Help - Search - Members - Calendar
Full Version: Help please antivermins
Lavasoft Support Forums > Archived Topics > Archives: Resolved/Inactive Topics > Resolved/Inactive General Support Issues
Kerry
Feb 5 2007, 06:23 PM
Hello i had antivermins on my pc i think i managed to get rid of it, but there is still a yellow sheild saying there are updated for my pc here is the hijack this logfile.

Logfile of HijackThis v1.99.1
Scan saved at 17:10:25, on 05/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
C:\Program Files\Creative\WebCam Control\CamTray.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_SICN03.EXE
C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Kerry\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.co.uk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Orange UK
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;<local>
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Orange - {4E7BD74F-2B8D-469E-A1FB-F862B587B57D} - C:\PROGRA~1\orange3\orange3.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar3.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5_0_2_6.dll (file missing)
O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - C:\Program Files\McAfee\McAfee VirusScan\VSCShellExtension.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\en-gb\msntb.dll (file missing)
O3 - Toolbar: Orange - {4E7BD74F-2B8D-469E-A1FB-F862B587B57D} - C:\PROGRA~1\orange3\orange3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar3.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [McAfee Guardian] "C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScanMSC] "C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe" /EMBEDDING
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [InfoPenMSN] C:\Program Files\InfoKing\InfoPenMSN\Pro\InfoPenIM.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\WebCam Control\CamTray.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: orange search - file://C:\Program Files\ORANGE3\Cache\SelectedContextSearch.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.orange.co.uk
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab27571.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1130596536250
O16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165616315093
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/...ymmapi_0727.dll
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...283/mcfscan.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVSync Manager (AvSynMgr) - Network Associates, Inc. - C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
O23 - Service: ewido security suite control - Unknown owner - C:\Documents and Settings\Steven Mckenzie\Desktop\security suite\ewidoctrl.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Firewall - Unknown owner - C:\Program Files\McAfee\McAfee Firewall\CPD.EXE" /SERVICE (file missing)
O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Any ideas?
HJThis
Feb 5 2007, 11:36 PM
Hello,Kerry & Welcome

First are you running two Anti-Virus scanners if so this is a bad idea
it will start all types of problme one being that it may slow down the PC
big time. so please remove all of them but the one you like best then
just keep it updated.

----------------------

MessengerPlus3 comes with a budled adware program, called Lop. I recommed you unninstall MessengerPlus3(start>control panel>add/remove programs > search and uninstall Messenger plus3)
If you really need to use it, I suggest you reinstall it without the Sponsor Program.

During the uninstall you will get a little window as in the example here: http://www.msgplus.net/images/sponsor_uninstall.jpg
If you can't find that window, look in your taskbar. Type the code you'll see in that window and click uninstall.
When finished, reboot your system.

----------------------

Download SmitfraudFix (by S!Ri) to your Desktop.
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Extract all the files to your Destop. A folder named SmitfraudFix will be created on your Desktop.

Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press Enter
This program will scan large amounts of files on your computer for known patterns so please be patient while it works. When it is done, the results of the scan will be displayed and it will create a log named rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please post that log in your next reply.

Please do not run any other options until you are asked to do so.


Gogo wink.gif
Kerry
Feb 6 2007, 01:21 PM
Hello, i tried to uninstall Mcafee through add/ remove and i got 2 errors, "Internal Error 2715.F7100_MfldrRes.dll, then Fatal error during installation."

Plus here is the log u asked for:

SmitFraudFix v2.138

Scan done at 12:28:50.68, 06/02/2007
Run from C:\Documents and Settings\Steven Mckenzie\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Steven Mckenzie


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Steven Mckenzie\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\STEVEN~1\FAVORI~1


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components



»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32


»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End
HJThis
Feb 7 2007, 06:50 AM
Hi,Kerry

Please see if this is any help to you do this only if you are sure


Download and run the McAfee Consumer Products Removal tool (MCPR.exe).
Running the McAfee Consumer Product Removal tool (MCPR.exe) removes all 2005, 2006, and 2007 versions of McAfee consumer products.
  • McAfee Security Center
  • McAfee VirusScan
  • McAfee Personal Firewall Plus
  • McAfee Privacy Service
  • McAfee SpamKiller
  • McAfee Wireless Network Security
  • McAfee SiteAdvisor
  • McAfee Data Backup
  • McAfee Network Manager
  • McAfee Easy Network
  • McAfee AntiSpyware
Download the removal tool from http://download.mcafee.com/products/licens...atches/MCPR.exe
  • Click Save and save the file to any folder on the computer.
  • Navigate to the folder where the file is saved.
  • Double-click MCPR.exe.
  • Click Run. A Command Line window will be displayed, and then close automatically. Wait for a second Command Line window to be displayed.
    Note: Do not double-click MCPR.exe again, you may have to wait up to 1 minute for the next window to appear.
    After the second window appears, the program will begin the cleanup.
  • Observe the installation, which could take several minutes. The following message will be displayed in the Command Line window:
    The machine must reboot to complete the un-installation. Reboot now? [y.n]
  • Press Y on the keyboard.
  • Wait for the computer to restart.
All McAfee products are now removed from your computer.
These McAfee removal instructions can be found at http://ts.mcafeehelp.com/faq3.asp?docid=408302

----------------

Then run this tool here for me

Please download ComboFix and save it to your desktop.

Double click combofix.exe and follow the prompts.

When it's done running it will produce a log for you. Please post that log in your next reply.

Important Note - Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

-----------------

And come back here with a new HijackThis logfile and the ComboFix log


-----------------

@ Ostrovski

Please don't post in someone else's Topic start your own, i will now delete your logfile.


Gogo wink.gif
Kerry
Feb 7 2007, 11:10 AM
I still can not get rid of mcafee i sat watching the pc for 15 mins for the second screen which never appeared.

Here is my Hijack this log:

Logfile of HijackThis v1.99.1
Scan saved at 10:21:33, on 07/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
C:\Program Files\Creative\WebCam Control\CamTray.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_SICN03.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Kerry\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.co.uk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Orange UK
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;<local>
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Orange - {4E7BD74F-2B8D-469E-A1FB-F862B587B57D} - C:\PROGRA~1\orange3\orange3.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar3.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5_0_2_6.dll (file missing)
O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - C:\Program Files\McAfee\McAfee VirusScan\VSCShellExtension.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\en-gb\msntb.dll (file missing)
O3 - Toolbar: Orange - {4E7BD74F-2B8D-469E-A1FB-F862B587B57D} - C:\PROGRA~1\orange3\orange3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar3.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [McAfee Guardian] "C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScanMSC] "C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe" /EMBEDDING
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [InfoPenMSN] C:\Program Files\InfoKing\InfoPenMSN\Pro\InfoPenIM.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\WebCam Control\CamTray.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: orange search - file://C:\Program Files\ORANGE3\Cache\SelectedContextSearch.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.orange.co.uk
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab27571.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1130596536250
O16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165616315093
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/...ymmapi_0727.dll
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...283/mcfscan.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVSync Manager (AvSynMgr) - Network Associates, Inc. - C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
O23 - Service: ewido security suite control - Unknown owner - C:\Documents and Settings\Steven Mckenzie\Desktop\security suite\ewidoctrl.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Firewall - Unknown owner - C:\Program Files\McAfee\McAfee Firewall\CPD.EXE" /SERVICE (file missing)
O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

___________________________________________________________________________

Here is the combofix one:

"Kerry" - 07-02-07 10:05:46 Service Pack 2
ComboFix 07-02-07 - Running from: "C:\Documents and Settings\Kerry\Desktop"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Documents and Settings\All Users\Documents\setup.exe


((((((((((((((((((((((((((((((( Files Created from 2007-01-07 to 2007-02-07 ))))))))))))))))))))))))))))))))))


