Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: Yahoo Msg will not open ....can anybody sort this issue out ? w/log  (Read 21790 times)

0 Members and 1 Guest are viewing this topic.

miolner1

    Topic Starter


    Rookie

    Hello to all,

    Hello to all,


    I have a niggling little problem with my yahoo msg that will not open : it will basically kick me back each time to the signon screen and leave me there. Now this situation did not arise before and yahoo msg would pretty much open by itself and I had the option to close the programupon auto opening. All was working fine up till a few days ago and now I have no idea what is going on .....I provided a log here to help you guys have a look at the opening events and if there is some issue with a firewall or two as thats what the yahoo msg will show in an error msg box upon retry of opening the program...what gets me is that its possibly something really small but pesky all the same thats causing this problem ....I will let you see if you can see anything wrong and maybe instruct me on how to fix it .....again much appreciation to you all if we can sort this one out

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 1:04:47 PM, on 9/6/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\COMODO\Firewall\cmdagent.exe
    C:\Program Files\Common Files\Motive\McciCMService.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    C:\Program Files\Common Files\ISPCOMP\InstallService.exe
    C:\Program Files\Common Files\AOL\1217722696\ee\AOLSoftware.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\AOL 9.1\waol.exe
    C:\Program Files\AOL 9.1\shellmon.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\COMODO\Firewall\cfp.exe
    C:\Program Files\Netscape Internet Service\NSClient.exe
    C:\Program Files\Netscape Internet Service\_NSWatchman.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = home.netscape.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
    R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
    O4 - HKLM\..\Run: [Netscape] C:\Program Files\Common Files\ISPCOMP\InstallService.exe
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1217722696\ee\AOLSoftware.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.1\AOL.EXE" -b
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/SmileyCentralInitialSetup1.0.1.1.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Filter hijack: text/html - {b969d37f-881d-44de-b227-c44e633b7c2c} - C:\WINDOWS\default32.dll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
    O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
    O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
    O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
    O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
    O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
    O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
    O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
    O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe
    O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
    O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
    O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
     
    « Last Edit: September 06, 2010, 02:01:11 PM by miolner1 »

    SuperDave

    • Malware Removal Specialist
    • Moderator


    • Genius
    • Thanked: 1020
    • Certifications: List
    • Experience: Expert
    • OS: Windows 10
    Re: Yahoo Msg will not open ....can anybody sort this issue out ? w/log
    « Reply #1 on: September 06, 2010, 05:45:21 PM »
    Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer. I am working under the guidance of one of the specialist of this forum so it may take a bit longer to process your logs.

    1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
    2. The fixes are specific to your problem and should only be used for this issue on this machine.
    3. If you don't know or understand something, please don't hesitate to ask.
    4. Please DO NOT run any other tools or scans while I am helping you.
    5. It is important that you reply to this thread. Do not start a new topic.
    6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
    7. Absence of symptoms does not mean that everything is clear.

    Download Disable/Remove Windows Messenger to the desktop to remove Windows Messenger.

    Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

    Unzip the file on the desktop. Open the MessengerDisable.exe and choose the bottom box - Uninstall Windows Messenger and click Apply.

    Exit out of MessengerDisable then delete the two files that were put on the desktop.

    ******************************************
    I strongly recommend that you remove Ask from your computer because it;

    •Promotes its toolbars on sites targeted to kids.

    •Promotes its toolbars through ads that appear to be part of other companies' sites.

    •Promotes its toolbars through other companies' spyware.

    •Installs without any disclosure whatsoever and without any consent whatsoever.

    •Solicits installations via "deceptive door openers" that do not accurately describe the offer; failing to affirmatively show a license agreement; linking to a EULA via an off-screen link.

    •Makes confusing changes to users' browsers -- increasing Ask's revenues while taking users to pages they didn't intend to visit.

    See Here for more info.

    If you choose to follow my recommendation then please go to Start > Control Panel > Add/Remove Programs and remove the following programs if present.

    AskBarDis or anything related to Ask

    Then please find and delete this folder in bold (if present):
    C:\Program Files\AskBarDis. or anything related to Ask.

    ******************************************

    C:\Program Files\alot is a malicious program and should also be un-installed.

    ****************************************************

    Open HijackThis and select Do a system scan only

    Place a check mark next to the following entries: (if there)

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe


    Important: Close all open windows except for HijackThis and then click Fix checked.

    Once completed, exit HijackThis.

    **************************************
    According to your log, your Anti-Virus (AVG) is out-of-date. Please update it before running these next scans.

    ************************************
    SUPERAntiSpyware

    If you already have SUPERAntiSpyware be sure to check for updates before scanning!


    Download SuperAntispyware Free Edition (SAS)
    * Double-click the icon on your desktop to run the installer.
    * When asked to Update the program definitions, click Yes
    * If you encounter any problems while downloading the updates, manually download and unzip them from here
    * Next click the Preferences button.

    •Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
    * Click the Scanning Control tab.
    * Under Scanner Options make sure only the following are checked:

    •Close browsers before scanning
    •Scan for tracking cookies
    •Terminate memory threats before quarantining
    Please leave the others unchecked

    •Click the Close button to leave the control center screen.

    * On the main screen click Scan your computer
    * On the left check the box for the drive you are scanning.
    * On the right choose Perform Complete Scan
    * Click Next to start the scan. Please be patient while it scans your computer.
    * After the scan is complete a summary box will appear. Click OK
    * Make sure everything in the white box has a check next to it, then click Next
    * It will quarantine what it found and if it asks if you want to reboot, click Yes

    •To retrieve the removal information please do the following:
    •After reboot, double-click the SUPERAntiSpyware icon on your desktop.
    •Click Preferences. Click the Statistics/Logs tab.

    •Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

    •It will open in your default text editor (preferably Notepad).
    •Save the notepad file to your desktop by clicking (in notepad) File > Save As...

    * Save the log somewhere you can easily find it. (normally the desktop)
    * Click close and close again to exit the program.
    *Copy and Paste the log in your post.
    ****************************************
    Please download Malwarebytes Anti-Malware from here.

    Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Full Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
    • Please save the log to a location you will remember.
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy and paste the entire report in your next reply.
    Extra Note:

    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
    *************************************
    Download Security Check by screen317 from one of the following links and save it to your desktop.

    Link 1
    Link 2

    * Unzip SecurityCheck.zip and a folder named Security Check should appear.
    * Open the Security Check folder and double-click Security Check.bat
    * Follow the on-screen instructions inside of the black box.
    * A Notepad document should open automatically called checkup.txt
    * Post the contents of that document in your next reply.

    Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
    Windows 8 and Windows 10 dual boot with two SSD's

    miolner1

      Topic Starter


      Rookie

      Re: Yahoo Msg will not open ....can anybody sort this issue out ? w/log
      « Reply #2 on: September 07, 2010, 05:33:31 PM »
      Okay, here is the first log as requested...again thanks for putting in the time to help me resolve this issue.

      Malwarebytes' Anti-Malware 1.46
      www.malwarebytes.org

      Database version: 4558

      Windows 5.1.2600 Service Pack 3
      Internet Explorer 8.0.6001.18702

      9/6/2010 9:11:04 PM
      mbam-log-2010-09-06 (21-11-04).txt

      Scan type: Quick scan
      Objects scanned: 142432
      Time elapsed: 16 minute(s), 15 second(s)

      Memory Processes Infected: 0
      Memory Modules Infected: 0
      Registry Keys Infected: 4
      Registry Values Infected: 0
      Registry Data Items Infected: 0
      Folders Infected: 0
      Files Infected: 2

      Memory Processes Infected:
      (No malicious items detected)

      Memory Modules Infected:
      (No malicious items detected)

      Registry Keys Infected:
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CONNECT (Trojan.PornDialer) -> Quarantined and deleted successfully.

      Registry Values Infected:
      (No malicious items detected)

      Registry Data Items Infected:
      (No malicious items detected)

      Folders Infected:
      (No malicious items detected)

      Files Infected:
      C:\Documents and Settings\User\My Documents\downloads\install_player.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
      C:\Documents and Settings\User\Favorites\Antivirus Scan.URL (Rogue.Link) -> Quarantined and deleted successfully.

      miolner1

        Topic Starter


        Rookie

        Re: Yahoo Msg will not open ....can anybody sort this issue out ? w/log
        « Reply #3 on: September 07, 2010, 05:35:18 PM »
        and the second log:

        SUPERAntiSpyware Scan Log
        http://www.superantispyware.com

        Generated 09/06/2010 at 08:18 PM

        Application Version : 4.42.1000

        Core Rules Database Version : 5461
        Trace Rules Database Version: 3273

        Scan type       : Complete Scan
        Total Scan Time : 02:03:50

        Memory items scanned      : 561
        Memory threats detected   : 0
        Registry items scanned    : 6824
        Registry threats detected : 9
        File items scanned        : 72754
        File threats detected     : 1026

