technologies\\TrayIcon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"appinit_dlls"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000000
"AllowLegacyWebView"=dword:00000001
"AllowUnhashedWebView"=dword:00000001

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter	REG_MULTI_SZ HTTPFilter\0\0
LocalService	REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService	REG_MULTI_SZ DnsCache\0\0
DcomLaunch	REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss	REG_MULTI_SZ RpcSs\0\0
imgsvc	REG_MULTI_SZ StiSvc\0\0
termsvcs	REG_MULTI_SZ TermService\0\0
WudfServiceGroup	REG_MULTI_SZ WUDFSvc\0\0

-- End of ComboScan: finished at 2007-02-28 at 20:00:14 -------------------------


----------



## illman (Nov 23, 2006)

ComboScan v20070226.18 run by HP_Administrator on 2007-02-28 at 19:57:15
Supplementary logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information -----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Pentium(R) 4 CPU 2.93GHz
CPU 1: Intel(R) Pentium(R) 4 CPU 2.93GHz
Percentage of Memory in Use: 67%
Physical Memory (total/avail): 959.36 MiB / 308.67 MiB
Pagefile Memory (total/avail): 2313.07 MiB / 1506.87 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1972.53 MiB

C: is Fixed (NTFS) - 140.53 GiB total, 98.66 GiB free. 
D: is Fixed (FAT32) - 8.5 GiB total, 1.13 GiB free. 
E: is CDROM (No Media)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)

-- Security Center --------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.

FW: Norton Internet Worm Protection v2006 (Symantec)
AV: Norton AntiVirus 2006 v2005 (Symantec Corporation)

-- Environment Variables --------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\HP_Administrator\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=GENIUS
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\HP_Administrator
LOGONSERVER=\\GENIUS
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem\;;C:\PROGRA~1\COMMON~1\MUVEET~1\030625;C:\PROGRA~1\COMMON~1\MUVEET~1\030625
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0409
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
SESSIONNAME=Console
SonicCentral=c:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp
USERDOMAIN=GENIUS
USERNAME=HP_Administrator
USERPROFILE=C:\Documents and Settings\HP_Administrator
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI

-- User Profiles ----------------------------------------------------------------

HP_Administrator _(admin)_
Ananda
Shah Alam
Ananda.GENIUS
Salma
Administrator _(admin)_

-- Add/Remove Programs ----------------------------------------------------------

