Win32:Zlob-BM and Win32:Purityscan-Q

Advertise at AfterDawn.com

Link to us!

Private messages

Compose a private message

List of all updated threads

Threads without replies

Search messages

Sunday 24.11.2024 / 16:49

Search AfterDawn Forums:

afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > win32:zlob-bm and win32:purityscan-q

Browse by topic

Forums

Start a new thread

Win32:Zlob-BM and Win32:Purityscan-Q

Jump to:

Posted

Message

RicePigeo

Newbie

5. June 2006 @ 10:47

Link to this message

Alright, apparently I downloaded these somehow, and avast seems to detect these on a system boot and while it claims to have deleted them, a popup of detecting an Adware.Purityscan when Windows boots up does not cease. Judging by these threads, I took the opportunity to download and use HJT.

Logfile of HijackThis v1.99.1
Scan saved at 2:43:46 PM, on 6/5/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
c:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\tme3srv.exe
c:\program files\verizon wireless\venturi\Client\ventc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Toshiba\Toshiba Applet\DockMsgFrom.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\toshiba\ivp\ism\pinger.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\455f15e.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\s?stem32\?ttrib.exe
C:\WINDOWS\system32\RAMASST.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Netscape\Netscape Browser\netscape.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Owner\Desktop\dloaded crap\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TMEPROP] C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe -S
O4 - HKLM\..\Run: [DockMsgFrom] C:\Program Files\Toshiba\Toshiba Applet\DockMsgFrom.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [455f15e.exe] C:\WINDOWS\system32\455f15e.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe -a
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [Esrm] "C:\WINDOWS\MANTEC~1\nopdb.exe" -vt yazr
O4 - HKCU\..\Run: [455f15e.exe] C:\Documents and Settings\Owner\Local Settings\Application Data\455f15e.exe
O4 - HKCU\..\Run: [Tdermocb] C:\Program Files\s?stem32\?ttrib.exe
O4 - Startup: VZAccess Manager.lnk = C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/...
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINDOWS\system32\msiexec.exe (file missing)
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: TME3SRV - IEC - C:\Program Files\TOSHIBA\TOSHIBA Applet\tme3srv.exe
O23 - Service: Venturi Client (Venturi2) - Venturi Wireless - c:\program files\verizon wireless\venturi\Client\ventc.exe

[ + quote]

-kemisti-

AfterDawn Addict

5. June 2006 @ 23:41

Link to this message

Hi RicePigeo

Look in your control panels add/remove programs for PuritySCAN By OIN, OuterInfo, OIN or similar , click on it and click remove.
Reboot and delete this folder if found:
C:\Program Files\PurityScan

If not listed, download and run this uninstaller:
http://www.outerinfo.com/OiUninstaller.exe

http://www.outerinfo.com/howto.html Tutorial for the uninstaller if needed

Reboot when done and delete this folder if found:
C:\Program Files\PurityScan

Fix with HjT (do a system scan only, checkmark these and press fix checked):

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [455f15e.exe] C:\WINDOWS\system32\455f15e.exe
O4 - HKCU\..\Run: [455f15e.exe] C:\Documents and Settings\Owner\Local Settings\Application Data\455f15e.exe
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123

Please download ewido anti-malware it is a free version of the program -> http://www.ewido.net/en/download/

1. Install ewido anti-malware
2. When installing, under "Additional Options" uncheck..
* Install background guard
* Install scan via context menu
3. Launch ewido, there should be an icon on your desktop, double-click it.
4. The program will now open to the main screen.
5. When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
6. You will need to update ewido to the latest definition files.
* On the left hand side of the main screen click update.
* Then click on Start Update.
7. The update will start and a progress bar will show the updates being installed.
(the status bar at the bottom will display ("Update successful")

If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates -> http://download.ewido.net/ewido-signatures-full-current.exe Make sure to close Ewido before installing the update.

Once the updates are installed do the following:

Reboot your computer in SafeMode by doing the following:

1. Restart your computer
2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3. Instead of Windows loading as normal, a menu should appear
4. Select the first option, to run Windows in Safe Mode.

Delete, if found:

C:\WINDOWS\system32\455f15e.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\455f15e.exe

Then launch ewido:

* Click on scanner
* Click on Complete System Scan and the scan will begin.
* You will be prompted to clean the first infection.
* Select "Perform action on all infections", then proceed.
* Once the scan has completed, there will be a button located on the bottom of the screen named Save report
* Click Save report.
* Save the report .txt file to your desktop or a location where you can find it easily.

Close ewido anti-malware.