        Adware.Tracking Cookie
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][4].txt
           C:\Documents and Settings\User\Cookies\[email protected][4].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@123stat[2].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\[email protected][4].txt
           C:\Documents and Settings\User\Cookies\user@insightexpressai[8].txt
           C:\Documents and Settings\User\Cookies\user@imrworldwide[1].txt
           C:\Documents and Settings\User\Cookies\user@tacoda[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][8].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@media6degrees[3].txt
           C:\Documents and Settings\User\Cookies\user@adbrite[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][3].txt
           C:\Documents and Settings\User\Cookies\user@specificmedia[3].txt
           C:\Documents and Settings\User\Cookies\user@yieldmanager[3].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@fastclick[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@gaypornblog[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@discountanabolics[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@thefind[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@ru4[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][5].txt
           C:\Documents and Settings\User\Cookies\[email protected][3].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@adecn[4].txt
           C:\Documents and Settings\User\Cookies\[email protected][3].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@adxpose[1].txt
           C:\Documents and Settings\User\Cookies\user@invitemedia[1].txt
           C:\Documents and Settings\User\Cookies\user@tribalfusion[2].txt
           C:\Documents and Settings\User\Cookies\user@smileycentral[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@clickshift[1].txt
           C:\Documents and Settings\User\Cookies\user@atdmt[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@advertising[1].txt
           C:\Documents and Settings\User\Cookies\user@azjmp[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@dmtracker[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][3].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@doubleclick[3].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@interclick[5].txt
           C:\Documents and Settings\User\Cookies\[email protected][3].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@adlegend[2].txt
           C:\Documents and Settings\User\Cookies\user@asianteenpictureclub[1].txt
           C:\Documents and Settings\User\Cookies\user@atwola[8].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@legolas-media[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][3].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@2o7[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][3].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@serving-sys[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][5].txt
           C:\Documents and Settings\User\Cookies\[email protected][3].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][3].txt
           C:\Documents and Settings\User\Cookies\user@fastclick[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@checkstat[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@espnmediazone3[1].txt
           C:\Documents and Settings\User\Cookies\user@findarticles[1].txt
           C:\Documents and Settings\User\Cookies\user@pro-market[1].txt
           C:\Documents and Settings\User\Cookies\user@adtech[1].txt
           C:\Documents and Settings\User\Cookies\user@trackalyzer[1].txt
           C:\Documents and Settings\User\Cookies\user@roiservice[1].txt
           C:\Documents and Settings\User\Cookies\user@w3track[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][6].txt
           C:\Documents and Settings\User\Cookies\user@pornhub[1].txt
           C:\Documents and Settings\User\Cookies\user@clickbank[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][5].txt
           C:\Documents and Settings\User\Cookies\user@tripod[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@burstnet[2].txt
           C:\Documents and Settings\User\Cookies\user@sextracker[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@andomedia[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@adult[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][3].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][4].txt
           C:\Documents and Settings\User\Cookies\user@eyewonder[2].txt
           C:\Documents and Settings\User\Cookies\user@trafficregenerator[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@discountsupplements[1].txt
           C:\Documents and Settings\User\Cookies\user@amex-insights[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@lockedonmedia[3].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@bizrate[3].txt
           C:\Documents and Settings\User\Cookies\user@adultadworld[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@asianmedia[2].txt
           C:\Documents and Settings\User\Cookies\user@mediav[1].txt
           C:\Documents and Settings\User\Cookies\user@bravenet[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@invitemedia[4].txt
           C:\Documents and Settings\User\Cookies\user@xiti[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@spylog[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@publicrecordfinder[1].txt
           C:\Documents and Settings\User\Cookies\user@adinterax[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][4].txt
           C:\Documents and Settings\User\Cookies\user@publicsexjapan[1].txt
           C:\Documents and Settings\User\Cookies\user@smartadserver[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@questionmarket[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@intermundomedia[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@tradedoubler[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][6].txt
           C:\Documents and Settings\User\Cookies\user@mediabum[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@mediaforgews[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][3].txt
           C:\Documents and Settings\User\Cookies\user@qksrv[2].txt
           C:\Documents and Settings\User\Cookies\user@myroitracking[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@click2go[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][8].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@steelhousemedia[2].txt
           C:\Documents and Settings\User\Cookies\user@tubepornvidz[2].txt
           C:\Documents and Settings\User\Cookies\user@clickz[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][7].txt
           C:\Documents and Settings\User\Cookies\user@porn[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@kanoodle[2].txt
           C:\Documents and Settings\User\Cookies\user@trafficmp[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][3].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@lfstmedia[2].txt
           C:\Documents and Settings\User\Cookies\user@apmebf[6].txt
           C:\Documents and Settings\User\Cookies\user@weborama[1].txt
           C:\Documents and Settings\User\Cookies\user@qnsr[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][6].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@revsci[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@kontera[2].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@accountingblock[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@collective-media[4].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\user@bluestreak[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@tacoda[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@sanmateocountyfair[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@lucidmedia[1].txt
           C:\Documents and Settings\User\Cookies\user@adecn[6].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@mediaplex[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][3].txt
           C:\Documents and Settings\User\Cookies\user@specificclick[10].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@toplist[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@liveperson[2].txt
           C:\Documents and Settings\User\Cookies\user@discountfact[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@adultdvdtalk[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][3].txt
           C:\Documents and Settings\User\Cookies\user@liveperson[10].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@pointroll[2].txt
           C:\Documents and Settings\User\Cookies\user@adxpansion[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@mediaforge[1].txt
           C:\Documents and Settings\User\Cookies\user@liveperson[3].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@liveperson[9].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@traveladvertising[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@pornadept[1].txt
           C:\Documents and Settings\User\Cookies\user@backcountry[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@liveperson[6].txt
           C:\Documents and Settings\User\Cookies\user@mediadakine[1].txt
           C:\Documents and Settings\User\Cookies\user@byuaccounting[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@revenue[2].txt
           C:\Documents and Settings\User\Cookies\user@kleankanteen[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected]*censored*-mall[1].txt
           C:\Documents and Settings\User\Cookies\user@gradimages[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@sexasian18[2].txt
           C:\Documents and Settings\User\Cookies\user@dealtime[1].txt
           C:\Documents and Settings\User\Cookies\user@liveperson[7].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@naiadsystems[1].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\user@specificmedia[8].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@linksynergy[1].txt
           C:\Documents and Settings\User\Cookies\user@shefinds[2].txt
           C:\Documents and Settings\User\Cookies\user@pornvidzz[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@edgeadx[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@peoplefinders[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@statcounter[4].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@yadro[1].txt
           C:\Documents and Settings\User\Cookies\user@porn234[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@liveperson[5].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@nextag[3].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@wawporn[1].txt
           C:\Documents and Settings\User\Cookies\user@2o7[2].txt
           C:\Documents and Settings\User\Cookies\user@superstats[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@mediabrandsww[1].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@pornordie[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\user@webstat[2].txt
           C:\Documents and Settings\User\Cookies\user@accountancyagejobs[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@liveperson[1].txt
           C:\Documents and Settings\User\Cookies\user@realmedia[1].txt
           C:\Documents and Settings\User\Cookies\user@discountdance[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][10].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\user@insightexpressai[5].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@www.*censored*[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@liveperson[11].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@adxpansion[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@fortunecity[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@everglowmedia[1].txt
           C:\Documents and Settings\User\Cookies\user@petfinder[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@webpower[1].txt
           C:\Documents and Settings\User\Cookies\user@liveperson[8].txt
           C:\Documents and Settings\User\Cookies\[email protected][11].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\user@homeinsight[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@lynxtrack[1].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\[email protected][5].txt
           C:\Documents and Settings\User\Cookies\user@adultdvdpacific[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@mediablvd[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][10].txt
           C:\Documents and Settings\User\Cookies\[email protected][5].txt
           C:\Documents and Settings\User\Cookies\user@adultfriendfinder[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@porndad[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@*censored*[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@accountonline[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@liveperson[4].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@elitechoice[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@greentechmedia[1].txt
           C:\Documents and Settings\User\Cookies\user@*censored*.122.2o7[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][6].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@popularscreensavers[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@chitika[5].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][7].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\[email protected][9].txt
           C:\Documents and Settings\User\Cookies\user@adbrite[1].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\[email protected][6].txt
           C:\Documents and Settings\User\Cookies\[email protected][9].txt
           C:\Documents and Settings\User\Cookies\user@hornymatches[2].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@accountemps[1].txt
           C:\Documents and Settings\User\Cookies\user@casalemedia[2].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\user@accounting-financial-tax[1].txt
           C:\Documents and Settings\User\Cookies\user@teenbodybuilding[1].txt
           C:\Documents and Settings\User\Cookies\user@dancediscount[2].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\user@hitbox[1].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\[email protected][2].txt
           C:\Documents and Settings\User\Cookies\user@vcdiscounter[1].txt
           C:\Documents and Settings\User\Cookies\[email protected]
           C:\Documents and Settings\User\Cookies\user@pornvisit[1].txt
           C:\Documents and Settings\User\Cookies\[email protected][4].txt
           C:\Documents and Settings\User\Cookies\[email protected][1].txt
           a.ads2.msads.net [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           adbureau.net [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           ads1.msn.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           ads2.msads.net [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           ads2.msn.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           b.ads2.msads.net [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           bannerfarm.ace.advertising.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           bbca.channelfinder.net [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           cdn2.invitemedia.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           cdn4.specificclick.net [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           content.yieldmanager.edgesuite.net [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           convoad.technoratimedia.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           core.insightexpressai.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           ds.serving-sys.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           ec.atdmt.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           googleads.g.doubleclick.net [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           ia.media-imdb.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           insight.randomhouse.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           interclick.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           m1.2mdn.net [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           macromedia.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           media-cdn.pictela.net [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           media-macys2.pictela.net [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           media-mars.pictela.net [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           media.jambocast.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           media.mtvnservices.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           media.mtvu.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           media.nbcsandiego.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           media.onsugar.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           media.podaddies.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           media.resulthost.org [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           media.scanscout.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           media.tattomedia.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           media.thewb.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           media01.kyte.tv [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           media1.break.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           media10.washingtonpost.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           mediaforgews.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           msnbcmedia.msn.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           msntest.serving-sys.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           naiadsystems.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           objects.tremormedia.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           opti.21mediaentertainment.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           richmedia247.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           s0.2mdn.net [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           sb3nru46o30.members.idols69.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           secure-uk.imrworldwide.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           secure-us.imrworldwide.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           serving-sys.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           spe.atdmt.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           static.2mdn.net [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           tour.pornclassics.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           udn.specificclick.net [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           www.classicpornlinks.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           www.crackle.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           www.media.christian-bale.org [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           www.naiadsystems.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           www.porn.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           www.pornhub.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           www.theclassicporn.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           www.ziporn.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           wwwstatic.megaporn.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           yieldmanager.edgesuite.net [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KX8GGUV9 ]
           .a1.interclick.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .adbureau.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .adcentriconline.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .adinterax.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .adinterax.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .adlegend.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .adopt.specificclick.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .ads.mediamayhemcorp.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .ads.mediamayhemcorp.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .ads.mediamayhemcorp.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .ads.mediamayhemcorp.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .ads.pointroll.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .ads.pointroll.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .ads.pointroll.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .ads.pointroll.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .ads.pointroll.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .ads.pointroll.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .adserv.brandaffinity.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .adserver.adtechus.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .adserving.cpxinteractive.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .*adult URL* [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .amazonservices.122.2o7.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .apmebf.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .asiafriendfinder.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .asiafriendfinder.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .asiafriendfinder.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .at.atwola.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .bellglobemediapublishing.122.2o7.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .bonniercorp.122.2o7.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .buycom.122.2o7.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .californiastateautomobileassociation.1 12.2o7.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .caselaw.lp.findlaw.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .cbs.112.2o7.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .cbsdigitalmedia.112.2o7.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .cengagelearning.112.2o7.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .cgm.adbureau.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .chicagosuntimes.122.2o7.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .clicks.adengage.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .clickshift.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .collective-media.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .dc.tremormedia.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .dmtracker.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .dtag.112.2o7.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .eas.apm.emediate.eu [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .eas.apm.emediate.eu [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .edge.ru4.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .electronicarts.112.2o7.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .elitefitness.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .eyewonder.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .findarticles.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .findarticles.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .findarticles.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .findinternettv.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .gsicace.112.2o7.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .hearstmagazines.112.2o7.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .hornymatches.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .hornystyle.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .iacas-s.adbureau.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .iacas.adbureau.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .iacas.adbureau.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .iacas.adbureau.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .iacas.adbureau.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .iacsb1.adbureau.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .imediac.adbureau.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .imediac.adbureau.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .imediaconnection.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .imediaconnection.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .imrworldwide.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .imrworldwide.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .insightexpressai.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .interclick.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .interclick.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .invitemedia.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .invitemedia.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .invitemedia.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .invitemedia.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .kontera.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .likecrack.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .link.mercent.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .linksynergy.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .linksynergy.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .linksynergy.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .media.legacy.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .media.mtvnservices.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .msnaccountservices.112.2o7.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .msnbc.112.2o7.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .network.realmedia.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .nextag.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .nextag.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .nextag.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .nextag.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .pornoinside.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .*censored*.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .qnsr.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .rotator.adjuggler.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .rotator.adjuggler.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .rotator.adjuggler.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .s.clickability.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .s.clickability.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .safeway.112.2o7.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .sfadvertiser.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .singletracks.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .singletracks.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .sixapart.adbureau.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .sixapart.adbureau.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .sixpackabsexercises.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .sparknetworks.112.2o7.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .statcounter.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .statcounter.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .statcounter.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .statcounter.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .thebestporn.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .thefind.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .thefind.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .torontoseeker.com [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .trinitymirror.112.2o7.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .ussearch.122.2o7.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .viacom.adbureau.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .viacom.adbureau.net [ C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\cookies.sqlite ]
           .viacom.adbureau.net [