2007-02-05 15:45 3,298 --a------ C:\WINDOWS\system32\tmp.reg
2007-02-04 22:21 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-02-04 16:45 <DIR> d-------- C:\9689990b2c84728637a89dd632649d
2007-02-04 16:02 127,208 --a------ C:\WINDOWS\system32\mucltui.dll
2007-01-26 13:29 52,272 --a------ C:\WINDOWS\googletoolbar3user.exe
2007-01-26 13:29 2,403,392 -ra------ C:\WINDOWS\GoogleToolbar3.dll
2007-01-23 17:12 <DIR> d-------- C:\DOCUME~1\Kerry\Application Data\Adobe
2007-01-23 17:11 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Adobe
2007-01-21 21:10 <DIR> d-------- C:\DOCUME~1\Kerry\Shared
2007-01-21 21:10 <DIR> d-------- C:\DOCUME~1\Kerry\Incomplete
2007-01-21 21:08 <DIR> d-------- C:\Program Files\LimeWire
2007-01-21 21:08 <DIR> d-------- C:\Program Files\Java
2007-01-21 21:08 <DIR> d-------- C:\Program Files\Common Files\Java
2007-01-21 21:03 <DIR> d-------- C:\DOCUME~1\Kerry\.limewire
2007-01-21 13:23 <DIR> d-------- C:\DOCUME~1\Kerry\Application Data\HP
2007-01-21 13:22 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\HP
2007-01-21 13:19 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Sonic
2007-01-21 13:18 <DIR> d-------- C:\Program Files\Common Files\Sonic Shared
2007-01-21 13:13 <DIR> d-------- C:\Program Files\Common Files\HP
2007-01-21 13:11 <DIR> d-------- C:\Program Files\Hewlett-Packard
2007-01-21 13:10 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard
2007-01-21 13:09 77,824 -ra------ C:\WINDOWS\system32\HPZIDS01.dll
2007-01-21 13:09 49,664 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
2007-01-21 13:09 38,400 --a------ C:\WINDOWS\system32\hpz3l054.dll
2007-01-21 13:09 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2007-01-21 13:08 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
2007-01-21 13:08 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe
2007-01-21 13:08 65,536 --a------ C:\WINDOWS\system32\HPZinw12.exe
2007-01-21 13:08 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
2007-01-21 13:08 282,680 --a------ C:\WINDOWS\system32\HPZidr12.dll
2007-01-21 13:08 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
2007-01-21 13:08 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2007-01-21 13:06 <DIR> d-------- C:\Program Files\HP
2007-01-21 13:00 117,120 --a------ C:\WINDOWS\hpoins11.dat
2007-01-21 12:58 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-01-21 12:50 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2007-01-07 19:46 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Firefly Studios
2007-01-07 19:45 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2007-01-07 19:44 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-01-07 19:35 <DIR> d-------- C:\Program Files\Firefly Studios


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-02-05 21:51 -------- d-------- C:\Program Files\xoftspy
2007-02-05 21:24 -------- d--h----- C:\Program Files\installshield installation information
2007-02-05 15:22 -------- d-------- C:\Program Files\messenger plus! 3
2007-02-04 22:21 -------- d-------- C:\Program Files\grisoft
2007-02-04 16:46 -------- d-------- C:\Program Files\messenger
2007-02-04 16:02 -------- d--h----- C:\Program Files\windowsupdate
2007-01-26 13:29 -------- d-------- C:\Program Files\google
2007-01-23 17:12 -------- d-------- C:\Program Files\Common Files\adobe
2006-12-25 22:32 -------- d-------- C:\Program Files\ea sports
2006-12-20 11:41 816672 --a------ C:\WINDOWS\system32\drivers\avg7core.sys
2006-12-20 11:41 4960 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys
2006-12-20 11:41 4224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys
2006-12-20 11:41 3968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys
2006-12-20 11:41 28416 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys
2006-12-20 11:41 18240 --a------ C:\WINDOWS\system32\drivers\avgmfx86.sys
2006-12-09 12:07 -------- d-------- C:\Program Files\windows media connect 2
2006-12-09 12:00 -------- d---s---- C:\DOCUME~1\Kerry\Application Data\microsoft
2006-12-09 01:01 -------- d-------- C:\Program Files\movie maker
2006-12-09 00:50 -------- d-------- C:\Program Files\windows nt
2006-12-08 22:11 25755448 --a------ C:\Program Files\wmp11-windowsxp-x86-enu.exe
2006-11-21 17:00 81920 --a------ C:\WINDOWS\system32\w32n50.dll
2006-11-21 17:00 17134 --a------ C:\WINDOWS\system32\pcandis5.sys
2006-11-20 20:04 278528 --a------ C:\Program Files\Common Files\fdeuninstaller.exe
2006-11-20 19:59 44544 --a------ C:\WINDOWS\system32\msxml4a.dll
2006-11-08 05:06 679424 --a------ C:\WINDOWS\system32\inetcomm.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SoundMan"="SOUNDMAN.EXE"
"WorksFUD"="C:\\Program Files\\Microsoft Works\\wkfud.exe"
"Microsoft Works Portfolio"="C:\\Program Files\\Microsoft Works\\WksSb.exe /AllUsers"
"Microsoft Works Update Detection"="C:\\Program Files\\Microsoft Works\\WkDetect.exe"
"NeroCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"McAfee Guardian"="\"C:\\Program Files\\McAfee\\McAfee Shared Components\\Guardian\\CMGrdian.exe\" /SU"
"NvCplDaemon"="RUNDLL32.EXE NvQTwk,NvCplDaemon initialize"
"MCUpdateExe"="C:\\PROGRA~1\\McAfee.com\\Agent\\McUpdate.exe"
"VirusScanMSC"="\"C:\\Program Files\\McAfee\\McAfee VirusScan\\VsStat.exe\" /EMBEDDING"
"MessengerPlus3"="\"C:\\Program Files\\Messenger Plus! 3\\MsgPlus.exe\""
"InfoPenMSN"="C:\\Program Files\\InfoKing\\InfoPenMSN\\Pro\\InfoPenIM.exe"
"Creative WebCam Tray"="C:\\Program Files\\Creative\\WebCam Control\\CamTray.exe"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"tckfrea"="C:\\DOCUME~1\\KERRYC~1\\APPLIC~1\\llbroozw.exe -QuieT"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\buildmfcd]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Mp3 List"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kernel32]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="kernel32"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NEWDOT~1"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="nwiz"
"hkey"="HKLM"
"command"="nwiz.exe /install"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\POINTER]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="point32"
"hkey"="HKLM"
"command"="point32.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run]
"key"="SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Windows"
"item"="kernel32"
"hkey"="HKCU"
"inimapping"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updmgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="updmgr"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common files\\updmgr\\updmgr.exe"
"inimapping"="0"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{54D9498B-CF93-414F-8984-8CE7FDE0D391}"="ewido shell guard"
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgw.exe /RUNONCE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgw.exe /RUNONCE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"user32.dll"="C:\\Program Files\\Video ActiveX Object\\isamntr.exe"
"rare"="C:\\Program Files\\Video ActiveX Object\\pmsnrr.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0



Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\McAfee.com Update Check (YOUR-VW9B0GHCT7-Guest1).job
C:\WINDOWS\tasks\McAfee.com Update Check (YOUR-VW9B0GHCT7-Jean Mckenzie).job
C:\WINDOWS\tasks\McAfee.com Update Check (YOUR-VW9B0GHCT7-Kerry Crome).job
C:\WINDOWS\tasks\McAfee.com Update Check (YOUR-VW9B0GHCT7-Kerry).job
C:\WINDOWS\tasks\McAfee.com Update Check (YOUR-VW9B0GHCT7-Steven Mckenzie).job
C:\WINDOWS\tasks\XoftSpy.job


********************************************************************

catchme 0.1 W2K/XP - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

********************************************************************

Completion time: 07-02-07 10:17:31


Thank you.
HJThis
Feb 7 2007, 07:09 PM
Hi,Kerry

Hmm ok for now let's forget about Mca

do this for me

Run Hijackthis.
Click on Open the Misc Tools section.
Next click on Open uninstall manager.
Press the Save list button.
Save the file to your desktop, with the default name of uninstall_list
Copy & Paste the entire contents of that file in your in your next post.

