Jump to content

andybigfoot2

Members
  • Content Count

    26
  • Joined

  • Last visited

About andybigfoot2

  • Rank
    Member
  1. Ok, thanks lol. It simpler than I thought.
  2. Well, thank you. I really appreciate your assistance. It was weird, when IE was running always, I got nervous because it never happened before. Now, my computer is running my better. Thanks again.
  3. Oh ok. Is there a way to use the wire from a tv? Or do I have to have the original source from the modem or where ever it originates.
  4. inst.exe;C:\Documents and Settings\All Users\Application Data\AOL Downloads\AIMSUD338;Probably BACKDOOR.Trojan;Incurable.Moved.; inst.exe;C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4024;Probably BACKDOOR.Trojan;Incurable.Moved.; setup.exe;C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4131;Probably BACKDOOR.Trojan;Incurable.Moved.; setup.exe;C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_2.0.2.2;Probably BACKDOOR.Trojan;Incurable.Moved.; inst.exe;C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_2.2.71.1;Probably BACKDOOR.Trojan;Incurable.Moved.; Process.exe;C:\Documents and Settings\Andrew F\Desktop\Security\SmitfraudFix\SmitfraudFix;Tool.Prockill;Incurable.Moved.; restart.exe;C:\Documents and Settings\Andrew F\Desktop\Security\SmitfraudFix\SmitfraudFix;Tool.ShutDown.11;Incurable.Moved.; qdiagd.ocx;C:\Program Files\DellSupport;Probably DLOADER.Trojan;Incurable.Moved.; Process.exe;C:\WINDOWS\system32;Tool.Prockill;Incurable.Moved.;
  5. My friend suggested that if IE is running all the time, then delete it and use firefox, then continue with your instructions. And btw, you have no idea how much I apreciate this.
  6. Logfile of HijackThis v1.99.1 Scan saved at 04:01:15 AM, on 06/22/07 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe C:\WINDOWS\ehome\mcrdsvc.exe C:\Program Files\Windows Media Player\WMPNetwk.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Windows Defender\MSASCui.exe C:\DOCUME~1\ANDREW~1\LOCALS~1\Temp\clclean.0001 C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Program Files\Messenger\msmsgs.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.break.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [intelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1137607460546 O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540001} - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing) O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing) DrWeb log: inst.exe;C:\Documents and Settings\All Users\Application Data\AOL Downloads\AIMSUD338;Probably BACKDOOR.Trojan;; inst.exe;C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4024;Probably BACKDOOR.Trojan;; setup.exe;C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4131;Probably BACKDOOR.Trojan;; setup.exe;C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_2.0.2.2;Probably BACKDOOR.Trojan;; inst.exe;C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install_2.2.71.1;Probably BACKDOOR.Trojan;; 3 Months Free NetZero.exe;C:\Documents and Settings\All Users\Start Menu;Trojan.Click.1487;Deleted.; Process.exe;C:\Documents and Settings\Andrew F\Desktop\Security\SmitfraudFix\SmitfraudFix;Tool.Prockill;; restart.exe;C:\Documents and Settings\Andrew F\Desktop\Security\SmitfraudFix\SmitfraudFix;Tool.ShutDown.11;; qdiagd.ocx;C:\Program Files\DellSupport;Probably DLOADER.Trojan;; A0431758.exe;C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP839;Trojan.Click.1487;Deleted.; Process.exe;C:\WINDOWS\system32;Tool.Prockill;;