        miolner1

          Topic Starter


          Rookie

          Re: Yahoo Msg will not open ....can anybody sort this issue out ? w/log
          « Reply #4 on: September 07, 2010, 05:36:12 PM »
          and last but not least :

          Results of screen317's Security Check version 0.99.5 
           Windows XP Service Pack 3 
           Internet Explorer 8 
           Error creating install.txt after 3 tries! Trying alternate method...
           Error creating Process List-- tell your Helper
          ``````````````````````````````
          Antivirus/Firewall Check:

           Windows Firewall Enabled! 
          ```````````````````````````````
          Anti-malware/Other Utilities Check:

          ````````````````````````````````
          Process Check: 
          objlist.exe by Laurent

          ````````````````````````````````
          DNS Vulnerability Check:

           GREAT! (Not vulnerable to DNS cache poisoning)

          ``````````End of Log````````````

          SuperDave

          • Malware Removal Specialist
          • Moderator


          • Genius
          • Thanked: 1020
          • Certifications: List
          • Experience: Expert
          • OS: Windows 10
          Re: Yahoo Msg will not open ....can anybody sort this issue out ? w/log
          « Reply #5 on: September 07, 2010, 05:58:59 PM »
          Did you update your AV program as instructed?

          Download ComboFix by sUBs from one of the below links. 

          Important! You MUST save ComboFix to your desktop

          link # 1
          Link # 2

          Temporarily disable your Anti-virus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

          Double click on ComboFix.exe & follow the prompts.

          Vista users Right-Click on ComboFix.exe and select Run as administrator (you will receive a UAC prompt, please allow it)

          Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

          When the scan completes it will open a text window.
           
          Post the contents of that log in your next reply.

          Remember to re-enable your Anti-virus and Antispyware protection when ComboFix is complete.
          Windows 8 and Windows 10 dual boot with two SSD's

          miolner1

            Topic Starter


            Rookie

            Re: Yahoo Msg will not open ....can anybody sort this issue out ? w/log
            « Reply #6 on: September 08, 2010, 12:12:41 PM »
            SuperD, I went ahead and updated my virus protection for AVG....also this is the log from combofix......how does it look now?

            ComboFix 10-09-07.03 - User 09/08/2010  11:16:34.1.1 - x86
            Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1014.241 [GMT -7:00]
            Running from: c:\documents and settings\User\My Documents\Downloads\ComboFix.exe
            AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
            .

            (((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
            .

            c:\documents and settings\User\Recent\Thumbs.db
            C:\LOG190.tmp
            C:\LOG611.tmp
            C:\LOGDA.tmp
            C:\LOGDF.tmp
            C:\LOGE1.tmp
            c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf
            c:\windows\jestertb.dll

            .
            (((((((((((((((((((((((((   Files Created from 2010-08-08 to 2010-09-08  )))))))))))))))))))))))))))))))
            .

            2010-09-07 23:48 . 2010-09-07 23:48   --------   d-----w-   c:\documents and settings\LocalService\Application Data\McAfee
            2010-09-07 03:49 . 2010-04-29 22:39   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
            2010-09-07 03:49 . 2010-04-29 22:39   20952   ----a-w-   c:\windows\system32\drivers\mbam.sys
            2010-09-07 03:49 . 2010-09-07 03:49   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
            2010-09-07 01:10 . 2010-09-07 01:10   63488   ----a-w-   c:\documents and settings\User\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
            2010-09-07 01:10 . 2010-09-07 01:10   52224   ----a-w-   c:\documents and settings\User\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
            2010-09-07 01:10 . 2010-09-07 01:10   117760   ----a-w-   c:\documents and settings\User\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
            2010-09-07 01:09 . 2010-09-07 01:09   --------   d-----w-   c:\documents and settings\User\Application Data\SUPERAntiSpyware.com
            2010-09-07 01:09 . 2010-09-07 01:09   --------   d-----w-   c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
            2010-09-07 01:09 . 2010-09-07 01:09   --------   d-----w-   c:\program files\SUPERAntiSpyware
            2010-08-25 04:31 . 2010-08-25 04:31   --------   d-----w-   c:\documents and settings\NetworkService\Local Settings\Application Data\Google
            2010-08-25 04:30 . 2010-08-25 04:30   56   ---ha-w-   c:\windows\system32\ezsidmv.dat
            2010-08-25 04:30 . 2010-09-07 23:14   --------   d-----w-   c:\documents and settings\User\Application Data\skypePM
            2010-08-25 04:26 . 2010-09-08 06:47   --------   d-----w-   c:\documents and settings\User\Application Data\Skype
            2010-08-25 04:26 . 2010-09-08 00:28   --------   d-----w-   c:\documents and settings\LocalService\Local Settings\Application Data\Google
            2010-08-25 04:26 . 2010-08-25 04:28   --------   d-----w-   c:\documents and settings\User\Local Settings\Application Data\Temp
            2010-08-25 04:25 . 2010-08-25 04:25   --------   d-----w-   c:\program files\Common Files\Skype
            2010-08-25 04:25 . 2010-08-25 04:26   --------   d-----r-   c:\program files\Skype
            2010-08-25 04:25 . 2010-08-25 04:25   --------   d-----w-   c:\documents and settings\All Users\Application Data\Skype
            2010-08-12 07:04 . 2010-08-12 07:07   --------   d-----w-   C:\2c2772b9e2d7dcf05a4252b8ab

            .
            ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
            .
            2010-09-07 23:26 . 2001-01-31 21:18   --------   d-----w-   c:\program files\McAfee Security Scan
            2010-09-07 03:28 . 2008-08-03 02:22   --------   d-----w-   c:\documents and settings\User\Application Data\Comodo
            2010-09-07 03:28 . 2008-08-03 02:22   --------   d-----w-   c:\program files\COMODO
            2010-08-25 04:31 . 2004-11-21 02:35   --------   d-----w-   c:\program files\Google
            2010-08-23 05:46 . 2008-08-03 02:13   --------   d-----w-   c:\documents and settings\All Users\Application Data\avg8
            2010-08-21 01:11 . 2008-08-02 20:40   42816   ----a-w-   c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
            2010-07-31 05:47 . 2010-07-31 05:47   --------   d-----w-   c:\program files\Microsoft CAPICOM 2.1.0.2
            2010-06-30 12:31 . 2004-11-21 00:04   149504   ----a-w-   c:\windows\system32\schannel.dll
            2010-06-24 12:22 . 2004-11-21 00:04   916480   ----a-w-   c:\windows\system32\wininet.dll
            2010-06-23 13:44 . 2004-11-21 00:04   1851904   ----a-w-   c:\windows\system32\win32k.sys
            2010-06-21 15:27 . 2004-11-21 00:04   354304   ----a-w-   c:\windows\system32\drivers\srv.sys
            2010-06-17 14:03 . 2004-11-21 00:04   80384   ----a-w-   c:\windows\system32\iccvid.dll
            2010-06-14 14:31 . 2004-11-21 01:19   744448   ----a-w-   c:\windows\pchealth\helpctr\binaries\helpsvc.exe
            2010-06-14 07:41 . 2004-11-21 00:04   1172480   ----a-w-   c:\windows\system32\msxml3.dll
            .