--> C:\PROGRA~1\VERIZO~1\HELPSU~1\Uninstall.exe Verizon
--> C:\PROGRA~1\VERIZO~1\Uninstall.exe Verizon
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\Motive\Verizon\MCCUninst.exe
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00BF-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00C6-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00D1-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF03D9-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3D Billiards 1.36 --> "C:\Program Files\3D Billiards\unins000.exe"
3D Groove Playback Engine --> RunDll32 C:\WINDOWS\DOWNLO~1\GrooveAX.dll,[email protected]
Adobe Reader 7.0.9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
Adobe® Photoshop® Album Starter Edition 3.0 --> MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
AGEIA PhysX v2.3.3 --> "C:\Program Files\AGEIA Technologies\uninstall.exe"
Agere Systems PCI-SV92PP Soft Modem --> agrsmdel
AIM 6.0 --> C:\Program Files\AIM6\uninst.exe
Apple Software Update --> MsiExec.exe /I{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D}
Arcade Lines 1.77 --> "C:\Program Files\Arcade Lines\unins000.exe"
ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" 
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,[email protected] -force_restart -flags:0x2010001 -inf_classISPLAY -clean
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Battlefield 2(TM) Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8BECF123-B0EF-4E51-B7F3-923EFE15CC4A}\setup.exe" -l0x9 -removeonly
Battlefield 2142 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}\setup.exe" -l0x9 -removeonly
Big Money Deluxe 1.22 --> C:\Program Files\PopCap Games\Big Money Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Big Money Deluxe\Install.log"
BookWorm Deluxe 1.03 --> C:\Program Files\PopCap Games\BookWorm Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\BookWorm Deluxe\Install.log"
Bounce Out Blitz --> C:\PROGRA~1\GAMEHO~1\BOUNCE~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\BOUNCE~1\INSTALL.LOG
Bound Around (Demo) --> "C:\Program Files\BoundAround_Demo\unins000.exe"
BrickShooter --> C:\Program Files\BrickShooter\UnGins.exe "C:\Program Files\BrickShooter\install.log"
Cake Mania --> "C:\Program Files\MSN Games\Cake Mania\Uninstall.exe" "C:\Program Files\MSN Games\Cake Mania\install.log"
Cake Mania (remove only) --> "C:\Program Files\Yahoo! Games\Cake Mania\Uninstall.exe"
Candy Cruncher --> C:\PROGRA~1\GAMEHO~1\Candy\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\Candy\INSTALL.LOG
Caramba Deluxe --> C:\PROGRA~1\GAMEHO~1\CARAMB~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\CARAMB~1\INSTALL.LOG
Caribbean Mah Jong --> C:\PROGRA~1\GAMEHO~1\CARIBB~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\CARIBB~1\INSTALL.LOG
ccCommon --> MsiExec.exe /I{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB}
Chainz --> C:\PROGRA~1\GAMEHO~1\Chainz\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\Chainz\INSTALL.LOG
Circulate 1.07 --> "C:\Program Files\Circulate\unins000.exe"
Coffee House Chaos (remove only) --> "C:\Program Files\Valusoft\Coffee House Chaos\Uninstall.exe"
Collapse! Crunch --> C:\PROGRA~1\GAMEHO~1\COLLAP~2\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\COLLAP~2\INSTALL.LOG
Crystalix --> c:\Program Files\Alawar\Crystalix\uninstal.exe
Cubis Gold --> C:\PROGRA~1\FRESHG~1\CUBISG~1\UNWISE.EXE C:\PROGRA~1\FRESHG~1\CUBISG~1\INSTALL.LOG
Cubozoid --> "C:\Program Files\Cubozoid\ReflexiveArcade\unins000.exe"
Customer Experience Enhancement --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1033 
DDD Pool 1.2 --> C:\Program Files\Paprikari\DDD Pool\uninst.exe
Diamond Puzzle 1.0 --> "C:\Program Files\Diamond Puzzle\unins000.exe"
Diner Dash 2 --> "C:\Program Files\Diner Dash 2\unins000.exe"
DISCover --> "C:\Program Files\DISC\uninstall.exe"
DX-Ball 1.09 --> C:\PROGRA~1\DX-Ball\UNWISE.EXE C:\PROGRA~1\DX-Ball\INSTALL.LOG
Easy Internet Sign-up --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1033 