  7. Sorry to double post but I still am trying to figure out wether it is possible to get cable channels wirelessly.
  8. I deleted total video converter. But IExplorer is still always running taking up 3000k to 7000k of memory.
  9. ComboFix 07-06-18.2 - C:\Program Files\Stuff\ComboFix.exe "Andrew F" - 2007-06-20 10:56:00 - Service Pack 2 NTFS ((((((((((((((((((((((((( Files Created from 2007-05-20 to 2007-06-20 ))))))))))))))))))))))))))))))) 2007-06-20 00:28 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-06-19 21:00 <DIR> d-------- C:\Program Files\AutoCAD 2008 2007-06-19 21:00 <DIR> d-------- C:\DOCUME~1\ANDREW~1\APPLIC~1\Autodesk 2007-06-19 21:00 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk 2007-06-19 20:59 <DIR> d-------- C:\Program Files\Common Files\Autodesk Shared 2007-06-19 20:59 <DIR> d-------- C:\Program Files\Autodesk 2007-06-19 20:27 <DIR> d-------- C:\Program Files\PowerISO 2007-06-19 15:55 0 --a------ C:\WINDOWS\system32\sfsync02.dll 2007-06-19 15:46 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-19 15:04 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft 2007-06-05 00:23 421,044 --ahs---- C:\WINDOWS\system32\klog.dat 2007-06-05 00:23 22,040 --a------ C:\DOCUME~1\ANDREW~1\APPLIC~1\addon.dat 2007-06-05 00:23 1,248,363 --a------ C:\WINDOWS\system32\svhost.exe 2007-06-04 18:10 78,848 --a------ C:\WINDOWS\system32\drivers\SSHDRV85.sys 2007-06-04 17:42 120,320 --a------ C:\WINDOWS\system32\drivers\SSHDRV65.sys 2007-06-03 23:54 132,429 --a------ C:\WINDOWS\unstall.exe 2007-06-03 01:56 98,304 --a------ C:\WINDOWS\system32\msir3jp.dll 2007-06-03 01:56 838,144 --a------ C:\WINDOWS\system32\chtbrkr.dll 2007-06-03 01:56 70,656 --a------ C:\WINDOWS\system32\korwbrkr.dll 2007-06-03 01:56 6,144 --a------ C:\WINDOWS\system32\kbd101a.dll 2007-06-03 01:56 218,112 --a------ C:\WINDOWS\system32\c_g18030.dll 2007-06-03 01:56 1,677,824 --a------ C:\WINDOWS\system32\chsbrkr.dll 2007-06-03 01:55 9,216 --a------ C:\WINDOWS\system32\kbdnecAT.dll 2007-06-03 01:55 7,680 --a------ C:\WINDOWS\system32\kbdnecNT.dll 2007-06-03 01:55 7,168 --a------ C:\WINDOWS\system32\kbdnec95.dll 2007-06-03 01:55 7,168 --a------ C:\WINDOWS\system32\kbdibm02.dll 2007-06-03 01:55 7,168 --a------ C:\WINDOWS\system32\f3ahvoas.dll 2007-06-03 01:55 6,656 --a------ C:\WINDOWS\system32\kbdlk41a.dll 2007-06-03 01:55 6,144 --a------ C:\WINDOWS\system32\kbdlk41j.dll 2007-06-03 01:55 6,144 --a------ C:\WINDOWS\system32\kbdax2.dll 2007-06-03 01:55 6,144 --a------ C:\WINDOWS\system32\kbd106n.dll 2007-06-03 01:55 6,144 --a------ C:\WINDOWS\system32\kbd101.dll 2007-05-30 18:05 <DIR> d-------- C:\Program Files\Common Files\Viewpoint 2007-05-30 18:05 <DIR> d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\Google 2007-05-28 01:14 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\BetZip (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-20 06:13:14 -------- d-----w C:\Program Files\Common Files\Symantec Shared 2007-06-20 05:38:44 -------- d-----w C:\Program Files\Total Video Converter 2007-06-20 01:25:37 -------- d-----w C:\Program Files\Stuff 2007-06-20 00:54:56 -------- d-----w C:\DOCUME~1\ANDREW~1\APPLIC~1\uTorrent 2007-06-19 23:09:37 -------- d-----w C:\Program Files\MSECACHE 2007-06-19 22:45:54 -------- d-----w C:\Program Files\Viewpoint 2007-06-19 21:31:45 -------- d-----w C:\Program Files\CureROM 2007-06-19 18:35:35 -------- d--h--w C:\Program Files\InstallShield Installation Information 2007-06-19 18:35:28 -------- d-----w C:\Program Files\games 2007-06-19 18:26:35 -------- d-----w C:\Program Files\Steam 2007-06-05 05:01:07 -------- d-----w C:\Program Files\Norton AntiVirus 2007-06-02 18:18:34 -------- d-----w C:\Program Files\AIM6 2007-05-28 05:14:09 -------- d-----w C:\Program Files\BetZip 2007-05-17 23:16:45 -------- d-----w C:\DOCUME~1\ANDREW~1\APPLIC~1\WinRAR 2007-05-17 22:31:57 108,144 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll 2007-05-06 05:49:21 -------- d--h--r C:\DOCUME~1\ANDREW~1\APPLIC~1\SecuROM 2007-05-05 18:52:40 -------- d-----w C:\Program Files\Common Files\AOL 2007-05-05 15:55:04 -------- d-----w C:\Program Files\Bonjour 2007-05-05 15:43:24 -------- d-----w C:\Program Files\Common Files\Macrovision Shared 2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll 2007-04-22 06:39:10 108,544 ------w C:\WINDOWS\system32\pxcpyi64.exe 2007-04-22 06:39:09 20,640 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys 2007-04-22 06:39:09 109,568 ------w C:\WINDOWS\system32\pxinsi64.exe 2007-04-19 17:26:00 888,832 ----a-w C:\WINDOWS\system32\nvmobls.dll 2007-04-19 17:26:00 86,016 ----a-w C:\WINDOWS\system32\nvmctray.dll 2007-04-19 17:26:00 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll 2007-04-19 17:26:00 794,624 ----a-w C:\WINDOWS\system32\nvcplui.exe 2007-04-19 17:26:00 7,700,480 ----a-w C:\WINDOWS\system32\nvcpl.dll 2007-04-19 17:26:00 581,632 ----a-w C:\WINDOWS\system32\nvhwvid.dll 2007-04-19 17:26:00 5,644,288 ----a-w C:\WINDOWS\system32\nvoglnt.dll 2007-04-19 17:26:00 5,619,712 ----a-w C:\WINDOWS\system32\nvdisps.dll 2007-04-19 17:26:00 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll 2007-04-19 17:26:00 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll 2007-04-19 17:26:00 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe 2007-04-19 17:26:00 425,984 ----a-w C:\WINDOWS\system32\keystone.exe 2007-04-19 17:26:00 4,543,616 ----a-w C:\WINDOWS\system32\nv4_disp.dll 2007-04-19 17:26:00 35,840 ----a-w C:\WINDOWS\system32\nvcodins.dll 2007-04-19 17:26:00 35,840 ----a-w C:\WINDOWS\system32\nvcod.dll 2007-04-19 17:26:00 311,296 ----a-w C:\WINDOWS\system32\nvexpbar.dll 2007-04-19 17:26:00 3,035,136 ----a-w C:\WINDOWS\system32\nvgames.dll 2007-04-19 17:26:00 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll 2007-04-19 17:26:00 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll 2007-04-19 17:26:00 212,992 ----a-w C:\WINDOWS\system32\nvapi.dll 2007-04-19 17:26:00 2,924,544 ----a-w C:\WINDOWS\system32\nvvitvs.dll 2007-04-19 17:26:00 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll 2007-04-19 17:26:00 159,810 ----a-w C:\WINDOWS\system32\nvsvc32.exe 2007-04-19 17:26:00 147,456 ----a-w C:\WINDOWS\system32\nvcolor.exe 2007-04-19 17:26:00 1,703,936 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll 2007-04-19 17:26:00 1,626,112 ----a-w C:\WINDOWS\system32\nwiz.exe 2007-04-19 17:26:00 1,474,560 ----a-w C:\WINDOWS\system32\nview.dll 2007-04-19 17:26:00 1,339,392 ----a-w C:\WINDOWS\system32\nvdspsch.exe 2007-04-19 17:26:00 1,236,992 ----a-w C:\WINDOWS\system32\nvwss.dll 2007-04-19 17:26:00 1,019,904 ----a-w C:\WINDOWS\system32\nvwimg.dll 2007-04-19 17:26:00 1,011,712 ----a-w C:\WINDOWS\system32\nvcpluir.dll 2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-04-17 02:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll 2007-04-17 02:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll 2007-04-17 02:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll 2007-04-17 02:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll 2007-04-17 02:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll 2007-04-17 02:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-04-17 02:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe 2007-04-17 02:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll 2007-04-17 02:29:41 48,776 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL 2007-04-13 17:31:03 103,984 ----a-w C:\WINDOWS\system32\AOLDial.dll 2007-04-01 03:17:19 98,304 ----a-w C:\WINDOWS\system32CmdLineExt.dll 2007-03-28 22:51:54 538,256 ----a-w C:\WINDOWS\system32\SymNeti.dll 2007-03-28 22:51:52 161,424 ----a-w C:\WINDOWS\system32\SymRedir.dll 2007-03-25 19:34:16 200 ----a-w C:\WINDOWS\AUDC70UI.dat 2007-03-22 00:54:16 77,312 ----a-w C:\WINDOWS\system32\TWAIN_32.DLL 2007-03-22 00:54:16 69,632 ----a-w C:\WINDOWS\system32\TWUNK_32.EXE 2007-03-22 00:54:16 48,560 ----a-w C:\WINDOWS\system32\TWUNK_16.EXE 2007-01-18 04:58:43 56 --sh--r C:\WINDOWS\system32\0C9A8A2A4D.sys 2005-06-22 06:37:42 45,568 --sha-r C:\WINDOWS\system32\cygz.dll 2007-01-18 04:58:43 1,682 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-23 21:12] {53707962-6F74-2D53-2644-206D7942484F}=C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 02:04] {5CA3D70E-1895-11CF-8E15-001234567890}=C:\WINDOWS\system32\dla\tfswshx.dll [2005-05-31 06:33] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] {A8F38D8D-E480-4D52-B7A2-731BB6995FDD}=C:\Program Files\Norton AntiVirus\NavShExt.dll [2006-02-05 01:03] {AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar5.dll [2007-01-20 00:55] {CA6319C0-31B7-401E-A518-A07C3DB8F777}=c:\Program Files\GoogleAFE\GoogleAE.dll [2005-12-08 16:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 09:56] "IntelMeM"="C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-03 22:12] "CTSysVol"="C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-09-15 11:47] "MBMon"="CTMBHA.DLL" [2005-05-19 10:54 C:\WINDOWS\system32\CTMBHA.DLL] "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 12:44] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 12:44] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-22 22:19] "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 18:30] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 07:00] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 21:05] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoRecentDocsHistory"=0 (0x0) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-05-30 08:29] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk] backup=C:\WINDOWS\pss\America Online 9.0 Tray Icon.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk] backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk] backup=C:\WINDOWS\pss\QuickBooks Update Agent.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad Muncher] C:\Program Files\Ad Muncher\AdMunch.exe /bt [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray] C:\WINDOWS\ehome\ehtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager] C:\Program Files\Common Files\AOL\1137713107\ee\AOLSoftware.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPHSend] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iRiver AutoDB] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iRiver Updater] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\loaddr] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvVideoCenter] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pdfSaver3] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RapidCheck] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefaultMIDI] MIDIDef.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\shell] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp] stsystra.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoiceCenter] "C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" /tray [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "iPod Service"=3 (0x3) "AOL ACS"=2 (0x2) "AdobeActiveFileMonitor5.0"=2 (0x2) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}] AutoRun\command- E:\setup.exe *Newly Created Service* - GTNDIS5 Contents of the 'Scheduled Tasks' folder 2007-06-20 05:52:22 C:\WINDOWS\tasks\MP Scheduled Scan.job 2007-06-09 15:18:08 C:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - Andrew F.job ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-20 11:01:34 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ************************************************************************** Completion time: 2007-06-20 11:03:06 C:\ComboFix-quarantined-files.txt ... 2007-06-20 11:02 C:\ComboFix2.txt ... 2007-06-19 16:08 --- E O F --- Logfile of HijackThis v1.99.1 Scan saved at 10:53:54 AM, on 06/20/07 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\wanmpsvc.exe C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe C:\WINDOWS\ehome\mcrdsvc.exe C:\Program Files\Windows Media Player\WMPNetwk.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\alg.exe C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.break.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [intelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1137607460546 O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540001} - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing) O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)