Gogo wink.gif
Kerry
Feb 8 2007, 10:34 AM
Ad-aware 6 Personal
Adobe Flash Player 9 ActiveX
Adobe Photoshop 5.5
Adobe Reader 8
Adobe SVG Viewer 3.0
AVG 7.5
AVG Anti-Spyware 7.5
CivCity
CleanUp!
Conexant SoftK56 Modem(M)
Creative WebCam Control
Creative WebCam Vista Driver (1.01.02.1108)
DivX 4.0 Beta Codec
Download Accelerator Plus
Download Accelerator Plus Beta
EFRunner
EPSON Printer Software
ewido security suite
Eye Candy 4000
FIFA 07
Fragomatic's Rcon Commander
GameSpy Arcade
GameSpy Software
Google Toolbar for Internet Explorer
Grand Theft Auto Vice City
HijackThis 1.99.1
Hotfix for Windows XP (KB926239)
HP Customer Participation Program 7.0
HP Document Viewer 7.0
HP Imaging Device Functions 7.0
HP Photosmart Premier Software 6.5
HP Photosmart, Officejet and Deskjet 7.0.A
HP Software Update
HP Solution Center 7.0
Ipswitch WS_FTP Pro
IWF - Internet Safety Presentation
J2SE Runtime Environment 5.0 Update 8
KPT® effects™
LimeWire 4.12.6
Macromedia Dreamweaver MX
Macromedia Extension Manager
Macromedia Fireworks 2
Macromedia Fireworks MX
Macromedia Flash 4
Macromedia Flash MX
Macromedia FreeHand 10
McAfee Firewall
McAfee SecurityCenter
McAfee VirusScan Professional Edition
Microsoft .NET Framework (English)
Microsoft .NET Framework (English) v1.0.3705
Microsoft .NET Framework 1.0 Hotfix (KB886906)
Microsoft .NET Framework 1.1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Excel 2000 SR-1
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works 6.0
Microsoft XML Parser and SDK
MSN Messenger 7.5
MSN Toolbar
MSXML 4.0 SP2 (KB927978)
Nero - Burning Rom (Web installer)
Network Play System (Patching)
NVIDIA Windows 2000/XP Display Drivers
OCR Software by I.R.I.S 7.0
Orange Search Toolbar
PCFriendly
Playboy - The Mansion
PowerDVD
Restaurant Empire
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB929969)
Shockwave
SoftV92 Data Fax Modem
Spybot - Search & Destroy 1.4
Star Trek Voyager Elite Force
Star Trek Voyager Elite Force GDK
Star Wars Galactic Battlegrounds: Saga
System Alert Popup
The Playa
The Sims Unleashed
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
WA Update v3.50 beta2
Winamp3 (remove only)
Window Active
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2
WinMX
WinRAR archiver
WMPlus 2 (remove only)
XoftSpy
Yahoo! Companion
Yahoo! Internet Mail
Yahoo! Messenger Explorer Bar
Yahoo! Messenger with BT Communicator


There are a couple on there i have been trying to remove but they just wont disapear. Playboy - The Mansion, The Sims Unleashed and obviously mcafee. Im sure there was another but cant see it now.

Thank You
Kerry
Feb 12 2007, 11:32 AM
Sorry but any more ideas on this?
HJThis
Feb 12 2007, 11:47 AM
Hi,Kerry

Hmmm did you try reinstalling some of them items then Uninstall see if that helps

Next

The steps that I am about to suggest involve modifying the registry. Modifying the registry can be dangerous so we will make a backup of the registry first.

Backup the Registry:

Navigate to Start | Run and paste the following:

regedit /e c:\registrybackup.reg

Now click OK
It won't appear to be doing anything, that's normal.
Your mouse pointer may turn to an hour glass for a minute.
Please continue when it no longer has the hour glass.

------------------

Open Notepad and copy and paste the following quotebox into a new text document. (Don't forget to copy and paste REGEDIT4!) do not copy the word quote

QUOTE
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"user32.dll"=-
"rare"=-


Save this as fix.reg Choose to save as *all files and place it on your Desktop.
It should look like this:Click to view attachment
Double-click on it and when it asks you if you want to merge the contents to the registry, click Yes/OK.

Make sure to do a reboot or Regfix may not work

----------------

Then come back here with a new HijackThis logfile.

Gogo wink.gif
Kerry
Feb 14 2007, 05:58 PM
Logfile of HijackThis v1.99.1
Scan saved at 16:55:43, on 14/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
C:\Program Files\Creative\WebCam Control\CamTray.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_SICN03.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Documents and Settings\Kerry\Desktop\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.co.uk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Orange UK
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;<local>
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Orange - {4E7BD74F-2B8D-469E-A1FB-F862B587B57D} - C:\PROGRA~1\orange3\orange3.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar3.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5_0_2_6.dll (file missing)
O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - C:\Program Files\McAfee\McAfee VirusScan\VSCShellExtension.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\en-gb\msntb.dll (file missing)
O3 - Toolbar: Orange - {4E7BD74F-2B8D-469E-A1FB-F862B587B57D} - C:\PROGRA~1\orange3\orange3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar3.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [McAfee Guardian] "C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScanMSC] "C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe" /EMBEDDING
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [InfoPenMSN] C:\Program Files\InfoKing\InfoPenMSN\Pro\InfoPenIM.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\WebCam Control\CamTray.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: orange search - file://C:\Program Files\ORANGE3\Cache\SelectedContextSearch.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.orange.co.uk
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab27571.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1130596536250
O16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165616315093
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/...ymmapi_0727.dll
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...283/mcfscan.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVSync Manager (AvSynMgr) - Network Associates, Inc. - C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
O23 - Service: ewido security suite control - Unknown owner - C:\Documents and Settings\Steven Mckenzie\Desktop\security suite\ewidoctrl.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Firewall - Unknown owner - C:\Program Files\McAfee\McAfee Firewall\CPD.EXE" /SERVICE (file missing)
O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

The little bubble is still there!! Sorry for the delay in getting back to u my little boy is not well.
Ai_Tak
Feb 14 2007, 08:38 PM
Try running this, and post the log from it:
http://www.gmer.net/gmer.zip
Kerry
Feb 16 2007, 11:49 AM
GMER 1.0.12.12027 - http://www.gmer.net
Rootkit scan 2007-02-16 10:45:13
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.12 ----

SSDT \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys ZwOpenProcess
SSDT \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys ZwTerminateProcess

---- Kernel code sections - GMER 1.0.12 ----

.text ntdll.dll!NtClose 7C90D586 5 Bytes JMP 7203407A
.text ntdll.dll!NtCreateProcess 7C90D754 5 Bytes JMP 72034205
.text ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes JMP 720340E9
.text ntdll.dll!NtCreateSection 7C90D793 5 Bytes JMP 72034098

---- Devices - GMER 1.0.12 ----

Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [F8BA585A] avgtdi.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F8BA585A] avgtdi.sys
Device \Driver\prodrv06 \Device\ProDrv06 IRP_MJ_CREATE E1E5E610
Device \Driver\prodrv06 \Device\ProDrv06 IRP_MJ_CLOSE E1E5E610
Device \Driver\prodrv06 \Device\ProDrv06 IRP_MJ_DEVICE_CONTROL E1E5E610
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_INTERNAL_DEVICE_CONTROL [F8B7B6C1] prosync1.sys
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL [F8B7B6C1] prosync1.sys
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_INTERNAL_DEVICE_CONTROL [F8B7B6C1] prosync1.sys
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL [F8B7B6C1] prosync1.sys
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f IRP_MJ_INTERNAL_DEVICE_CONTROL [F8B7B6C1] prosync1.sys
Device \Driver\prohlp02 \Device\ProHlp02 IRP_MJ_CREATE E1010C28
Device \Driver\prohlp02 \Device\ProHlp02 IRP_MJ_CLOSE E1010C28
Device \Driver\prohlp02 \Device\ProHlp02 IRP_MJ_DEVICE_CONTROL E1010C28
Device \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [F8BA585A] avgtdi.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [F8BA585A] avgtdi.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_INTERNAL_DEVICE_CONTROL [F8BA585A] avgtdi.sys

---- EOF - GMER 1.0.12 ----

Hope this is what you wanted.
Ai_Tak
Feb 19 2007, 12:42 AM
This is odd...