ebgcInfra --> MsiExec.exe /X{82ACA6FB-E81B-4C01-8D8F-B15ACD663E34}
ebgcRes --> MsiExec.exe /X{036EFE4B-F5D7-4CFD-A7FD-77D454EC9527}
ebgcRes --> MsiExec.exe /X{FA5A04AB-523F-4412-A284-A7F2FFD0711C}
ebgcSDK --> MsiExec.exe /X{4D60D0AC-E1E5-44A4-8C3F-516112AEC53F}
Fruits --> "C:\Program Files\Fruits\unins000.exe"
Funny Creatures v.2.13 --> C:\Program Files\Funny Creatures\uninst.exe
GameSpy Arcade --> C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
GdiplusUpgrade --> MsiExec.exe /I{5421155F-B033-49DB-9B33-8F80F233D4D5}
GemMaster Mystic --> "C:\Program Files\GemMaster\uninstallgemmaster.exe"
Ghost Recon Advanced Warfighter Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED48E5CA-34D8-4339-8276-5E95C261A94A}\setup.exe" -l0x9 
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar7.dll"
Google Video Player --> "C:\Program Files\Google\Google Video Player\Uninstall.exe"
Gutterball --> C:\WINDOWS\unvise32.exe C:\Skunk Studios\Gutterball\uninstal.log
Gutterball 2 --> C:\PROGRA~1\YAHOO!~1\GUTTER~1\UNWISE.EXE /U C:\PROGRA~1\YAHOO!~1\GUTTER~1\INSTALL.LOG
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HP Boot Optimizer --> C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe /uninstall
HP Deskjet Printer Preload --> MsiExec.exe /I{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}
HP DigitalMedia Archive --> MsiExec.exe /I{F80239D8-7811-4D5E-B033-0D0BBFE32920}
HP Document Viewer 5.3 --> C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Image Zone 5.3 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Image Zone for Media Center PC --> c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u
HP Imaging Device Functions 5.3 --> C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Cameras 5.0 --> C:\Program Files\HP\Digital Imaging\{C83A12B9-B31B-461A-BBD4-CE9B988094F1}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP PSC & OfficeJet 5.3.A --> "C:\Program Files\HP\Digital Imaging\{3E386744-10FA-44b2-98C9-DF7A270DECB3}\setup\hpzscr01.exe" -datfile hposcr06.dat
HP PSC & OfficeJet 5.3.B --> "C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP Software Update --> MsiExec.exe /X{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}
HP Solution Center & Imaging Support Tools 5.3 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Internet Worm Protection --> MsiExec.exe /I{2908F0CB-C1D4-447F-97A2-CFC135C9F8D4}
InterVideo WinDVD Player --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iTunes --> MsiExec.exe /I{446DBFFA-4088-48E3-8932-74316BA4CAE4}
J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
J2SE Runtime Environment 5.0 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050}
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Jarte --> "C:\Program Files\Jarte\unins000.exe"
Jewel Quest --> "C:\Program Files\Jewel Quest\unins000.exe"
Legend of Aladdin --> C:\PROGRA~1\GAMEHO~1\LEGEND~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\LEGEND~1\INSTALL.LOG
LimeWire 4.12.6 --> "C:\Program Files\LimeWire\uninstall.exe"
LiveUpdate 2.7 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Macromedia Flash Player 8 --> C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe
Macromedia Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Magic Ball 2 --> C:\Program Files\Alawar\Magic Ball 2\uninstal.exe
MapleStory --> MsiExec.exe /I{F99C5427-4D78-43E2-B97E-F4C4E622D612}
MathPlayer --> C:\Program Files\Design Science\MathPlayer\Setup.exe -u
Microsoft Away Mode --> 
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Halo Trial --> "C:\Program Files\Microsoft Games\Halo Trial\UNINSTAL.EXE" /runtemp /addremove
Microsoft Money 2005 --> C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
Microsoft Office 2003 Edition 60 Days Trial Welcome Tour --> MsiExec.exe /I{A01FC76F-CC09-4658-9E37-5C2F635EE708}
Microsoft Office Outlook Connector --> MsiExec.exe /I{8C25E29E-FC5D-44CD-A58C-5746AF303CF2}