            (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
            .
            .
            *Note* empty entries & legit default entries are not shown
            REGEDIT4

            [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
            "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

            [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
            "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

            [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

            [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
            "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

            [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

            [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
            "Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
            "Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-31 4670704]
            "AOL Fast Start"="c:\program files\AOL 9.1\AOL.EXE" [2008-06-03 50528]
            "Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]

            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
            "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2001-02-18 2048352]
            "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-11-06 5406720]
            "YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
            "Netscape"="c:\program files\Common Files\ISPCOMP\InstallService.exe" [2005-09-07 173568]
            "HostManager"="c:\program files\Common Files\AOL\1217722696\ee\AOLSoftware.exe" [2007-05-25 42032]

            c:\documents and settings\All Users\Start Menu\Programs\Startup\
            McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

            [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
            "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

            [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
            2009-09-03 22:21   548352   ----a-w-   c:\program files\SUPERAntiSpyware\SASWINLO.DLL

            [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
            2001-01-02 16:08   11952   ----a-w-   c:\windows\system32\avgrsstx.dll

            [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
            2004-10-27 23:40   73728   ----a-w-   c:\windows\system32\VESWinlogon.dll

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
            2004-10-14 00:00   57344   -c--a-w-   c:\windows\ALCMTR.EXE

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]
            2008-06-03 05:35   50528   ----a-w-   c:\program files\AOL 9.1\aol.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
            2006-10-23 12:50   71216   ----a-r-   c:\program files\Common Files\AOL\ACS\AOLDial.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
            2003-11-08 00:21   114688   -c--a-w-   c:\program files\Apoint\Apoint.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO SafeSurf]
            2008-08-03 02:23   278264   -c--a-w-   c:\program files\COMODO\SafeSurf\cssurf.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreateCD_Reminder]
            2004-07-16 19:17   53248   -c--a-w-   c:\windows\SONYSYS\VAIO Recovery\Reminder.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
            2008-04-14 00:12   15360   ----a-w-   c:\windows\system32\ctfmon.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
            2007-04-09 19:32   19456   -c--a-w-   c:\windows\system32\CtHelper.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
            2007-04-09 19:32   19968   -c--a-w-   c:\windows\system32\Ctxfihlp.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
            2007-05-25 17:16   42032   ----a-w-   c:\program files\Common Files\AOL\1217722696\ee\aolsoftware.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
            2004-10-08 15:27   126976   -c--a-w-   c:\windows\system32\hkcmd.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
            2004-10-08 15:31   155648   -c--a-w-   c:\windows\system32\igfxtray.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
            2004-02-20 22:12   32768   -c--a-w-   c:\program files\Sony\ISB Utility\ISBMgr.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
            2004-11-06 05:05   5406720   ----a-w-   c:\windows\system32\nvcpl.dll

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
            2007-09-04 21:52   54576   -c--a-w-   c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
            2008-08-02 20:50   26112   ----a-w-   c:\program files\Real\RealPlayer\realplay.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefaultMIDI]
            2007-04-09 19:19   28672   -c--a-w-   c:\windows\system32\MIDIDEF.EXE

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SonyPowerCfg]
            2004-10-22 03:12   184320   ----a-w-   c:\program files\Sony\VAIO Power Management\SPMgr.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Switcher.exe]
            2004-10-26 06:20   167936   ----a-w-   c:\program files\Sony\Wireless Switch Setting Utility\Switcher.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Recovery]
            2003-04-20 05:08   28672   -c--a-w-   c:\windows\SONYSYS\VAIO Recovery\PartSeal.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Update 2]
            2004-09-22 02:54   151552   ----a-w-   c:\program files\Sony\VAIO Update 2\VAIOUpdt.exe

            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
            2007-08-31 01:43   4670704   ----a-w-   c:\program files\Yahoo!\Messenger\YahooMessenger.exe

            [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
            "%windir%\\system32\\sessmgr.exe"=
            "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
            "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
            "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
            "c:\\Program Files\\America Online 9.0\\waol.exe"=
            "c:\\Program Files\\Common Files\\AOL\\1217722696\\ee\\aolsoftware.exe"=
            "c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
            "c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
            "c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
            "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
            "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
            "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
            "c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
            "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
            "c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
            "c:\\Program Files\\AOL 9.1\\waol.exe"=
            "c:\\Documents and Settings\\User\\My Documents\\Downloads\\SweetImSetup.exe"=
            "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
            "c:\\Program Files\\Skype\\Phone\\Skype.exe"=

            R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [8/2/2008 7:13 PM 335240]
            R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [8/2/2008 7:13 PM 108552]
            R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 11:25 AM 12872]
            R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 11:41 AM 67656]
            R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [8/2/2008 7:13 PM 908056]
            R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [8/2/2008 7:13 PM 297752]
            S2 dkohxnk;Update Universal;c:\windows\system32\svchost.exe -k netsvcs [11/20/2004 5:04 PM 14336]
            S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8/24/2010 9:26 PM 136176]
            S2 rvjuka;System Windows;c:\windows\system32\svchost.exe -k netsvcs [11/20/2004 5:04 PM 14336]
            S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [1/15/2010 5:49 AM 227232]

            HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
            dkohxnk
            rvjuka
            .
            Contents of the 'Scheduled Tasks' folder

            2010-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
            - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-25 04:26]

            2010-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
            - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-25 04:26]
            .
            .
            ------- Supplementary Scan -------
            .
            uStart Page = home.netscape.com
            mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
            uInternet Settings,ProxyOverride = <local>
            uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
            IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
            IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
            IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
            IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
            IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
            IE: Translate into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
            FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\
            FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
            FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
            FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava11.dll
            FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava12.dll
            FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava13.dll
            FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava14.dll
            FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava32.dll
            FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJPI150.dll
            FF - plugin: c:\program files\Java\jre1.5.0\bin\NPOJI610.dll
            FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

            ---- FIREFOX POLICIES ----
            c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
            c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
            .
            - - - - ORPHANS REMOVED - - - -

            HKLM-Run-NetscapeClient - (no file)
            MSConfigStartUp-COMODO Firewall Pro - c:\program files\COMODO\Firewall\cfp.exe
            MSConfigStartUp-Mouse Suite 98 Daemon - ICO.EXE
            MSConfigStartUp-MSMSGS - c:\program files\Messenger\msmsgs.exe
            MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\qttask.exe
            AddRemove-CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003 - c:\program files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003\HXFSETUP.EXE -U -IHDAUDIO\FUNC_02&VEN_14F1&DEV_2BFA&SUBSYS_20030003



            **************************************************************************

            catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
            Rootkit scan 2010-09-08 11:24
            Windows 5.1.2600 Service Pack 3 NTFS

            scanning hidden processes ... 

            scanning hidden autostart entries ...

            scanning hidden files ... 

            scan completed successfully
            hidden files: 0

            **************************************************************************

            [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dkohxnk]
            "ServiceDll"="c:\windows\system32\zkfibbc.dll"
            --

            SuperDave

            • Malware Removal Specialist
            • Moderator


            • Genius
            • Thanked: 1020
            • Certifications: List
            • Experience: Expert
            • OS: Windows 10
            Re: Yahoo Msg will not open ....can anybody sort this issue out ? w/log
            « Reply #7 on: September 08, 2010, 05:17:52 PM »
            You have Viewpoint installed.

            Viewpoint Media Player/Manager/Toolbar is considered as Foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad".

            More information:

            * ViewMgr.exe - Useless
            * Viewpoint to Plunge Into Adware

            It is suggested to remove the program now. Go to Start > Control Panel > Add/Remove Programs - (Vista & Win7 is Programs and Features) and remove the following programs if present.

            * Viewpoint
            * Viewpoint Manager
            * Viewpoint Media Player
            * Viewpoint Toolbar
            * Viewpoint Experience Technology


            *********************************

            This does not appear to be the full log for ComboFix. Could you please run it again and post the log.
            Windows 8 and Windows 10 dual boot with two SSD's

            miolner1

              Topic Starter


              Rookie

              Re: Yahoo Msg will not open ....can anybody sort this issue out ? w/log
              « Reply #8 on: September 08, 2010, 06:03:13 PM »
              This is the most recent combofix log :

              ComboFix 10-09-08.01 - User 09/08/2010  17:14:28.2.1 - x86
              Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1014.417 [GMT -7:00]
              Running from: c:\documents and settings\User\Desktop\ComboFix.exe
              AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
              .

              (((((((((((((((((((((((((   Files Created from 2010-08-09 to 2010-09-09  )))))))))))))))))))))))))))))))
              .