Run a full, updated ad-aware scan and post the log.
Kerry
Feb 19 2007, 12:37 PM
I am currently having problems updating my ad-aware it gets to 80% - 90% then stops but here is the logfile.


Lavasoft Ad-aware Personal Build 6.181
Logfile created on :19 February 2007 11:08:07
Created with Ad-aware Personal, free for private use.
Using reference-file :01R347 26.10.2004
______________________________________________________

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry


19-02-2007 11:08:07 - Scan started. (Custom mode)


Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Disk scan result for C:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0

11:35:34 Scan complete

Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:27:26:844
Objects scanned :279114
Objects identified :0
Objects ignored :0
New objects :0
Ai_Tak
Feb 19 2007, 10:01 PM
You are using the far obsolete version of ad-aware, please install Ad-Aware SE 1.06r1.
Kerry
Feb 20 2007, 12:48 PM
Ad-Aware SE Build 1.06r1
Logfile Created on:20 February 2007 10:44:36
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R154 19.02.2007


References detected during the scan:

AntiVermins(TAC index:3):3 total references
MRU List(TAC index:0):37 total references
Tracking Cookie(TAC index:3):188 total references


Ad-Aware SE Settings

Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings

Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


20-02-2007 10:44:36 - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\Kerry\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office


MRU List Object Recognized!
Location: : C:\Documents and Settings\Kerry\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\macromedia\dreamweaver 6\recent file list
Description : list of recently used files in macromedia dreamweaver


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\mediaplayer\preferences
Description : last cd record path used in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-19\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-20\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\mediaplayer\preferences
Description : last search path used in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\office\9.0\excel\recent files
Description : list of recent files used by microsoft excel


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-21-1316817595-1194005503-2939561921-1009\software\winrar\dialogedithistory\extrpath
Description : winrar "extract-to" history


Listing running processes


#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 676
ThreadCreationTime : 20-02-2007 10:15:22
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 756
ThreadCreationTime : 20-02-2007 10:15:25
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 804
ThreadCreationTime : 20-02-2007 10:15:31
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 848
ThreadCreationTime : 20-02-2007 10:15:32
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 860
ThreadCreationTime : 20-02-2007 10:15:32
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1016
ThreadCreationTime : 20-02-2007 10:15:34
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1096
ThreadCreationTime : 20-02-2007 10:15:34
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1228
ThreadCreationTime : 20-02-2007 10:15:35
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1312
ThreadCreationTime : 20-02-2007 10:15:35
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1428
ThreadCreationTime : 20-02-2007 10:15:37
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1604
ThreadCreationTime : 20-02-2007 10:15:43
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [guard.exe]
FilePath : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\
ProcessID : 1724
ThreadCreationTime : 20-02-2007 10:15:49
BasePriority : Normal
FileVersion : 7, 5, 0, 47
ProductVersion : 7, 5, 0, 47
ProductName : AVG Anti-Spyware
CompanyName : Anti-Malware Development a.s.
FileDescription : AVG Anti-Spyware guard
InternalName : AVG Anti-Spyware guard
LegalCopyright : Copyright © 2006 Anti-Malware Development a.s.
OriginalFilename : guard.exe

#:13 [avgamsvr.exe]
FilePath : C:\PROGRA~1\Grisoft\AVG7\
ProcessID : 1736
ThreadCreationTime : 20-02-2007 10:15:50
BasePriority : Normal
FileVersion : 7.5.0.420
ProductVersion : 7.5.0.420
ProductName : AVG 7.5 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE

#:14 [avgupsvc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVG7\
ProcessID : 1752
ThreadCreationTime : 20-02-2007 10:15:50
BasePriority : Normal
FileVersion : 7.5.0.420
ProductVersion : 7.5.0.420
ProductName : AVG 7.5 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE

#:15 [avgemc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVG7\
ProcessID : 1764
ThreadCreationTime : 20-02-2007 10:15:50
BasePriority : Normal
FileVersion : 7.5.0.432
ProductVersion : 7.5.0.432
ProductName : AVG Anti-Virus system
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG E-Mail Scanner
InternalName : avgemc
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : avgemc.exe

#:16 [avsynmgr.exe]
FilePath : C:\Program Files\McAfee\McAfee VirusScan\
ProcessID : 1804
ThreadCreationTime : 20-02-2007 10:15:50
BasePriority : Normal
FileVersion : 7.03.6000
ProductVersion : 7.03.6000
ProductName : VirusScan Home Edition
CompanyName : Network Associates, Inc.
FileDescription : VirusScan Synchronization Service
InternalName : AvSynMgr
LegalCopyright : Copyright © 1995-2003 Networks Associates Technology, Inc. All rights reserved
OriginalFilename : AvSynMgr.exe

#:17 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1856
ThreadCreationTime : 20-02-2007 10:15:51
BasePriority : Normal
FileVersion : 6.13.10.3082
ProductVersion : 6.13.10.3082
ProductName : NVIDIA Driver Helper Service, Version 30.82
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 30.82
InternalName : NVSVC
LegalCopyright : © NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:18 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2040
ThreadCreationTime : 20-02-2007 10:15:55
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:19 [vsstat.exe]
FilePath : C:\Program Files\McAfee\McAfee VirusScan\
ProcessID : 384
ThreadCreationTime : 20-02-2007 10:15:56
BasePriority : Normal
FileVersion : 7.03.6000
ProductVersion : 7.03.6000
ProductName : VirusScan Home Edition
CompanyName : Network Associates, Inc.
FileDescription : VirusScan System Tray
InternalName : VsStat
LegalCopyright : Copyright © 1995-2003 Networks Associates Technology, Inc. All rights reserved
OriginalFilename : VsStat.exe

#:20 [vshwin32.exe]
FilePath : C:\Program Files\McAfee\McAfee VirusScan\
ProcessID : 592
ThreadCreationTime : 20-02-2007 10:15:58
BasePriority : Normal
FileVersion : 7.03.6000
ProductVersion : 7.03.6000
ProductName : VirusScan Home Edition
CompanyName : Network Associates, Inc.
FileDescription : VirusScan System Scan
InternalName : VshWin32
LegalCopyright : Copyright © 1995-2003 Networks Associates Technology, Inc. All rights reserved
OriginalFilename : VshWin32.exe

#:21 [mcshield.exe]
FilePath : C:\Program Files\Common Files\Network Associates\McShield\
ProcessID : 620
ThreadCreationTime : 20-02-2007 10:15:58
BasePriority : High


#:22 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 976
ThreadCreationTime : 20-02-2007 10:15:59
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:23 [avconsol.exe]
FilePath : C:\Program Files\McAfee\McAfee VirusScan\
ProcessID : 1168
ThreadCreationTime : 20-02-2007 10:16:01
BasePriority : Normal
FileVersion : 7.03.6000
ProductVersion : 7.03.6000
ProductName : VirusScan Home Edition
CompanyName : Network Associates, Inc.
FileDescription : VirusScan Console
InternalName : AvConsol
LegalCopyright : Copyright © 1995-2003 Networks Associates Technology, Inc. All rights reserved
OriginalFilename : AvConsol.exe