Reboot back to normal mode

Send ewido report and a fresh HjT log

[ + quote]

RicePigeo

Newbie

6. June 2006 @ 10:02

Link to this message

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 1:34:34 PM, 6/6/2006
+ Report-Checksum: E48819D2

+ Scan result:

HKLM\SOFTWARE\Clickspring -> Adware.PurityScan : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\\kernel32.dll -> Trojan.Small : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.109:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.119:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.153:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.158:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup
:mozilla.167:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.121:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.137:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.146:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.148:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.151:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.154:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.174:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.175:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.176:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.182:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.183:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.192:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.193:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.194:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.195:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.197:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.198:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.199:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.204:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.205:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.206:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.207:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.208:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.213:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.214:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.215:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.218:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned with backup
:mozilla.231:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Custom-click : Cleaned with backup
:mozilla.232:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Custom-click : Cleaned with backup
:mozilla.251:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
:mozilla.283:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.284:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.285:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.288:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.289:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.290:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.291:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.292:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.293:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.294:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.295:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.296:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.297:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.298:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.336:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.343:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.346:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup
:mozilla.350:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.354:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.361:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.362:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.363:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.364:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.367:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.368:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.369:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.370:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.383:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.387:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.400:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.401:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.402:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.403:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.408:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.409:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.413:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.420:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.421:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.422:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.423:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.437:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned with backup
:mozilla.443:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.444:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.445:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.446:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.448:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.449:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.473:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.474:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.475:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.476:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.497:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.498:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.499:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@cartoonnetwork.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@com[1].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@entrepreneur.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@ivwbox[2].txt -> TrackingCookie.Ivwbox : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@reduxads.valuead[2].txt -> TrackingCookie.Valuead : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@revenue[1].txt -> TrackingCookie.Revenue : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@sel.as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Linkbuddies : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Hotlog : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Gator : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Bfast : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Euniverseads : Cleaned with backup
:mozilla.109:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Euniverseads : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Specificpop : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.133:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.134:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.135:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.137:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Masterstats : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.155:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.156:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.157:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.158:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.159:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Linkbuddies : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.185:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.187:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.190:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.206:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.207:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.208:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.209:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.210:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.211:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.225:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.226:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.227:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.228:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.231:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.232:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup
:mozilla.233:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup
:mozilla.234:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup
:mozilla.235:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup
:mozilla.242:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Hotlog : Cleaned with backup
:mozilla.244:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.246:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Gator : Cleaned with backup
:mozilla.254:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Bfast : Cleaned with backup
:mozilla.268:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Euniverseads : Cleaned with backup
:mozilla.269:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Euniverseads : Cleaned with backup
:mozilla.270:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Specificpop : Cleaned with backup
:mozilla.292:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.293:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.294:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.295:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.296:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.297:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.298:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.299:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.300:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.303:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Masterstats : Cleaned with backup
:mozilla.304:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.305:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.315:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.316:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.317:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.318:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.319:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.324:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.342:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.346:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Porngraph : Cleaned with backup
:mozilla.361:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.363:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.364:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.365:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.369:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Realtracker : Cleaned with backup
:mozilla.375:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.378:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\Owner\Local Settings\Temp\!update.exe -> Downloader.PurityScan.co : Cleaned with backup
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Owner\Local Settings\Temp\win66.tmp.exe -> Hijacker.Small : Cleaned with backup
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\OPE3STI7\!update-3895[1].0000 -> Downloader.PurityScan.co : Cleaned with backup
C:\Documents and Settings\Owner\Start Menu\Programs\WhenU -> Adware.SaveNow : Cleaned with backup
C:\Documents and Settings\Owner\Start Menu\Programs\WhenU\Uninstall.lnk -> Adware.SaveNow : Cleaned with backup
C:\os32mgr.dll -> Hijacker.Small.kb : Cleaned with backup
C:\WINDOWS\system32\1024 -> Trojan.Small : Cleaned with backup
C:\WINDOWS\system32\regperf.exe -> Downloader.Zlob.rf : Cleaned with backup

::Report End

[ + quote]

RicePigeo

Newbie

6. June 2006 @ 10:08

Link to this message

and as for HJT

Logfile of HijackThis v1.99.1
Scan saved at 1:47:54 PM, on 6/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
c:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\tme3srv.exe
c:\program files\verizon wireless\venturi\Client\ventc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe
C:\Program Files\Toshiba\Toshiba Applet\DockMsgFrom.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\toshiba\ivp\ism\pinger.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\RAMASST.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Owner\Desktop\dloaded crap\HijackThis.exe
C:\Program Files\Common Files\Agnitum Shared\aupdate\aupdrun.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TMEPROP] C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe -S
O4 - HKLM\..\Run: [DockMsgFrom] C:\Program Files\Toshiba\Toshiba Applet\DockMsgFrom.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Outpost Firewall] "C:\Program Files\Agnitum\Outpost Firewall\outpost.exe" /waitservice
O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe -a
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - Startup: VZAccess Manager.lnk = C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/...
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINDOWS\system32\msiexec.exe (file missing)
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: TME3SRV - IEC - C:\Program Files\TOSHIBA\TOSHIBA Applet\tme3srv.exe
O23 - Service: Venturi Client (Venturi2) - Venturi Wireless - c:\program files\verizon wireless\venturi\Client\ventc.exe