Microsoft Office Standard Edition 2003 --> MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft Office XP Web Components --> MsiExec.exe /I{90260409-6000-11D3-8CFE-0150048383C9}
Microsoft Picture It! Express 9 --> C:\WINDOWS\system32\msiexec.exe /i {DBA8B9E1-C6FF-4624-9598-73D3B41A0900}
Microsoft Picture It! Library 9 --> C:\WINDOWS\system32\msiexec.exe /i {9F7FC79B-3059-4264-9450-39EB368E3220}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works --> MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
Mini Golf Championship (remove only) --> "C:\Program Files\Merscom\Mini Golf Championship\Uninstall.exe"
Mini Golf Gold Free Trial --> C:\PROGRA~1\MINIGO~1\UNWISE.EXE C:\PROGRA~1\MINIGO~1\INSTALL.LOG
Mini Golf Pro --> "C:\Program Files\Mini Golf Pro\ReflexiveArcade\unins000.exe"
Mozilla Firefox (2.0.0.2) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN --> C:\Program Files\MSN\MsnInstaller\msniadm.exe /Action:ARP
MSN Encarta Plus Support Files --> MsiExec.exe /I{00000000-785F-478A-BAA2-87F1A136068C}
MSN Messenger 7.5 --> MsiExec.exe /I{CEB3A11A-03EA-11DA-BFBD-00065BBDC0B5}
muvee autoProducer 4.5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7137AFD-4E43-47A6-BDC7-533808F72B36}\setup.exe" -l0x9 
muvee autoProducer unPlugged 1.2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DFB0FED6-0010-4E9B-A402-E513F2459161}\setup.exe" -l0x9 
Mystery Case Files - Prime Suspects (remove only) --> C:\Program Files\Mystery Case Files - Prime Suspects\Uninstall.exe
Mystery Case Files: Huntsville --> C:\PROGRA~1\GAMEHO~1\MYSTER~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\MYSTER~1\INSTALL.LOG
NAVShortcut --> MsiExec.exe /I{F325CF11-27CE-4872-8022-6E9EB27DF24F}
Netscape Browser (remove only) --> "C:\Program Files\Netscape\Netscape Browser\NSUninst.exe"
Norton AntiVirus 2006 --> MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B}
Norton AntiVirus 2006 (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{C6F5B6CF-609C-428E-876F-CA83176C021B}.exe" /X
Norton AntiVirus Help --> MsiExec.exe /I{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}
Norton AntiVirus Parent MSI --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton AntiVirus SYMLT MSI --> MsiExec.exe /I{D1FF75E7-DD42-4CFD-B052-20B3FFF4EDB8}
Norton Protection Center --> MsiExec.exe /I{82A5BF38-8461-4A5C-B2C9-24F5256D92A6}
Norton WMI Update --> MsiExec.exe /X{F64306A5-4C32-41bb-B153-53986527FAB4}
Otto --> "C:\Program Files\EnglishOtto\uninstallotto.exe"
Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
PC-Doctor 5 for Windows --> C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
Plaxo Toolbar for Outlook and Outlook Express --> C:\Program Files\Plaxo\2.12.1.1\uninstall.exe
PlayLinc --> MsiExec.exe /I{9CCE527D-356F-41A8-9718-77A68AC065FB}
Poker Pop --> C:\PROGRA~1\PLAYFI~1\POKERP~1\UNWISE.EXE C:\PROGRA~1\PLAYFI~1\POKERP~1\INSTALL.LOG
PS2 --> C:\WINDOWS\system32\ps2.exe uninstall
Puzzle Express --> C:\PROGRA~1\GAMEHO~1\PUZZLE~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\PUZZLE~1\INSTALL.LOG
Python 2.2 pywin32 extensions (build 203) --> "C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
QBz --> C:\PROGRA~1\GAMEHO~1\QBz\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\QBz\INSTALL.LOG
Quicken 2006 --> MsiExec.exe /X{2818095F-FB6C-42C8-827E-0A406CC9AFF5}
QuickTime --> MsiExec.exe /I{50D8FFDD-90CD-4859-841F-AA1961C7767A}
Real Bowling --> "C:\Program Files\Real Bowling\unins000.exe"
Real Pool --> "C:\Program Files\GameTop.com\Real Pool\unins000.exe"
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RtlUpd.exe -r
RegCure 1.0.0.43 --> C:\Program Files\RegCure\uninst.exe
RelevantKnowledge --> C:\windows\system32\rlvknlg.exe -bootremove -uninst:RelevantKnowledge
Remove IntelliMover Demo --> c:\hp\bin\cloaker.exe c:\hp\bin\commands.exe /c "C:\Program Files\IntelliMoverDemo\clean.bat"
Sandlot Games Client Services --> "C:\Program Files\Common Files\Sandlot Shared\unins000.exe"