#:24 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 2272
ThreadCreationTime : 20-02-2007 10:20:40
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:25 [soundman.exe]
FilePath : C:\WINDOWS\
ProcessID : 2424
ThreadCreationTime : 20-02-2007 10:20:44
BasePriority : Normal
FileVersion : 5.0
ProductVersion : 5.0
ProductName : Avance Sound Manager
CompanyName : Avance Logic, Inc.
FileDescription : Avance Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright © 2001 Avance Logic, Inc.
OriginalFilename : ALSMTray.exe
Comments : Avance AC97 Audio Sound Manager

#:26 [cmgrdian.exe]
FilePath : C:\Program Files\McAfee\McAfee Shared Components\Guardian\
ProcessID : 2520
ThreadCreationTime : 20-02-2007 10:20:45
BasePriority : Normal
FileVersion : 3.00.1051.0
ProductVersion : 3.00.1051.0
ProductName : McAfee Windows Guardian
CompanyName : Network Associates, Inc.
FileDescription : McAfee Guardian Agent
InternalName : CMGrdian
LegalCopyright : Copyright © 1997-2001 Network Associates, Inc. All rights reserved
OriginalFilename : CMGrdian.exe

#:27 [vsstat.exe]
FilePath : C:\Program Files\McAfee\McAfee VirusScan\
ProcessID : 2588
ThreadCreationTime : 20-02-2007 10:20:46
BasePriority : Normal
FileVersion : 7.03.6000
ProductVersion : 7.03.6000
ProductName : VirusScan Home Edition
CompanyName : Network Associates, Inc.
FileDescription : VirusScan System Tray
InternalName : VsStat
LegalCopyright : Copyright © 1995-2003 Networks Associates Technology, Inc. All rights reserved
OriginalFilename : VsStat.exe

#:28 [camtray.exe]
FilePath : C:\Program Files\Creative\WebCam Control\
ProcessID : 2600
ThreadCreationTime : 20-02-2007 10:20:46
BasePriority : Normal
FileVersion : 2.0.0.0
ProductVersion : 2.0
ProductName : CamTray
CompanyName : Creative Technology Ltd
FileDescription : Video Blaster CamTray
InternalName : CamTray
LegalCopyright : Copyright © Creative Technology Ltd 1998
OriginalFilename : CamTray.EXE

#:29 [avgcc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVG7\
ProcessID : 2612
ThreadCreationTime : 20-02-2007 10:20:46
BasePriority : Normal
FileVersion : 7.5.0.418
ProductVersion : 7.5.0.418
ProductName : AVG 7.5 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : AvgCC.EXE

#:30 [hpwuschd2.exe]
FilePath : C:\Program Files\HP\HP Software Update\
ProcessID : 2636
ThreadCreationTime : 20-02-2007 10:20:47
BasePriority : Normal
FileVersion : 70.0.170.000
ProductVersion : 070.000.170.000
ProductName : hp digital imaging
CompanyName : Hewlett-Packard Development Company, L.P.
FileDescription : Hewlett-Packard Product Assistant
InternalName : hpwuSchd2
LegalCopyright : Copyright © Hewlett-Packard Development Company, L.P. 1995-2005
OriginalFilename : hpwuSchd2.exe
Comments : Hewlett-Packard Product Assistant

#:31 [avgas.exe]
FilePath : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\
ProcessID : 2652
ThreadCreationTime : 20-02-2007 10:20:47
BasePriority : Normal
FileVersion : 7, 5, 0, 50
ProductVersion : 7, 5, 0, 50
ProductName : AVG Anti-Spyware
CompanyName : Anti-Malware Development a.s.
FileDescription : AVG Anti-Spyware
InternalName : AVG Anti-Spyware
LegalCopyright : Copyright © 2006 Anti-Malware Development a.s.
OriginalFilename : avgas.exe

#:32 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 2712
ThreadCreationTime : 20-02-2007 10:20:49
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:33 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ProcessID : 2756
ThreadCreationTime : 20-02-2007 10:20:49
BasePriority : Normal
FileVersion : 7.5.0324
ProductVersion : 7.5.0324
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright © Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe

#:34 [googletoolbarnotifier.exe]
FilePath : C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\
ProcessID : 2784
ThreadCreationTime : 20-02-2007 10:20:50
BasePriority : Normal
FileVersion : 1, 2, 1128, 5462
ProductVersion : 1, 2, 1128, 5462
ProductName : GoogleToolbarNotifier
CompanyName : Google Inc.
FileDescription : GoogleToolbarNotifier
LegalCopyright : Copyright © 2005-2006
OriginalFilename : GoogleToolbarNotifier.exe

#:35 [hpqtra08.exe]
FilePath : C:\Program Files\HP\Digital Imaging\bin\
ProcessID : 2980
ThreadCreationTime : 20-02-2007 10:20:58
BasePriority : Normal
FileVersion : 70.0.170.000
ProductVersion : 070.000.170.000
ProductName : hp digital imaging
CompanyName : Hewlett-Packard Development Company, L.P.
FileDescription : HP Digital Imaging Monitor
InternalName : HPQTRA00
LegalCopyright : Copyright © Hewlett-Packard Development Company, L.P. 1995-2005
OriginalFilename : HPQTRA00.EXE
Comments : HP Digital Imaging Monitor

#:36 [wkcalrem.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\Works Shared\
ProcessID : 3036
ThreadCreationTime : 20-02-2007 10:20:59
BasePriority : Normal
FileVersion : 6.00.1828.1
ProductVersion : 6.00.1828.1
ProductName : Microsoft® Works 6.0
CompanyName : Microsoft® Corporation
FileDescription : Microsoft® Works Calendar Reminder Service
InternalName : WkCalRem
LegalCopyright : Copyright © Microsoft Corporation 1987-2000. All rights reserved.
OriginalFilename : WKCALREM.EXE

#:37 [hpqimzone.exe]
FilePath : C:\Program Files\HP\Digital Imaging\bin\
ProcessID : 3216
ThreadCreationTime : 20-02-2007 10:21:06
BasePriority : Normal


#:38 [e_sicn03.exe]
FilePath : C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\
ProcessID : 3236
ThreadCreationTime : 20-02-2007 10:21:09
BasePriority : Normal
FileVersion : 1.20
ProductVersion : 1.20
ProductName : EPSON Status Monitor 3
CompanyName : SEIKO EPSON CORPORATION
FileDescription : EPSON Status Monitor 3
InternalName : E_SICN03
LegalCopyright : Copyright © SEIKO EPSON CORP. 1999
OriginalFilename : E_SICN03.EXE

#:39 [hpqste08.exe]
FilePath : C:\Program Files\HP\Digital Imaging\bin\
ProcessID : 3464
ThreadCreationTime : 20-02-2007 10:21:59
BasePriority : Normal
FileVersion : 70.0.170.000
ProductVersion : 070.000.170.000
ProductName : hp digital imaging
CompanyName : Hewlett-Packard Development Company, L.P.
FileDescription : HP CUE Status
InternalName : HPQSTS00
LegalCopyright : Copyright © Hewlett-Packard Development Company, L.P. 1995-2005
OriginalFilename : HPQSTS00.EXE
Comments : HP CUE Status

#:40 [aawsepersonal.exe]
FilePath : C:\Program Files\
ProcessID : 3148
ThreadCreationTime : 20-02-2007 10:43:00
BasePriority : Normal


#:41 [msiexec.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3112
ThreadCreationTime : 20-02-2007 10:43:01
BasePriority : Normal


#:42 [msiexec.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3128
ThreadCreationTime : 20-02-2007 10:43:02
BasePriority : Normal


#:43 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 544
ThreadCreationTime : 20-02-2007 10:43:54
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