  10. I did another scan in normal boot mode and this came up. --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 09:04:03 AM 06/20/07 + Scan result: C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP836\A0427566.exe -> Backdoor.Bifrose.aas : Cleaned. C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP836\A0427567.exe -> Backdoor.Bifrose.aas : Cleaned. C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP836\A0427565.exe -> Dropper.VB.on : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@premiumtv.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@3.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@realmedia[2].txt -> TrackingCookie.Realmedia : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned. ::Report end
  11. --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 01:43:21 AM 06/20/07 + Scan result: C:\Program Files\Stuff\Total_Video_Converter_3.02\Total Video Converter 3.02\Crack\Patch.exe -> Backdoor.Bifrose.aas : Cleaned. C:\Program Files\Total Video Converter\Patch.exe -> Backdoor.Bifrose.aas : Cleaned. C:\Program Files\server_AV Devil.exe -> Dropper.VB.on : Cleaned. C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP825\A0426186.exe -> Dropper.VB.on : Cleaned. C:\Documents and Settings\Andrew F\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-25df0b80-2c8353ef.zip/Gummy.class -> Not-A-Virus.Exploit.ByteVerify : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned. :mozilla.40:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.6:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.7:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.8:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.9:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@heavycom.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. :mozilla.10:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.11:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@2.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@3.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@4.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.129:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.130:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.131:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.134:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Adobe : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@cz7.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@vip.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@vip2.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@com[1].txt -> TrackingCookie.Com : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned. :mozilla.46:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned. :mozilla.47:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@overture[1].txt -> TrackingCookie.Overture : Cleaned. :mozilla.137:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Paypal : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@www.paypal[1].txt -> TrackingCookie.Paypal : Cleaned. :mozilla.14:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.15:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.16:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.17:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.18:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.68:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.69:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.80:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@realmedia[1].txt -> TrackingCookie.Realmedia : Cleaned. :mozilla.81:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.82:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.83:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.84:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@revsci[2].txt -> TrackingCookie.Revsci : Cleaned. :mozilla.32:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned. :mozilla.33:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned. :mozilla.34:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned. :mozilla.92:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.93:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.94:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.95:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.96:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@toplist[1].txt -> TrackingCookie.Toplist : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.99:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.124:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned. C:\Documents and Settings\Andrew F\Cookies\andrew_f@yadro[1].txt -> TrackingCookie.Yadro : Cleaned. :mozilla.112:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.113:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.114:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.115:C:\Documents and Settings\Andrew F\Application Data\Mozilla\Firefox\Profiles\9n9bchd6.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. ::Report end
×
×
  • Create New...