SCRABBLE --> C:\PROGRA~1\GAMEHO~1\SCRABBLE\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\SCRABBLE\INSTALL.LOG
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Sky Bubbles Deluxe --> C:\Program Files\Alawar\Sky Bubbles Deluxe\uninstal.exe
Snowy Lunch Rush --> "C:\Program Files\Snowy Lunch Rush\unins000.exe"
Snowy. The Bear's Adventures --> C:\Program Files\Alawar\Snowy. The Bear's Adventures\uninstall.exe
Sonic Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus --> MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio --> MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy --> MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data --> MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SPBBC --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Splash --> C:\PROGRA~1\GAMEHO~1\Splash\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\Splash\INSTALL.LOG
StubbsDemo --> MsiExec.exe /I{2BA4670A-B3DD-45FA-AB4D-F98497F8E831}
Super Bounce Out! --> C:\PROGRA~1\GAMEHO~1\BOUNCE~2\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\BOUNCE~2\INSTALL.LOG
Super Collapse II --> "C:\Program Files\Super Collapse II\ReflexiveArcade\unins000.exe"
Super Collapse! 3 --> C:\PROGRA~1\GAMEHO~1\SUPERC~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\SUPERC~1\INSTALL.LOG
Super Collapse! II --> C:\PROGRA~1\GAMEHO~1\COLLAP~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\COLLAP~1\INSTALL.LOG
Super DX-Ball v1.00 --> "C:\Program Files\Super DX-Ball\unins000.exe"
Super Gem Drop --> C:\PROGRA~1\GAMEHO~1\GemDrop\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\GemDrop\INSTALL.LOG
Super Glinx! from GameHouse --> C:\PROGRA~1\GAMEHO~1\Glinx\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\Glinx\INSTALL.LOG
Super PileUp! from GameHouse --> C:\PROGRA~1\GAMEHO~1\PileUp\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\PileUp\INSTALL.LOG
Super Pool --> C:\PROGRA~1\GAMEHO~1\Pool\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\Pool\INSTALL.LOG
Super Pop'n'Fish version 1.0.1 --> "C:\Program Files\Ezone\Popnfish\unins000.exe"
Super Pop && Drop! --> C:\PROGRA~1\GAMEHO~1\PopDrop\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\PopDrop\INSTALL.LOG
Super TextTwist --> C:\PROGRA~1\GAMEHO~1\TEXTTW~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\TEXTTW~1\INSTALL.LOG
Symantec --> MsiExec.exe /I{228F6876-A313-40A3-91C0-C3CBE6997D09}
The Da Vinci Code (remove only) --> C:\Program Files\The Da Vinci Code\Uninstall.exe
TI Connect 1.6 --> MsiExec.exe /I{A8B94669-8654-4126-BD28-D0D2412CDED6}
Tropical Swaps --> C:\PROGRA~1\GAMEHO~1\TROPIC~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\TROPIC~1\INSTALL.LOG
Twistingo --> C:\PROGRA~1\GAMEHO~1\TWISTI~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\TWISTI~1\INSTALL.LOG
Update Rollup 2 for Windows XP Media Center Edition 2005 --> 
Updates from HP (remove only) --> C:\WINDOWS\HPCPCUninstall-9972322\HPBWSetup.exe -appid 9972322 -uninstall
URGE --> MsiExec.exe /I{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}
Verizon Broadband Toolbar --> C:\Program Files\VZBB Toolbar\Uninstall.exe
Verizon Online --> C:\WINDOWS\system32\VerizonUninstaller.exe
Verizon Online Help & Support --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF03E6-F17B-11D6-88EA-000476CD2443}\setup.exe" -l0x9 UNINSTALL -removeonly
Verizon Online Help and Support --> C:\PROGRA~1\Verizon\UNWISE.EXE C:\PROGRA~1\Verizon\INSTALL.LOG
Verizon PC Security Checkup --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{40ACEAF4-1EB2-45FC-90C3-6810700C0595} 
Verizon Servicepoint 1.3.21 --> "C:\Program Files\Verizon\Servicepoint\unins001.exe"
Viewpoint Manager (Remove Only) --> C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Viewpoint Toolbar --> C:\Program Files\Viewpoint\Viewpoint Toolbar\3.7.0\Uninstaller.exe /u /k /url "http://www.viewpoint.com/pub/uninstallcompleted.html"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766 --> "C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"