#:44 [iexplore.exe]
FilePath : C:\Program Files\internet explorer\
ProcessID : 3660
ThreadCreationTime : 20-02-2007 10:44:33
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 37


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 37


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 37


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@revsci[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1033
Value : Cookie:kerry@revsci.net/
Expires : 15-02-2027 10:28:56
LastSync : Hits:1033
UseCount : 0
Hits : 1033

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@tradedoubler[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:77
Value : Cookie:kerry@tradedoubler.com/
Expires : 12-02-2027 23:04:14
LastSync : Hits:77
UseCount : 0
Hits : 77

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@adopt.euroclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:kerry@adopt.euroclick.com/
Expires : 13-02-2017 23:47:38
LastSync : Hits:9
UseCount : 0
Hits : 9

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@phg.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:20
Value : Cookie:kerry@phg.hitbox.com/
Expires : 27-01-2008 21:14:36
LastSync : Hits:20
UseCount : 0
Hits : 20

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@reduxads.valuead[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:kerry@reduxads.valuead.com/
Expires : 01-01-2021
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@stat.onestat[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:kerry@stat.onestat.com/
Expires : 25-01-2017
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@clickbank[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@clickbank.net/
Expires : 06-08-2007 17:28:20
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@valueclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:kerry@valueclick.net/
Expires : 02-01-2032 21:14:54
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@tacoda[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:111
Value : Cookie:kerry@tacoda.net/
Expires : 23-01-2008 01:04:34
LastSync : Hits:111
UseCount : 0
Hits : 111

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@questionmarket[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:48
Value : Cookie:kerry@questionmarket.com/
Expires : 02-04-2007 01:55:22
LastSync : Hits:48
UseCount : 0
Hits : 48

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@roiservice[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:19
Value : Cookie:kerry@roiservice.com/
Expires : 08-01-2027 21:48:30
LastSync : Hits:19
UseCount : 0
Hits : 19

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:12
Value : Cookie:kerry@2o7.net/
Expires : 15-02-2012 21:25:58
LastSync : Hits:12
UseCount : 0
Hits : 12

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@trafficmp[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:55
Value : Cookie:kerry@trafficmp.com/
Expires : 23-12-2007 23:59:02
LastSync : Hits:55
UseCount : 0
Hits : 55

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@casalemedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:kerry@casalemedia.com/
Expires : 05-02-2008 15:29:40
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@freepay[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:51
Value : Cookie:kerry@freepay.com/
Expires : 18-01-2038
LastSync : Hits:51
UseCount : 0
Hits : 51

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@bs.serving-sys[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:32
Value : Cookie:kerry@bs.serving-sys.com/
Expires : 31-12-2037 22:00:00
LastSync : Hits:32
UseCount : 0
Hits : 32

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@fastclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:20
Value : Cookie:kerry@fastclick.net/
Expires : 16-02-2009 20:16:12
LastSync : Hits:20
UseCount : 0
Hits : 20

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@server.iad.liveperson[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:19
Value : Cookie:kerry@server.iad.liveperson.net/
Expires : 19-02-2007 12:32:56
LastSync : Hits:19
UseCount : 0
Hits : 19

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:kerry@doubleclick.net/
Expires : 19-02-2010 10:23:42
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@paypal.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:kerry@paypal.112.2o7.net/
Expires : 06-02-2012 09:56:42
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-wsseurope.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@ehg-wsseurope.hitbox.com/
Expires : 04-12-2007 14:29:36
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@adviva[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:kerry@adviva.net/
Expires : 21-01-2012 21:25:48
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@bluestreak[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:kerry@bluestreak.com/
Expires : 14-02-2017 16:36:02
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@counter.hitslink[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:14
Value : Cookie:kerry@counter.hitslink.com/
Expires : 18-01-2038 05:00:00
LastSync : Hits:14
UseCount : 0
Hits : 14

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-screenpages.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@ehg-screenpages.hitbox.com/
Expires : 22-01-2008 21:35:16
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@adrevolver[3].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:32
Value : Cookie:kerry@adrevolver.com/
Expires : 17-02-2008 13:38:26
LastSync : Hits:32
UseCount : 0
Hits : 32

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ad.yieldmanager[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:22
Value : Cookie:kerry@ad.yieldmanager.com/
Expires : 14-08-2017
LastSync : Hits:22
UseCount : 0
Hits : 22

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@qksrv[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:kerry@qksrv.net/
Expires : 16-02-2012 00:43:56
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@www.ppctracking[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@www.ppctracking.net/
Expires : 06-02-2037 17:16:38
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ivwbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:kerry@ivwbox.de/
Expires : 23-11-2007 21:45:48
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-bbc.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@ehg-bbc.hitbox.com/
Expires : 01-01-2008 13:19:54
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@stats.channel4[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:21
Value : Cookie:kerry@stats.channel4.com/
Expires : 18-11-2016 18:02:10
LastSync : Hits:21
UseCount : 0
Hits : 21

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@dealtime[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:17
Value : Cookie:kerry@dealtime.com/
Expires : 28-11-2007 21:47:42
LastSync : Hits:17
UseCount : 0
Hits : 17

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@zedo[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:kerry@zedo.com/
Expires : 17-02-2017 10:29:02
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@centerparcs.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@centerparcs.112.2o7.net/
Expires : 21-11-2011 23:13:20
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@boldchat[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:42
Value : Cookie:kerry@boldchat.com/
Expires : 14-02-2008 18:42:06
LastSync : Hits:42
UseCount : 0
Hits : 42

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-zoomerang.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:66
Value : Cookie:kerry@ehg-zoomerang.hitbox.com/
Expires : 13-01-2008 00:37:22
LastSync : Hits:66
UseCount : 0
Hits : 66

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@bloomingmarvellous.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@bloomingmarvellous.112.2o7.net/
Expires : 31-12-2011 13:37:08
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ads.guardian.co[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@ads.guardian.co.uk/
Expires : 30-11-2006 21:49:38
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@incredimailltd.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@incredimailltd.112.2o7.net/
Expires : 03-12-2011 23:01:40
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:161
Value : Cookie:kerry@serving-sys.com/
Expires : 31-12-2037 22:00:00
LastSync : Hits:161
UseCount : 0
Hits : 161

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@redcatsuk.122.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@redcatsuk.122.2o7.net/
Expires : 28-12-2011 17:16:12
LastSync : Hits:1
UseCount : 0
Hits : 1
Kerry
Feb 20 2007, 12:58 PM
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@statse.webtrendslive[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:64
Value : Cookie:kerry@statse.webtrendslive.com/
Expires : 15-02-2017 12:33:34
LastSync : Hits:64
UseCount : 0
Hits : 64

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@pr.valueclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@pr.valueclick.net/
Expires : 07-07-2007 21:14:54
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ads.itv[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:25
Value : Cookie:kerry@ads.itv.com/
Expires : 29-02-2008
LastSync : Hits:25
UseCount : 0
Hits : 25

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@statcounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:kerry@statcounter.com/
Expires : 19-02-2012 10:46:42
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@revenue[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:8
Value : Cookie:kerry@revenue.net/
Expires : 10-06-2022 05:05:42
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@adtech[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:kerry@adtech.de/
Expires : 09-02-2017 11:03:44
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:28
Value : Cookie:kerry@hitbox.com/
Expires : 17-02-2008 19:43:18
LastSync : Hits:28
UseCount : 0
Hits : 28

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@stat.dealtime[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:46
Value : Cookie:kerry@stat.dealtime.com/
Expires : 09-01-2009 13:19:20
LastSync : Hits:46
UseCount : 0
Hits : 46

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@rotator.adjuggler[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:kerry@rotator.adjuggler.com/
Expires : 13-02-2017 23:15:28
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@adserver.filefront[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:39
Value : Cookie:kerry@adserver.filefront.com/
Expires : 24-12-2007 00:00:56
LastSync : Hits:39
UseCount : 0
Hits : 39