              2010-09-07 23:48 . 2010-09-07 23:48   --------   d-----w-   c:\documents and settings\LocalService\Application Data\McAfee
              2010-09-07 03:49 . 2010-04-29 22:39   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
              2010-09-07 03:49 . 2010-04-29 22:39   20952   ----a-w-   c:\windows\system32\drivers\mbam.sys
              2010-09-07 03:49 . 2010-09-07 03:49   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
              2010-09-07 01:10 . 2010-09-07 01:10   63488   ----a-w-   c:\documents and settings\User\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
              2010-09-07 01:10 . 2010-09-07 01:10   52224   ----a-w-   c:\documents and settings\User\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
              2010-09-07 01:10 . 2010-09-07 01:10   117760   ----a-w-   c:\documents and settings\User\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
              2010-09-07 01:09 . 2010-09-07 01:09   --------   d-----w-   c:\documents and settings\User\Application Data\SUPERAntiSpyware.com
              2010-09-07 01:09 . 2010-09-07 01:09   --------   d-----w-   c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
              2010-09-07 01:09 . 2010-09-07 01:09   --------   d-----w-   c:\program files\SUPERAntiSpyware
              2010-08-25 04:31 . 2010-08-25 04:31   --------   d-----w-   c:\documents and settings\NetworkService\Local Settings\Application Data\Google
              2010-08-25 04:30 . 2010-08-25 04:30   56   ---ha-w-   c:\windows\system32\ezsidmv.dat
              2010-08-25 04:30 . 2010-09-07 23:14   --------   d-----w-   c:\documents and settings\User\Application Data\skypePM
              2010-08-25 04:26 . 2010-09-08 06:47   --------   d-----w-   c:\documents and settings\User\Application Data\Skype
              2010-08-25 04:26 . 2010-09-08 00:28   --------   d-----w-   c:\documents and settings\LocalService\Local Settings\Application Data\Google
              2010-08-25 04:26 . 2010-08-25 04:28   --------   d-----w-   c:\documents and settings\User\Local Settings\Application Data\Temp
              2010-08-25 04:25 . 2010-08-25 04:25   --------   d-----w-   c:\program files\Common Files\Skype
              2010-08-25 04:25 . 2010-08-25 04:26   --------   d-----r-   c:\program files\Skype
              2010-08-25 04:25 . 2010-08-25 04:25   --------   d-----w-   c:\documents and settings\All Users\Application Data\Skype
              2010-08-12 07:04 . 2010-08-12 07:07   --------   d-----w-   C:\2c2772b9e2d7dcf05a4252b8ab

              .
              ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
              .
              2010-09-09 00:12 . 2010-09-09 00:12   --------   d-----w-   c:\program files\MetaStream
              2010-09-07 23:26 . 2001-01-31 21:18   --------   d-----w-   c:\program files\McAfee Security Scan
              2010-09-07 03:28 . 2008-08-03 02:22   --------   d-----w-   c:\documents and settings\User\Application Data\Comodo
              2010-09-07 03:28 . 2008-08-03 02:22   --------   d-----w-   c:\program files\COMODO
              2010-08-25 04:31 . 2004-11-21 02:35   --------   d-----w-   c:\program files\Google
              2010-08-23 05:46 . 2008-08-03 02:13   --------   d-----w-   c:\documents and settings\All Users\Application Data\avg8
              2010-08-21 01:11 . 2008-08-02 20:40   42816   ----a-w-   c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
              2010-07-31 05:47 . 2010-07-31 05:47   --------   d-----w-   c:\program files\Microsoft CAPICOM 2.1.0.2
              2010-06-30 12:31 . 2004-11-21 00:04   149504   ----a-w-   c:\windows\system32\schannel.dll
              2010-06-24 12:22 . 2004-11-21 00:04   916480   ----a-w-   c:\windows\system32\wininet.dll
              2010-06-23 13:44 . 2004-11-21 00:04   1851904   ----a-w-   c:\windows\system32\win32k.sys
              2010-06-21 15:27 . 2004-11-21 00:04   354304   ----a-w-   c:\windows\system32\drivers\srv.sys
              2010-06-17 14:03 . 2004-11-21 00:04   80384   ----a-w-   c:\windows\system32\iccvid.dll
              2010-06-14 14:31 . 2004-11-21 01:19   744448   ----a-w-   c:\windows\pchealth\helpctr\binaries\helpsvc.exe
              2010-06-14 07:41 . 2004-11-21 00:04   1172480   ----a-w-   c:\windows\system32\msxml3.dll
              .

              (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
              .
              .
              *Note* empty entries & legit default entries are not shown
              REGEDIT4

              [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
              "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

              [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

              [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
              "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

              [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

              [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
              "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

              [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

              [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
              "Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
              "Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-31 4670704]
              "AOL Fast Start"="c:\program files\AOL 9.1\AOL.EXE" [2008-06-03 50528]
              "Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]

              [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
              "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2001-02-18 2048352]
              "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-11-06 5406720]
              "YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
              "Netscape"="c:\program files\Common Files\ISPCOMP\InstallService.exe" [2005-09-07 173568]
              "HostManager"="c:\program files\Common Files\AOL\1217722696\ee\AOLSoftware.exe" [2007-05-25 42032]

              c:\documents and settings\All Users\Start Menu\Programs\Startup\
              McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

              [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
              "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

              [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
              2009-09-03 22:21   548352   ----a-w-   c:\program files\SUPERAntiSpyware\SASWINLO.DLL

              [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
              2001-01-02 16:08   11952   ----a-w-   c:\windows\system32\avgrsstx.dll

              [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
              2004-10-27 23:40   73728   ----a-w-   c:\windows\system32\VESWinlogon.dll

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
              2004-10-14 00:00   57344   -c--a-w-   c:\windows\ALCMTR.EXE

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]
              2008-06-03 05:35   50528   ----a-w-   c:\program files\AOL 9.1\aol.exe

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
              2006-10-23 12:50   71216   ----a-r-   c:\program files\Common Files\AOL\ACS\AOLDial.exe

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
              2003-11-08 00:21   114688   -c--a-w-   c:\program files\Apoint\Apoint.exe

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO SafeSurf]
              2008-08-03 02:23   278264   -c--a-w-   c:\program files\COMODO\SafeSurf\cssurf.exe

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreateCD_Reminder]
              2004-07-16 19:17   53248   -c--a-w-   c:\windows\SONYSYS\VAIO Recovery\Reminder.exe

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
              2008-04-14 00:12   15360   ----a-w-   c:\windows\system32\ctfmon.exe

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
              2007-04-09 19:32   19456   -c--a-w-   c:\windows\system32\CtHelper.exe

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
              2007-04-09 19:32   19968   -c--a-w-   c:\windows\system32\Ctxfihlp.exe

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
              2007-05-25 17:16   42032   ----a-w-   c:\program files\Common Files\AOL\1217722696\ee\aolsoftware.exe

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
              2004-10-08 15:27   126976   -c--a-w-   c:\windows\system32\hkcmd.exe

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
              2004-10-08 15:31   155648   -c--a-w-   c:\windows\system32\igfxtray.exe

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
              2004-02-20 22:12   32768   -c--a-w-   c:\program files\Sony\ISB Utility\ISBMgr.exe

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
              2004-11-06 05:05   5406720   ----a-w-   c:\windows\system32\nvcpl.dll

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
              2007-09-04 21:52   54576   -c--a-w-   c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
              2008-08-02 20:50   26112   ----a-w-   c:\program files\Real\RealPlayer\realplay.exe

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefaultMIDI]
              2007-04-09 19:19   28672   -c--a-w-   c:\windows\system32\MIDIDEF.EXE

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SonyPowerCfg]
              2004-10-22 03:12   184320   ----a-w-   c:\program files\Sony\VAIO Power Management\SPMgr.exe

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Switcher.exe]
              2004-10-26 06:20   167936   ----a-w-   c:\program files\Sony\Wireless Switch Setting Utility\Switcher.exe

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Recovery]
              2003-04-20 05:08   28672   -c--a-w-   c:\windows\SONYSYS\VAIO Recovery\PartSeal.exe

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Update 2]
              2004-09-22 02:54   151552   ----a-w-   c:\program files\Sony\VAIO Update 2\VAIOUpdt.exe

              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
              2007-08-31 01:43   4670704   ----a-w-   c:\program files\Yahoo!\Messenger\YahooMessenger.exe

              [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
              "%windir%\\system32\\sessmgr.exe"=
              "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
              "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
              "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
              "c:\\Program Files\\America Online 9.0\\waol.exe"=
              "c:\\Program Files\\Common Files\\AOL\\1217722696\\ee\\aolsoftware.exe"=
              "c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
              "c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
              "c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
              "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
              "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
              "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
              "c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
              "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
              "c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
              "c:\\Program Files\\AOL 9.1\\waol.exe"=
              "c:\\Documents and Settings\\User\\My Documents\\Downloads\\SweetImSetup.exe"=
              "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
              "c:\\Program Files\\Skype\\Phone\\Skype.exe"=

              R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [8/2/2008 7:13 PM 335240]
              R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [8/2/2008 7:13 PM 108552]
              R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 11:25 AM 12872]
              R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 11:41 AM 67656]
              R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [8/2/2008 7:13 PM 908056]
              R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [8/2/2008 7:13 PM 297752]
              S2 dkohxnk;Update Universal;c:\windows\system32\svchost.exe -k netsvcs [11/20/2004 5:04 PM 14336]
              S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8/24/2010 9:26 PM 136176]
              S2 rvjuka;System Windows;c:\windows\system32\svchost.exe -k netsvcs [11/20/2004 5:04 PM 14336]
              S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [1/15/2010 5:49 AM 227232]

              HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
              dkohxnk
              rvjuka
              .
              Contents of the 'Scheduled Tasks' folder

              2010-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
              - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-25 04:26]

              2010-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
              - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-25 04:26]
              .
              .
              ------- Supplementary Scan -------
              .
              uStart Page = home.netscape.com
              mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
              uInternet Settings,ProxyOverride = <local>
              uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
              IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
              IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
              IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
              IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
              IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
              IE: Translate into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
              FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\
              FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
              FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
              FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava11.dll
              FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava12.dll
              FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava13.dll
              FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava14.dll
              FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava32.dll
              FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJPI150.dll
              FF - plugin: c:\program files\Java\jre1.5.0\bin\NPOJI610.dll

              ---- FIREFOX POLICIES ----
              c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
              c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
              .
              .
              ------- File Associations -------
              .
              .scr=REG_SZ         
              .