-- End of ComboScan: finished at 2007-02-28 at 20:00:14 -------------------------


----------



## Cookiegal (Aug 27, 2003)

Go to Control Panel - Add/Remove programs and remove:

*DriveCleaner 2006 Free (this is a rogue program)
J2SE Runtime Environment 5.0 Update 5
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
RelevantKnowledge
Viewpoint Manager 
Viewpoint Media 
Viewpoint Toolbar*

Can you give me a summary of what problems remain please.


----------



## illman (Nov 23, 2006)

I have removed all these problems. There are no more problems to remove.  
What do you think I should do now?


----------



## Cookiegal (Aug 27, 2003)

I asked you to give me a summary of what problems remain please.


----------



## illman (Nov 23, 2006)

What do you mean by "summary of what problems remain"? I don't understand.


----------



## Cookiegal (Aug 27, 2003)

What problems are you having with your computer?


----------



## illman (Nov 23, 2006)

When I click on maplestory, the same runtime error comes up. What should I do now?


----------



## Cookiegal (Aug 27, 2003)

It seems many people are having that problem and no one has been able to come up with a solution that I'm aware of so there's nothing more that I can do, unfortunately.


----------



## illman (Nov 23, 2006)

Ok then there's no problem. Thank you for all the help and actually TRYING to help me. It's not a sad thing but it's still ok.


----------



## Cookiegal (Aug 27, 2003)

You're welcome. 

Now you should turn system restore off to flush out all previous system restore points, then turn it back on and create a new restore point:

To turn off system restore, on the Desktop, right click on *My Computer* and click on *Properties.*
Click the *System Restore* tab.
Check *Turn off System Restore.*
Click Apply and then click OK.

Restart your computer, turn System Restore back on and create a restore point.

To create a new restore point, click on *Start*  *All Programs*  *Accessories*  *System Tools* and then select *System Restore*.

In the System Restore wizard, select *Create a restore point* and click the Next button.

Type a name for your new restore point then click on Create.

I also recommend downloading  *SPYWAREBLASTER* for added protection.

*Read here* for info on how to tighten your security.

*Delete your temporary files:*

In safe mode navigate to the C:\Windows\Temp folder. Open the Temp folder and go to Edit - Select All then Edit - Delete to delete the entire contents of the Temp folder.

Go to Start - Run and type *%temp%* in the Run box. The Temp folder will open. Click *Edit - Select All* then hit *Delete* to delete the entire contents of the Temp folder.

Finally go to Control Panel - Internet Options. On the General tab under "Temporary Internet Files" Click "Delete Files". Put a check by "Delete Offline Content" and click OK (this option does not exist in IE7). Click Apply then OK.

*Empty the recycle bin*.


----------



## supersmulexD (Jun 28, 2008)

hhh


----------



## supersmulexD (Jun 28, 2008)

common wtf no one is hella logg in or give me a soloution wtf!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!


----------



## eddie5659 (Mar 19, 2001)

I moved your thread here, and replied, as did another person:

http://forums.techguy.org/games/725998-maplestory-errors.html

Please reply to that thread, and not this one, as this one is over a year old.

eddie


----------