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@msnportal.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:kerry@msnportal.112.2o7.net/
Expires : 06-02-2012 10:19:34
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ads.pointroll[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:39
Value : Cookie:kerry@ads.pointroll.com/
Expires : 01-01-2010
LastSync : Hits:39
UseCount : 0
Hits : 39

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@web4.realtracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@web4.realtracker.com/
Expires : 31-12-2007 23:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:kerry@atdmt.com/
Expires : 19-02-2012
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@lightspeed.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@lightspeed.112.2o7.net/
Expires : 13-02-2012 17:09:04
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:kerry@realmedia.com/
Expires : 17-02-2008 00:02:36
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@www.jackpotmadness[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:kerry@www.jackpotmadness.com/
Expires : 31-05-2007 22:34:28
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@adrevolver[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:26
Value : Cookie:kerry@media.adrevolver.com/adrevolver/
Expires : 04-11-2009 09:47:32
LastSync : Hits:26
UseCount : 0
Hits : 26

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@apmebf[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:kerry@apmebf.com/
Expires : 16-02-2012 00:43:54
LastSync : Hits:9
UseCount : 0
Hits : 9

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@advertising[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:321
Value : Cookie:kerry@advertising.com/
Expires : 17-02-2012 12:32:54
LastSync : Hits:321
UseCount : 0
Hits : 321

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:kerry@mediaplex.com/
Expires : 22-06-2009
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@adbrite[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:23
Value : Cookie:kerry@adbrite.com/
Expires : 09-02-2008 10:09:20
LastSync : Hits:23
UseCount : 0
Hits : 23

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@cneteurope.122.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:kerry@cneteurope.122.2o7.net/
Expires : 03-12-2011 14:28:54
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-kentcc.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:kerry@ehg-kentcc.hitbox.com/
Expires : 17-02-2008 19:43:18
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@snapfish.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@snapfish.112.2o7.net/
Expires : 17-12-2011 15:58:54
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@perf.overture[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:kerry@perf.overture.com/
Expires : 13-02-2011 18:50:32
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@cnn.122.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@cnn.122.2o7.net/
Expires : 07-12-2011 01:17:18
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@e-2dj6wfk4wjdpwgo.stats.esomniture[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:kerry@e-2dj6wfk4wjdpwgo.stats.esomniture.com/
Expires : 22-01-2012 23:06:50
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-ladbrokes.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:kerry@ehg-ladbrokes.hitbox.com/
Expires : 21-01-2008 15:10:54
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-hotgroup.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:95
Value : Cookie:kerry@ehg-hotgroup.hitbox.com/
Expires : 02-01-2008 12:06:24
LastSync : Hits:95
UseCount : 0
Hits : 95

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@sonyeurope.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:kerry@sonyeurope.112.2o7.net/
Expires : 08-12-2011 23:49:28
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@commission-junction[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:kerry@commission-junction.com/
Expires : 13-02-2012 20:39:56
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@indextools[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:101
Value : Cookie:kerry@indextools.com/
Expires : 22-01-2008 01:10:50
LastSync : Hits:101
UseCount : 0
Hits : 101

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-gmi.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:44
Value : Cookie:kerry@ehg-gmi.hitbox.com/
Expires : 17-01-2008 10:20:26
LastSync : Hits:44
UseCount : 0
Hits : 44

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@weborama[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:81
Value : Cookie:kerry@weborama.fr/
Expires : 20-04-2007 00:44:14
LastSync : Hits:81
UseCount : 0
Hits : 81

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@carphonewarehouse.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:19
Value : Cookie:kerry@carphonewarehouse.112.2o7.net/
Expires : 31-12-2011 01:39:54
LastSync : Hits:19
UseCount : 0
Hits : 19

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-wmc.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:kerry@ehg-wmc.hitbox.com/
Expires : 07-01-2008 17:03:10
LastSync : Hits:9
UseCount : 0
Hits : 9

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@wholesalemarketer.122.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@wholesalemarketer.122.2o7.net/
Expires : 06-01-2012 00:26:46
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@linksynergy[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:10
Value : Cookie:kerry@linksynergy.com/
Expires : 08-01-2007 19:10:28
LastSync : Hits:10
UseCount : 0
Hits : 10

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@msnaccountservices.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@msnaccountservices.112.2o7.net/
Expires : 14-02-2012 23:19:50
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@lsfnetwork.122.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:kerry@lsfnetwork.122.2o7.net/
Expires : 06-02-2012 17:13:40
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@amznmothercare.122.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:kerry@amznmothercare.122.2o7.net/
Expires : 12-12-2011 22:27:14
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-pureprofile.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:175
Value : Cookie:kerry@ehg-pureprofile.hitbox.com/
Expires : 05-12-2007 12:18:10
LastSync : Hits:175
UseCount : 0
Hits : 175

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-centaur.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:kerry@ehg-centaur.hitbox.com/
Expires : 04-12-2007 14:46:52
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-systemax.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:8
Value : Cookie:kerry@ehg-systemax.hitbox.com/
Expires : 27-12-2007 15:32:38
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@searchportal.information[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:49
Value : Cookie:kerry@searchportal.information.com/
Expires : 29-11-2008 22:20:02
LastSync : Hits:49
UseCount : 0
Hits : 49

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-ipoints.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:335
Value : Cookie:kerry@ehg-ipoints.hitbox.com/
Expires : 22-01-2008 14:44:30
LastSync : Hits:335
UseCount : 0
Hits : 335

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@rrpartners.122.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@rrpartners.122.2o7.net/
Expires : 04-12-2011 21:05:06
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@maxserving[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:10
Value : Cookie:kerry@maxserving.com/
Expires : 29-12-2016 13:21:34
LastSync : Hits:10
UseCount : 0
Hits : 10

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-sonyesolutions.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:kerry@ehg-sonyesolutions.hitbox.com/
Expires : 18-12-2007 11:36:36
LastSync : Hits:9
UseCount : 0
Hits : 9

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@haynet.adbureau[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:kerry@haynet.adbureau.net/
Expires : 15-07-2008
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@marksandspencer.122.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@marksandspencer.122.2o7.net/
Expires : 06-01-2012 00:43:50
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-littlewoods.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:kerry@ehg-littlewoods.hitbox.com/
Expires : 16-02-2008 12:55:44
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-accenture.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:kerry@ehg-accenture.hitbox.com/
Expires : 07-01-2008 00:50:10
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@cent.adbureau[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@cent.adbureau.net/
Expires : 29-02-2008
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@trinitymirror.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@trinitymirror.112.2o7.net/
Expires : 15-02-2012 23:22:52
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@targetnet[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:16
Value : Cookie:kerry@targetnet.com/
Expires : 18-05-2033 03:33:20
LastSync : Hits:16
UseCount : 0
Hits : 16

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-dig.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:kerry@ehg-dig.hitbox.com/
Expires : 02-01-2008 13:13:42
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@entrepreneur.122.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@entrepreneur.122.2o7.net/
Expires : 06-01-2012 19:22:52
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@about[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:65
Value : Cookie:kerry@about.com/
Expires : 01-01-1601
LastSync : Hits:65
UseCount : 0
Hits : 65

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@valueclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:kerry@valueclick.com/
Expires : 02-01-2032 21:14:12
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@bizrate[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:kerry@bizrate.com/
Expires : 01-01-2017 21:24:04
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@webstat[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:kerry@webstat.com/
Expires : 04-01-2017 17:30:10
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ads.addynamix[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@ads.addynamix.com/
Expires : 31-12-2006 00:00:26
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@stats1.clicktracks[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:8
Value : Cookie:kerry@stats1.clicktracks.com/
Expires : 24-01-2017 23:42:28
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@adrevolver[4].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:10
Value : Cookie:kerry@netli.media.adrevolver.com/adrevolver/
Expires : 18-09-2009 03:07:34
LastSync : Hits:10
UseCount : 0
Hits : 10