              **************************************************************************

              catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
              Rootkit scan 2010-09-08 17:20
              Windows 5.1.2600 Service Pack 3 NTFS

              scanning hidden processes ... 

              scanning hidden autostart entries ...

              scanning hidden files ... 

              scan completed successfully
              hidden files: 0

              **************************************************************************

              [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dkohxnk]
              "ServiceDll"="c:\windows\system32\zkfibbc.dll"
              --

              [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rvjuka]
              "ServiceDll"="c:\windows\system32\zkfibbc.dll"
              .
              --------------------- DLLs Loaded Under Running Processes ---------------------

              - - - - - - - > 'winlogon.exe'(864)
              c:\program files\SUPERAntiSpyware\SASWINLO.DLL
              c:\windows\system32\WININET.dll
              c:\windows\system32\VESWinlogon.dll

              - - - - - - - > 'explorer.exe'(2800)
              c:\windows\system32\WININET.dll
              c:\program files\Microsoft Office\OFFICE11\msohev.dll
              c:\windows\system32\ieframe.dll
              c:\windows\system32\webcheck.dll
              .
              Completion time: 2010-09-08  17:22:56
              ComboFix-quarantined-files.txt  2010-09-09 00:22
              ComboFix2.txt  2010-09-08 18:27

              Pre-Run: 43,316,379,648 bytes free
              Post-Run: 43,323,912,192 bytes free

              - - End Of File - - 0B216D6F8340B641DA9DBAE06C76C18B

              SuperDave

              • Malware Removal Specialist
              • Moderator


              • Genius
              • Thanked: 1020
              • Certifications: List
              • Experience: Expert
              • OS: Windows 10
              Re: Yahoo Msg will not open ....can anybody sort this issue out ? w/log
              « Reply #9 on: September 09, 2010, 01:02:26 PM »
              * Download the following tool: RootRepeal - Rootkit Detector
              * Direct download link is here: RootRepeal.zip

              * Close all programs and temporarily disable your anti-virus, Firewall and any anti-malware real-time protection before performing a scan.
              * Click this link to see a list of such programs and how to disable them.

              * Extract the program file to a new folder such as C:\RootRepeal
              * Run the program RootRepeal.exe and go to the REPORT tab and click on the Scan button.
              * Select ALL of the checkboxes and then click OK and it will start scanning your system.
              * If you have multiple drives you only need to check the C: drive or the one Windows is installed on.
              * When done, click on Save Report
              * Save it to the same location where you ran it from, such as C:RootRepeal
              * Save it as rootrepeal.txt
              * Then open that log and select all and copy/paste it back on your next reply please.
              * Close RootRepeal.
              Windows 8 and Windows 10 dual boot with two SSD's

              miolner1

                Topic Starter


                Rookie

                Re: Yahoo Msg will not open ....can anybody sort this issue out ? w/log
                « Reply #10 on: September 10, 2010, 01:55:50 PM »
                Dave, here is the Rootrepeal log as requested:


                ROOTREPEAL (c) AD, 2007-2009
                ==================================================
                Scan Start Time:      2010/09/10 12:59
                Program Version:      Version 1.3.5.0
                Windows Version:      Windows XP SP3
                ==================================================

                Drivers
                -------------------
                Name: catchme.sys
                Image Path: C:\DOCUME~1\User\LOCALS~1\Temp\catchme.sys
                Address: 0xF7A24000   Size: 31744   File Visible: No   Signed: -
                Status: -

                Name: dump_atapi.sys
                Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
                Address: 0xA9BFE000   Size: 98304   File Visible: No   Signed: -
                Status: -

                Name: dump_WMILIB.SYS
                Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
                Address: 0xF7BCC000   Size: 8192   File Visible: No   Signed: -
                Status: -

                Name: mbr.sys
                Image Path: C:\DOCUME~1\User\LOCALS~1\Temp\mbr.sys
                Address: 0xF7924000   Size: 20864   File Visible: No   Signed: -
                Status: -

                Name: PROCEXP113.SYS
                Image Path: C:\WINDOWS\system32\Drivers\PROCEXP113.SYS
                Address: 0xF7BF4000   Size: 7872   File Visible: No   Signed: -
                Status: -

                Name: rootrepeal.sys
                Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
                Address: 0xA9C87000   Size: 49152   File Visible: No   Signed: -
                Status: -

                Hidden/Locked Files
                -------------------
                Path: C:\hiberfil.sys
                Status: Locked to the Windows API!

                Path: c:\vetlog.txt
                Status: Size mismatch (API: 3459032, Raw: 3456235)

                Path: c:\windows\temp\11521233-e01b-42e5-b421-00dfffd94be2.tmp
                Status: Allocation size mismatch (API: 65536, Raw: 0)

                Path: c:\documents and settings\all users\application data\aol\c_aol 9.1\shellmon.ph
                Status: Size mismatch (API: 5220, Raw: 3023)

                Hidden Services
                -------------------
                Service Name: dkohxnk
                Image Path: %SystemRoot%\system32\svchost.exe -k netsvcs

                Service Name: rvjuka
                Image Path: %SystemRoot%\system32\svchost.exe -k netsvcs

                ==EOF==

                SuperDave

                • Malware Removal Specialist
                • Moderator


                • Genius
                • Thanked: 1020
                • Certifications: List
                • Experience: Expert
                • OS: Windows 10
                Re: Yahoo Msg will not open ....can anybody sort this issue out ? w/log
                « Reply #11 on: September 10, 2010, 03:52:01 PM »
                Re-running ComboFix to remove infections:

                • Close any open browsers.
                • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
                • Open notepad and copy/paste the text in the quotebox below into it:
                  Quote
                  KillAll::

                  File::
                  c:\windows\temp\11521233-e01b-42e5-b421-00dfffd94be2.tmp

                  NetSvc::
                  dkohxnk
                  rvjuka

                  Driver::
                  dkohxnk
                  rvjuka

                  File::
                  c:\windows\system32\zkfibbc.dll

                  Registry::
                  [-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dkohxnk]
                  [-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rvjuka]

                • Save this as CFScript.txt, in the same location as ComboFix.exe



                • Referring to the picture above, drag CFScript into ComboFix.exe
                • When finished, it shall produce a log for you at C:\ComboFix.txt
                • Please post the contents of the log in your next reply.
                Windows 8 and Windows 10 dual boot with two SSD's

                miolner1

                  Topic Starter


                  Rookie

                  Re: Yahoo Msg will not open ....can anybody sort this issue out ? w/log
                  « Reply #12 on: September 10, 2010, 11:14:18 PM »
                  The latest combofix log for you Dave:

                  ComboFix 10-09-08.01 - User 09/10/2010  22:05:34.3.1 - x86
                  Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1014.507 [GMT -7:00]
                  Running from: c:\documents and settings\User\Desktop\ComboFix.exe
                  Command switches used :: c:\documents and settings\User\Desktop\cfscript.txt
                  AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

                  FILE ::
                  "c:\windows\system32\zkfibbc.dll"
                  "c:\windows\temp\11521233-e01b-42e5-b421-00dfffd94be2.tmp"
                  .

                  (((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
                  .

                  .
                  (((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
                  .

                  -------\Legacy_DKOHXNK
                  -------\Legacy_RVJUKA
                  -------\Service_dkohxnk
                  -------\Service_rvjuka


                  (((((((((((((((((((((((((   Files Created from 2010-08-11 to 2010-09-11  )))))))))))))))))))))))))))))))
                  .