[ + quote]

-kemisti-

AfterDawn Addict

6. June 2006 @ 23:34

Link to this message

Ok, we'll continue :)

Download SmitfraudFix.zip to your desktop -> http://siri.urz.free.fr/Fix/SmitfraudFix.zip

Unzip it (folder named SmitFraudFix) to your desktop:

Open the folder SmitfraudFix and doubleclick smitfraudfix.cmd
Choose option #1 - Search by typing 1 and pressing "Enter"; a textfile opens and lists the infected files (if those exist)

Post the contents of this textfile to here.

(Some antiviruses recognises process.exe as a malware. It is not malware, it is a program that stops processes)

[ + quote]

RicePigeo

Newbie

7. June 2006 @ 00:48

Link to this message

SmitFraudFix v2.55

Scan done at 4:47:29.53, Wed 06/07/2006
Run from C:\Documents and Settings\Owner\Desktop\SFF\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

C:\WINDOWS\system32\dcomcfg.exe FOUND !
C:\WINDOWS\system32\ot.ico FOUND !
C:\WINDOWS\system32\simpole.tlb FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Owner\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Owner\FAVORI~1

C:\DOCUME~1\Owner\FAVORI~1\Antivirus Test Online.url FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» Desktop

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys

»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}"="alongshore"

[HKEY_CLASSES_ROOT\CLSID\{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}\InProcServer32]
@="C:\WINDOWS\system32\yhbdupd.dll"

[HKEY_CURRENT_USER\Software\Classes\CLSID\{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}\InProcServer32]
@="C:\WINDOWS\system32\yhbdupd.dll"

»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection

»»»»»»»»»»»»»»»»»»»»»»»» End

[ + quote]

-kemisti-

AfterDawn Addict

7. June 2006 @ 01:33

Link to this message

* Reboot your computer in Safe Mode (before the Windows icon appears, tap the F8 key continually)
* Double-click smitfraudfix.cmd
* Select 2 and hit Enter to delete infect files.
* You will be prompted: Do you want to clean the registry ? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.
* The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): Replace infected file ? answer Y (yes) and hit Enter to restore a clean file.
* A reboot may be needed to finish the cleaning process. The report can be found at the root of the system drive, usually at C:\rapport.txt

Send contents of that file and a fresh HjT log.

[ + quote]

RicePigeo

Newbie

7. June 2006 @ 07:34

Link to this message

SmitFraudFix v2.55

Scan done at 11:25:14.16, Wed 06/07/2006
Run from C:\Documents and Settings\Owner\Desktop\SFF\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}"="alongshore"

[HKEY_CLASSES_ROOT\CLSID\{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}\InProcServer32]
@="C:\WINDOWS\system32\yhbdupd.dll"

[HKEY_CURRENT_USER\Software\Classes\CLSID\{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}\InProcServer32]
@="C:\WINDOWS\system32\yhbdupd.dll"

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\WINDOWS\system32\dcomcfg.exe Deleted
C:\WINDOWS\system32\ot.ico Deleted
C:\WINDOWS\system32\simpole.tlb Deleted
C:\DOCUME~1\Owner\FAVORI~1\Antivirus Test Online.url Deleted

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

C:\WINDOWS\system32\yhbdupd.dll -> Missing File

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

HJT:

Logfile of HijackThis v1.99.1
Scan saved at 11:31:55 AM, on 6/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
c:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\tme3srv.exe
c:\program files\verizon wireless\venturi\Client\ventc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe
C:\Program Files\Toshiba\Toshiba Applet\DockMsgFrom.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\toshiba\ivp\ism\pinger.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\RAMASST.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Owner\Desktop\dloaded crap\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TMEPROP] C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe -S
O4 - HKLM\..\Run: [DockMsgFrom] C:\Program Files\Toshiba\Toshiba Applet\DockMsgFrom.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe -a
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - Startup: VZAccess Manager.lnk = C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/...
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINDOWS\system32\msiexec.exe (file missing)
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: TME3SRV - IEC - C:\Program Files\TOSHIBA\TOSHIBA Applet\tme3srv.exe
O23 - Service: Venturi Client (Venturi2) - Venturi Wireless - c:\program files\verizon wireless\venturi\Client\ventc.exe

[ + quote]

-kemisti-

AfterDawn Addict

7. June 2006 @ 08:07

Link to this message