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@www.etracker[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:51
Value : Cookie:kerry@www.etracker.de/
Expires : 18-04-2007 13:37:34
LastSync : Hits:51
UseCount : 0
Hits : 51

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-debenhams.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:18
Value : Cookie:kerry@ehg-debenhams.hitbox.com/
Expires : 29-12-2007 13:28:12
LastSync : Hits:18
UseCount : 0
Hits : 18

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:10
Value : Cookie:kerry@ehg.hitbox.com/
Expires : 06-01-2008 22:45:04
LastSync : Hits:10
UseCount : 0
Hits : 10

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@e-2dj6wjny-1ld5ga.stats.esomniture[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:kerry@e-2dj6wjny-1ld5ga.stats.esomniture.com/
Expires : 25-01-2012 14:53:02
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-fastweb.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:kerry@ehg-fastweb.hitbox.com/
Expires : 22-01-2008 01:08:58
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@clickauditor[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@clickauditor.net/
Expires : 28-01-2017 18:55:22
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@bfast[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:kerry@bfast.com/
Expires : 14-02-2027 20:39:34
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@tripod[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@tripod.com/
Expires : 17-02-2008 00:02:22
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@opodo.122.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@opodo.122.2o7.net/
Expires : 08-01-2012 17:26:04
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-affinitynet.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@ehg-affinitynet.hitbox.com/
Expires : 19-01-2008 13:42:28
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@fcstats.bcentral[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:kerry@fcstats.bcentral.com/
Expires : 01-01-2020
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@adserver.easyad[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:kerry@adserver.easyad.info/
Expires : 27-12-2016 10:51:50
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@sento.122.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@sento.122.2o7.net/
Expires : 06-02-2012 09:39:46
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@msnservices.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@msnservices.112.2o7.net/
Expires : 04-02-2012 21:12:54
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-rodale.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:kerry@ehg-rodale.hitbox.com/
Expires : 02-01-2008 16:44:54
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@list[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@list.ru/
Expires : 26-04-2007 14:51:30
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@e-2dj6wfkyolcjago.stats.esomniture[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:kerry@e-2dj6wfkyolcjago.stats.esomniture.com/
Expires : 17-02-2012 12:32:04
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@microsoftoffice.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@microsoftoffice.112.2o7.net/
Expires : 24-01-2012 22:08:32
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@vodafone.122.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@vodafone.122.2o7.net/
Expires : 11-01-2012 17:54:10
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@counter2.hitslink[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:kerry@counter2.hitslink.com/
Expires : 18-01-2038 05:00:00
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@web-stat[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:14
Value : Cookie:kerry@web-stat.com/
Expires : 24-12-2010 23:12:00
LastSync : Hits:14
UseCount : 0
Hits : 14

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-logantod.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:kerry@ehg-logantod.hitbox.com/
Expires : 17-02-2008 00:43:34
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@incisivemedia.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:kerry@incisivemedia.112.2o7.net/
Expires : 26-01-2012 23:37:44
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kerry@ehg-reed.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:kerry@ehg-reed.hitbox.com/
Expires : 14-02-2008 18:49:40
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 132
Objects found so far: 169



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

AntiVermins Object Recognized!
Type : File
Data : AVerminsLang.ini
TAC Rating : 3
Category : Malware
Comment :
Object : C:\Documents and Settings\Kerry\Local Settings\Temp\



Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@2o7[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@2o7[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@a.as-us.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@a.as-us.falkag[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@ad.yieldmanager[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@ad.yieldmanager[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@adbrite[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@adbrite[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@adopt.euroclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@adopt.euroclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@adrevolver[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@adrevolver[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@adrevolver[3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@adrevolver[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@ads.guardian.co[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@ads.guardian.co[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@ads.itv[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@ads.itv[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@adserver2.teracent[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@adserver2.teracent[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@adtech[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@adtech[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@adultfriendfinder[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@adultfriendfinder[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@advertising[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@advertising[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@apmebf[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@apmebf[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@as-eu.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@as-eu.falkag[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@as-us.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@as-us.falkag[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@atdmt[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@bs.serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@bs.serving-sys[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@casalemedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@casalemedia[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@content.ipro[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@content.ipro[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@counter10.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@counter10.sextracker[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@counter11.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@counter11.sextracker[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@counter12.sextracker[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@counter12.sextracker[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@counter13.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@counter13.sextracker[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@counter16.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@counter16.sextracker[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@counter2.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@counter2.sextracker[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@counter3.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@counter3.sextracker[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@counter4.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@counter4.sextracker[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@counter7.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@counter7.sextracker[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@counter8.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@counter8.sextracker[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@counter9.sextracker[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@counter9.sextracker[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@cs.sexcounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@cs.sexcounter[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@doubleclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@ehg-autotrader.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@ehg-autotrader.hitbox[1].txt
Kerry
Feb 20 2007, 12:59 PM
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@ehg-playboy.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@ehg-playboy.hitbox[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@heavycom.122.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@heavycom.122.2o7[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@hitbox[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@fastclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@fastclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@indexstats[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@indexstats[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@indextools[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@indextools[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@insightexpressai[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@insightexpressai[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@media.fastclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@media.fastclick[1].txt


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@mediaplex[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@msnportal.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@msnportal.112.2o7[1].txt


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@revsci[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@revsci[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@rotator.adjuggler[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@rotator.adjuggler[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@serving-sys[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@serving-sys[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@sexlist[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@sexlist[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@sextracker[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@sextracker[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@statcounter[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@statcounter[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@statse.webtrendslive[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@statse.webtrendslive[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@tacoda[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@tacoda[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@tradedoubler[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@tradedoubler[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@tribalfusion[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@tribalfusion[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@trinitymirror.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@trinitymirror.112.2o7[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : steven mckenzie@zedo[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Steven Mckenzie\Cookies\steven mckenzie@zedo[1].txt

AntiVermins Object Recognized!
Type : File
Data : A0048285.exe
TAC Rating : 3
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{E466FB10-B916-475D-B108-80AEF1C6A536}\RP202\
FileVersion : 2.1.0.0
ProductVersion : 2.1.0.0
ProductName : AntiVermins
CompanyName : AntiVermins
FileDescription : Anti- spyware and adware
InternalName : AntiVermins.exe
LegalCopyright : © AntiVermins. All rights reserved.
OriginalFilename : AntiVermins.exe


Disk Scan Result for C:\
New critical objects: 0
Objects found so far: 227


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
Hosts file scan result:

1 entries scanned.
New critical objects:0
Objects found so far: 227




Performing conditional scans...


AntiVermins Object Recognized!
Type : File
Data : AVerminsLang.ini
TAC Rating : 3
Category : Malware
Comment :
Object : C:\DOCUME~1\Kerry\LOCALS~1\Temp\



Conditional scan result:

New critical objects: 1
Objects found so far: 228

11:43:37 Scan Complete

Summary Of This Scan
Total scanning time:00:59:01.141
Objects scanned:288768
Objects identified:191
Objects ignored:0
New critical objects:191


Hope this is better and thanks for your help so far.

This is one large log but it is from the se version which i have just downloaded.
Ai_Tak
Feb 21 2007, 03:55 AM
Check the contents of
C:\Program Files\Video ActiveX Object\
Kerry
Mar 9 2007, 10:53 AM
Sorry for the delay in posting my internet has been down! I tried to find that folder but i can not find it in the program files folder??
Ai_Tak
Mar 9 2007, 10:57 AM
That's actualy good, how is your system acting now?
Kerry
Mar 9 2007, 12:33 PM
To be honest its still a bit slow. When i turned the pc on this morning the yellow symbol appeared but it seems to have vanished now.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2010 Invision Power Services, Inc.