                  2010-09-10 19:58 . 2010-09-10 19:58   0   ----a-w-   c:\documents and settings\User\settings.dat
                  2010-09-09 21:55 . 2009-10-07 08:47   266008   ----a-r-   c:\windows\system32\drivers\lvrs.sys
                  2010-09-09 21:55 . 2009-10-07 08:24   34068   ----a-r-   c:\windows\system32\Repository.reg
                  2010-09-09 21:55 . 2009-10-07 08:48   539160   ----a-r-   c:\windows\system32\LVUI2RC.dll
                  2010-09-09 21:55 . 2009-10-07 08:48   539160   ----a-r-   c:\windows\system32\LVUI2.dll
                  2010-09-09 21:55 . 2009-10-07 08:43   199192   ----a-r-   c:\windows\system32\lvci12101110.dll
                  2010-09-09 21:55 . 2009-10-07 08:43   416280   ----a-r-   c:\windows\system32\lvcodec2.dll
                  2010-09-09 21:55 . 2009-10-07 08:49   6756632   ----a-r-   c:\windows\system32\drivers\lvuvc.sys
                  2010-09-09 21:41 . 2010-09-09 21:41   --------   d-----w-   c:\documents and settings\User\Local Settings\Application Data\LogiShrd
                  2010-09-09 21:39 . 2009-10-07 08:49   23832   ----a-r-   c:\windows\system32\drivers\lvuvcflt.sys
                  2010-09-09 21:39 . 2010-09-09 21:40   --------   dc----w-   c:\windows\system32\DRVSTORE
                  2010-09-09 21:37 . 2010-09-09 21:55   --------   d-----w-   c:\program files\Common Files\LogiShrd
                  2010-09-09 21:37 . 2010-09-10 22:29   --------   d-----w-   c:\documents and settings\All Users\Application Data\LogiShrd
                  2010-09-09 21:37 . 2010-09-09 21:41   --------   d-----w-   c:\program files\Logitech
                  2010-09-09 21:37 . 2008-04-13 18:39   5504   -c--a-w-   c:\windows\system32\dllcache\mstee.sys
                  2010-09-09 21:37 . 2008-04-13 18:39   5504   ----a-w-   c:\windows\system32\drivers\MSTEE.sys
                  2010-09-09 21:37 . 2008-04-13 18:46   10880   -c--a-w-   c:\windows\system32\dllcache\ndisip.sys
                  2010-09-09 21:37 . 2008-04-13 18:46   10880   ----a-w-   c:\windows\system32\drivers\NdisIP.sys
                  2010-09-09 21:36 . 2008-04-13 18:46   15232   -c--a-w-   c:\windows\system32\dllcache\streamip.sys
                  2010-09-09 21:36 . 2008-04-13 18:46   15232   ----a-w-   c:\windows\system32\drivers\StreamIP.sys
                  2010-09-09 21:36 . 2008-04-13 18:46   11136   -c--a-w-   c:\windows\system32\dllcache\slip.sys
                  2010-09-09 21:36 . 2008-04-13 18:46   11136   ----a-w-   c:\windows\system32\drivers\SLIP.sys
                  2010-09-09 21:36 . 2008-04-13 18:46   19200   -c--a-w-   c:\windows\system32\dllcache\wstcodec.sys
                  2010-09-09 21:36 . 2008-04-13 18:46   19200   ----a-w-   c:\windows\system32\drivers\WSTCODEC.SYS
                  2010-09-09 21:36 . 2008-04-13 18:46   85248   -c--a-w-   c:\windows\system32\dllcache\nabtsfec.sys
                  2010-09-09 21:36 . 2008-04-13 18:46   85248   ----a-w-   c:\windows\system32\drivers\NABTSFEC.sys
                  2010-09-09 21:36 . 2008-04-13 18:46   17024   -c--a-w-   c:\windows\system32\dllcache\ccdecode.sys
                  2010-09-09 21:36 . 2008-04-13 18:46   17024   ----a-w-   c:\windows\system32\drivers\CCDECODE.sys
                  2010-09-09 21:36 . 2008-04-13 18:45   60032   -c--a-w-   c:\windows\system32\dllcache\usbaudio.sys
                  2010-09-09 21:36 . 2008-04-13 18:45   60032   ----a-w-   c:\windows\system32\drivers\USBAUDIO.sys
                  2010-09-09 21:35 . 2008-04-14 00:12   53760   -c--a-w-   c:\windows\system32\dllcache\vfwwdm32.dll
                  2010-09-09 21:35 . 2008-04-14 00:12   53760   ----a-w-   c:\windows\system32\vfwwdm32.dll
                  2010-09-09 21:35 . 2008-04-13 18:45   32128   -c--a-w-   c:\windows\system32\dllcache\usbccgp.sys
                  2010-09-09 21:35 . 2008-04-13 18:45   32128   ----a-w-   c:\windows\system32\drivers\usbccgp.sys
                  2010-09-09 00:12 . 2010-09-09 00:12   --------   d-----w-   c:\program files\MetaStream
                  2010-09-07 23:48 . 2010-09-07 23:48   --------   d-----w-   c:\documents and settings\LocalService\Application Data\McAfee
                  2010-09-07 03:49 . 2010-04-29 22:39   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
                  2010-09-07 03:49 . 2010-04-29 22:39   20952   ----a-w-   c:\windows\system32\drivers\mbam.sys
                  2010-09-07 03:49 . 2010-09-07 03:49   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
                  2010-09-07 01:09 . 2010-09-07 01:09   --------   d-----w-   c:\documents and settings\User\Application Data\SUPERAntiSpyware.com
                  2010-09-07 01:09 . 2010-09-07 01:09   --------   d-----w-   c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
                  2010-09-07 01:09 . 2010-09-07 01:09   --------   d-----w-   c:\program files\SUPERAntiSpyware
                  2010-08-25 04:31 . 2010-08-25 04:31   --------   d-----w-   c:\documents and settings\NetworkService\Local Settings\Application Data\Google
                  2010-08-25 04:30 . 2010-08-25 04:30   56   ---ha-w-   c:\windows\system32\ezsidmv.dat
                  2010-08-25 04:30 . 2010-09-11 01:43   --------   d-----w-   c:\documents and settings\User\Application Data\skypePM
                  2010-08-25 04:26 . 2010-09-11 05:20   --------   d-----w-   c:\documents and settings\User\Application Data\Skype
                  2010-08-25 04:26 . 2010-09-08 00:28   --------   d-----w-   c:\documents and settings\LocalService\Local Settings\Application Data\Google
                  2010-08-25 04:26 . 2010-08-25 04:28   --------   d-----w-   c:\documents and settings\User\Local Settings\Application Data\Temp
                  2010-08-25 04:25 . 2010-08-25 04:25   --------   d-----w-   c:\program files\Common Files\Skype
                  2010-08-25 04:25 . 2010-08-25 04:26   --------   d-----r-   c:\program files\Skype
                  2010-08-25 04:25 . 2010-08-25 04:25   --------   d-----w-   c:\documents and settings\All Users\Application Data\Skype
                  2010-08-12 07:04 . 2010-08-12 07:07   --------   d-----w-   C:\2c2772b9e2d7dcf05a4252b8ab

                  .
                  ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
                  .
                  2010-09-09 21:55 . 2010-09-09 21:55   0   ----a-w-   c:\windows\system32\drivers\lvuvc.hs
                  2010-09-09 21:55 . 2010-09-09 21:39   0   ----a-w-   c:\windows\system32\drivers\logiflt.iad
                  2010-09-07 23:26 . 2001-01-31 21:18   --------   d-----w-   c:\program files\McAfee Security Scan
                  2010-09-07 03:28 . 2008-08-03 02:22   --------   d-----w-   c:\documents and settings\User\Application Data\Comodo
                  2010-09-07 03:28 . 2008-08-03 02:22   --------   d-----w-   c:\program files\COMODO
                  2010-09-07 01:10 . 2010-09-07 01:10   63488   ----a-w-   c:\documents and settings\User\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
                  2010-09-07 01:10 . 2010-09-07 01:10   52224   ----a-w-   c:\documents and settings\User\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
                  2010-09-07 01:10 . 2010-09-07 01:10   117760   ----a-w-   c:\documents and settings\User\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
                  2010-08-25 04:31 . 2004-11-21 02:35   --------   d-----w-   c:\program files\Google
                  2010-08-23 05:46 . 2008-08-03 02:13   --------   d-----w-   c:\documents and settings\All Users\Application Data\avg8
                  2010-08-21 01:11 . 2008-08-02 20:40   42816   ----a-w-   c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
                  2010-07-31 05:47 . 2010-07-31 05:47   --------   d-----w-   c:\program files\Microsoft CAPICOM 2.1.0.2
                  2010-06-30 12:31 . 2004-11-21 00:04   149504   ----a-w-   c:\windows\system32\schannel.dll
                  2010-06-24 12:22 . 2004-11-21 00:04   916480   ----a-w-   c:\windows\system32\wininet.dll
                  2010-06-23 13:44 . 2004-11-21 00:04   1851904   ----a-w-   c:\windows\system32\win32k.sys
                  2010-06-21 15:27 . 2004-11-21 00:04   354304   ----a-w-   c:\windows\system32\drivers\srv.sys
                  2010-06-17 14:03 . 2004-11-21 00:04   80384   ----a-w-   c:\windows\system32\iccvid.dll
                  2010-06-15 00:23 . 2010-09-09 14:28   607472   ----a-w-   c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe
                  2010-06-14 14:31 . 2004-11-21 01:19   744448   ----a-w-   c:\windows\pchealth\helpctr\binaries\helpsvc.exe
                  2010-06-14 07:41 . 2004-11-21 00:04   1172480   ----a-w-   c:\windows\system32\msxml3.dll
                  .

                  (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
                  .
                  .
                  *Note* empty entries & legit default entries are not shown
                  REGEDIT4

                  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
                  "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

                  [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

                  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
                  "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

                  [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

                  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
                  "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

                  [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

                  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                  "Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
                  "Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-31 4670704]
                  "AOL Fast Start"="c:\program files\AOL 9.1\AOL.EXE" [2008-06-03 50528]
                  "Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]
                  "Logitech Vid"="c:\program files\Logitech\Logitech Vid\vid.exe" [2009-07-16 5458704]

                  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                  "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2001-02-18 2048352]
                  "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-11-06 5406720]
                  "YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
                  "Netscape"="c:\program files\Common Files\ISPCOMP\InstallService.exe" [2005-09-07 173568]
                  "HostManager"="c:\program files\Common Files\AOL\1217722696\ee\AOLSoftware.exe" [2007-05-25 42032]
                  "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]

                  c:\documents and settings\User\Start Menu\Programs\Startup\
                  Logitech . Product Registration.lnk - c:\program files\Logitech\Logitech WebCam Software\eReg.exe [2009-10-14 517384]

                  c:\documents and settings\All Users\Start Menu\Programs\Startup\
                  McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

                  [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
                  "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

                  [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
                  2009-09-03 22:21   548352   ----a-w-   c:\program files\SUPERAntiSpyware\SASWINLO.DLL

                  [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
                  2001-01-02 16:08   11952   ----a-w-   c:\windows\system32\avgrsstx.dll

                  [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
                  2004-10-27 23:40   73728   ----a-w-   c:\windows\system32\VESWinlogon.dll

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
                  2004-10-14 00:00   57344   -c--a-w-   c:\windows\ALCMTR.EXE

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]
                  2008-06-03 05:35   50528   ----a-w-   c:\program files\AOL 9.1\aol.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
                  2006-10-23 12:50   71216   ----a-r-   c:\program files\Common Files\AOL\ACS\AOLDial.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
                  2003-11-08 00:21   114688   -c--a-w-   c:\program files\Apoint\Apoint.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO SafeSurf]
                  2008-08-03 02:23   278264   -c--a-w-   c:\program files\COMODO\SafeSurf\cssurf.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreateCD_Reminder]
                  2004-07-16 19:17   53248   -c--a-w-   c:\windows\SONYSYS\VAIO Recovery\Reminder.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
                  2008-04-14 00:12   15360   ----a-w-   c:\windows\system32\ctfmon.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
                  2007-04-09 19:32   19456   -c--a-w-   c:\windows\system32\CtHelper.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
                  2007-04-09 19:32   19968   -c--a-w-   c:\windows\system32\Ctxfihlp.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
                  2007-05-25 17:16   42032   ----a-w-   c:\program files\Common Files\AOL\1217722696\ee\aolsoftware.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
                  2004-10-08 15:27   126976   -c--a-w-   c:\windows\system32\hkcmd.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
                  2004-10-08 15:31   155648   -c--a-w-   c:\windows\system32\igfxtray.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
                  2004-02-20 22:12   32768   -c--a-w-   c:\program files\Sony\ISB Utility\ISBMgr.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
                  2004-11-06 05:05   5406720   ----a-w-   c:\windows\system32\nvcpl.dll

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
                  2007-09-04 21:52   54576   -c--a-w-   c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
                  2008-08-02 20:50   26112   ----a-w-   c:\program files\Real\RealPlayer\realplay.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefaultMIDI]
                  2007-04-09 19:19   28672   -c--a-w-   c:\windows\system32\MIDIDEF.EXE

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SonyPowerCfg]
                  2004-10-22 03:12   184320   ----a-w-   c:\program files\Sony\VAIO Power Management\SPMgr.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Switcher.exe]
                  2004-10-26 06:20   167936   ----a-w-   c:\program files\Sony\Wireless Switch Setting Utility\Switcher.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Recovery]
                  2003-04-20 05:08   28672   -c--a-w-   c:\windows\SONYSYS\VAIO Recovery\PartSeal.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Update 2]
                  2004-09-22 02:54   151552   ----a-w-   c:\program files\Sony\VAIO Update 2\VAIOUpdt.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
                  2007-08-31 01:43   4670704   ----a-w-   c:\program files\Yahoo!\Messenger\YahooMessenger.exe

                  [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
                  "EnableFirewall"= 0 (0x0)

                  [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
                  "%windir%\\system32\\sessmgr.exe"=
                  "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
                  "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
                  "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
                  "c:\\Program Files\\America Online 9.0\\waol.exe"=
                  "c:\\Program Files\\Common Files\\AOL\\1217722696\\ee\\aolsoftware.exe"=
                  "c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
                  "c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
                  "c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
                  "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
                  "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
                  "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
                  "c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
                  "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
                  "c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
                  "c:\\Program Files\\AOL 9.1\\waol.exe"=
                  "c:\\Documents and Settings\\User\\My Documents\\Downloads\\SweetImSetup.exe"=
                  "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
                  "c:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"=
                  "c:\\Program Files\\Skype\\Phone\\Skype.exe"=

                  R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [8/2/2008 7:13 PM 335240]
                  R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [8/2/2008 7:13 PM 108552]
                  R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 11:25 AM 12872]
                  R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 11:41 AM 67656]
                  R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [8/2/2008 7:13 PM 908056]
                  R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [8/2/2008 7:13 PM 297752]
                  S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8/24/2010 9:26 PM 136176]
                  S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [1/15/2010 5:49 AM 227232]
                  .
                  Contents of the 'Scheduled Tasks' folder

                  2010-09-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
                  - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-25 04:26]

                  2010-09-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
                  - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-25 04:26]
                  .
                  .
                  ------- Supplementary Scan -------
                  .
                  uStart Page = home.netscape.com
                  mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
                  uInternet Settings,ProxyOverride = <local>
                  uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
                  IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
                  IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
                  IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
                  IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
                  IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
                  IE: Translate into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
                  FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\
                  FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
                  FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
                  FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava11.dll
                  FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava12.dll
                  FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava13.dll
                  FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava14.dll
                  FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava32.dll
                  FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJPI150.dll
                  FF - plugin: c:\program files\Java\jre1.5.0\bin\NPOJI610.dll

                  ---- FIREFOX POLICIES ----
                  c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
                  c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
                  .

                  **************************************************************************

                  catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
                  Rootkit scan 2010-09-10 22:18
                  Windows 5.1.2600 Service Pack 3 NTFS

                  scanning hidden processes ... 

                  scanning hidden autostart entries ...

                  scanning hidden files ... 

                  scan completed successfully
                  hidden files: 0

                  **************************************************************************
                  .
                  --------------------- DLLs Loaded Under Running Processes ---------------------

                  - - - - - - - > 'winlogon.exe'(860)
                  c:\program files\SUPERAntiSpyware\SASWINLO.DLL
                  c:\windows\system32\WININET.dll
                  c:\windows\system32\VESWinlogon.dll

                  - - - - - - - > 'explorer.exe'(1956)
                  c:\windows\system32\WININET.dll
                  c:\windows\TEMP\logishrd\LVPrcInj01.dll
                  c:\program files\Microsoft Office\OFFICE11\msohev.dll
                  c:\windows\system32\ieframe.dll
                  c:\windows\system32\webcheck.dll
                  .
                  ------------------------ Other Running Processes ------------------------
                  .
                  c:\progra~1\COMMON~1\AOL\ACS\AOLacsd.exe
                  c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
                  c:\program files\Common Files\Motive\McciCMService.exe
                  c:\program files\Intel\Wireless\Bin\RegSrvc.exe
                  c:\progra~1\AVG\AVG8\avgrsx.exe
                  c:\progra~1\AVG\AVG8\avgnsx.exe
                  c:\windows\system32\wdfmgr.exe
                  c:\program files\Sony\VAIO Event Service\VESMgr.exe
                  c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
                  c:\windows\wanmpsvc.exe
                  c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
                  c:\windows\system32\igfxext.exe
                  c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
                  c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
                  c:\program files\AVG\AVG8\avgcsrvx.exe
                  c:\windows\system32\wscntfy.exe
                  c:\program files\AOL 9.1\waol.exe
                  c:\program files\Yahoo!\Messenger\ymsgr_tray.exe
                  c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
                  c:\program files\Skype\Plugin Manager\skypePM.exe
                  c:\program files\AOL 9.1\shellmon.exe
                  .
                  **************************************************************************
                  .
                  Completion time: 2010-09-10  22:26:34 - machine was rebooted
                  ComboFix-quarantined-files.txt  2010-09-11 05:26
                  ComboFix2.txt  2010-09-09 00:22
                  ComboFix3.txt  2010-09-08 18:27

                  Pre-Run: 42,967,670,784 bytes free
                  Post-Run: 43,021,565,952 bytes free

                  - - End Of File - - D10BE20726567B1507D3F672D9967944

                  SuperDave

                  • Malware Removal Specialist
                  • Moderator


                  • Genius
                  • Thanked: 1020
                  • Certifications: List
                  • Experience: Expert
                  • OS: Windows 10
                  Re: Yahoo Msg will not open ....can anybody sort this issue out ? w/log
                  « Reply #13 on: September 11, 2010, 05:53:34 PM »
                  How's your computer working now? Do you still have problems with Yahoo Msg?

                  I'd like to scan your machine with ESET OnlineScan

                  •Hold down Control and click on the following link to open ESET OnlineScan in a new window.
                  ESET OnlineScan
                  •Click the button.
                  •For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
                  • Click on to download the ESET Smart Installer. Save it to your desktop.
                  • Double click on the icon on your desktop.
                  •Check
                  •Click the button.
                  •Accept any security warnings from your browser.
                  •Check
                  •Push the Start button.
                  •ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
                  •When the scan completes, push
                  •Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
                  •Push the button.
                  •Push
                  A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

                  Windows 8 and Windows 10 dual boot with two SSD's

                  miolner1

                    Topic Starter


                    Rookie

                    Re: Yahoo Msg will not open ....can anybody sort this issue out ? w/log
                    « Reply #14 on: September 11, 2010, 08:41:10 PM »
                    Steve and helpers, Yahoo Msg is now working like a charm. Kudos for the time spent in helping me resolve this issue. I have provided the eset log below :

                    C:\Desktop\Flash_Disinfector.exe   probably a variant of Win32/Agent.BWFKHA trojan
                    C:\Documents and Settings\User\My Documents\setupxv.exe.vir   probably a variant of Win32/TrojanDownloader.Banload.KDRCNRT trojan
                    C:\Program Files\RegistryFix7\UninstlDll.dll   Win32/Adware.ErrorClean application
                    C:\Program Files\Sony\Welcome to VAIO life\Internet Services.exe   probably a variant of Win32/TrojanDropper.Agent.BLQHZVO trojan
                    C:\Program Files\Sony\Welcome to VAIO life\VAIO zone.exe   probably a variant of Win32/TrojanDropper.Agent.FYKSNPZ trojan
                    C:\System Volume Information\_restore{0803D443-492F-46D4-A7CD-A0F2180414C9}\RP15\A0006085.DLL   a variant of Win32/Toolbar.MyWebSearch application
                    C:\System Volume Information\_restore{0803D443-492F-46D4-A7CD-A0F2180414C9}\RP16\A0006125.DLL   Win32/Toolbar.AskSBar application