Alright, apparently I downloaded these somehow, and avast seems to detect these on a system boot and while it claims to have deleted them, a popup of detecting an Adware.Purityscan when Windows boots up does not cease. Judging by these threads, I took the opportunity to download and use HJT. Logfile of HijackThis v1.99.1 Scan saved at 2:43:46 PM, on 6/5/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\WINDOWS\system32\DVDRAMSV.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe c:\Toshiba\IVP\swupdate\swupdtmr.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe C:\Program Files\TOSHIBA\TOSHIBA Applet\tme3srv.exe c:\program files\verizon wireless\venturi\Client\ventc.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\Toshiba\Toshiba Applet\DockMsgFrom.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Toshiba\Tvs\TvsTray.exe C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\toshiba\ivp\ism\pinger.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\455f15e.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe C:\Program Files\AIM\aim.exe C:\Program Files\s?stem32\?ttrib.exe C:\WINDOWS\system32\RAMASST.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Netscape\Netscape Browser\netscape.exe C:\PROGRA~1\WINZIP\winzip32.exe C:\Documents and Settings\Owner\Desktop\dloaded crap\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = prosearching.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe O4 - HKLM\..\Run: [TMEPROP] C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe -S O4 - HKLM\..\Run: [DockMsgFrom] C:\Program Files\Toshiba\Toshiba Applet\DockMsgFrom.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [455f15e.exe] C:\WINDOWS\system32\455f15e.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe -a O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun O4 - HKCU\..\Run: [Esrm] "C:\WINDOWS\MANTEC~1\nopdb.exe" -vt yazr O4 - HKCU\..\Run: [455f15e.exe] C:\Documents and Settings\Owner\Local Settings\Application Data\455f15e.exe O4 - HKCU\..\Run: [Tdermocb] C:\Program Files\s?stem32\?ttrib.exe O4 - Startup: VZAccess Manager.lnk = C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1127421342906 O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123 O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINDOWS\system32\msiexec.exe (file missing) O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe O23 - Service: TME3SRV - IEC - C:\Program Files\TOSHIBA\TOSHIBA Applet\tme3srv.exe O23 - Service: Venturi Client (Venturi2) - Venturi Wireless - c:\program files\verizon wireless\venturi\Client\ventc.exe
Hi RicePigeo Look in your control panels add/remove programs for PuritySCAN By OIN, OuterInfo, OIN or similar , click on it and click remove. Reboot and delete this folder if found: C:\Program Files\PurityScan If not listed, download and run this uninstaller: http://www.outerinfo.com/OiUninstaller.exe http://www.outerinfo.com/howto.html Tutorial for the uninstaller if needed Reboot when done and delete this folder if found: C:\Program Files\PurityScan Fix with HjT (do a system scan only, checkmark these and press fix checked): R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = prosearching.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com R3 - Default URLSearchHook is missing O4 - HKLM\..\Run: [455f15e.exe] C:\WINDOWS\system32\455f15e.exe O4 - HKCU\..\Run: [455f15e.exe] C:\Documents and Settings\Owner\Local Settings\Application Data\455f15e.exe O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123 Please download ewido anti-malware it is a free version of the program -> http://www.ewido.net/en/download/ 1. Install ewido anti-malware 2. When installing, under "Additional Options" uncheck.. * Install background guard * Install scan via context menu 3. Launch ewido, there should be an icon on your desktop, double-click it. 4. The program will now open to the main screen. 5. When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment. 6. You will need to update ewido to the latest definition files. * On the left hand side of the main screen click update. * Then click on Start Update. 7. The update will start and a progress bar will show the updates being installed. (the status bar at the bottom will display ("Update successful") If you are having problems with the updater, you can use this link to manually update ewido. ewido manual updates -> http://download.ewido.net/ewido-signatures-full-current.exe Make sure to close Ewido before installing the update. Once the updates are installed do the following: Reboot your computer in SafeMode by doing the following: 1. Restart your computer 2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8. 3. Instead of Windows loading as normal, a menu should appear 4. Select the first option, to run Windows in Safe Mode. Delete, if found: C:\WINDOWS\system32\455f15e.exe C:\Documents and Settings\Owner\Local Settings\Application Data\455f15e.exe Then launch ewido: * Click on scanner * Click on Complete System Scan and the scan will begin. * You will be prompted to clean the first infection. * Select "Perform action on all infections", then proceed. * Once the scan has completed, there will be a button located on the bottom of the screen named Save report * Click Save report. * Save the report .txt file to your desktop or a location where you can find it easily. Close ewido anti-malware. Reboot back to normal mode Send ewido report and a fresh HJT log
--------------------------------------------------------- ewido anti-malware - Scan report --------------------------------------------------------- + Created on: 1:34:34 PM, 6/6/2006 + Report-Checksum: E48819D2 + Scan result: HKLM\SOFTWARE\Clickspring -> Adware.PurityScan : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\\kernel32.dll -> Trojan.Small : Cleaned with backup :mozilla.13:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.14:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.15:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.16:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup :mozilla.23:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.24:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.25:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.26:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.27:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.40:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup :mozilla.41:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup :mozilla.42:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup :mozilla.45:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.46:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.47:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.48:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.50:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.51:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.52:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.53:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.56:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup :mozilla.57:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.58:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.93:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup :mozilla.94:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup :mozilla.95:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup :mozilla.96:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup :mozilla.97:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup :mozilla.103:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup :mozilla.104:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.105:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.106:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup :mozilla.107:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup :mozilla.109:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup :mozilla.110:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup :mozilla.115:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.116:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup :mozilla.117:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup :mozilla.118:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup :mozilla.119:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup :mozilla.120:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup :mozilla.125:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.140:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.141:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.153:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.158:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.164:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup :mozilla.167:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup :mozilla.181:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.39:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.40:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.41:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.42:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.43:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.44:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.45:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.46:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.47:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.48:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.49:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.52:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup :mozilla.59:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup :mozilla.60:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.68:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.69:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.70:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.71:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.72:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.73:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.74:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.75:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.76:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.77:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.79:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.80:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.81:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.82:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup :mozilla.83:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.84:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.85:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.95:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup :mozilla.96:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup :mozilla.97:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup :mozilla.98:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup :mozilla.99:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup :mozilla.100:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup :mozilla.112:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.113:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.114:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.116:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.120:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.121:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.122:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.132:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup :mozilla.136:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.137:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.138:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.139:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.140:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.141:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.145:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup :mozilla.146:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup :mozilla.147:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup :mozilla.148:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.149:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.150:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.151:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup :mozilla.154:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup :mozilla.174:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.175:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.176:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.177:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.179:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup :mozilla.180:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup :mozilla.181:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup :mozilla.182:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup :mozilla.183:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup :mozilla.192:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.193:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.194:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.195:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.196:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.197:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.198:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.199:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.204:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup :mozilla.205:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup :mozilla.206:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup :mozilla.207:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup :mozilla.208:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup :mozilla.213:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.214:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.215:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.218:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned with backup :mozilla.231:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Custom-click : Cleaned with backup :mozilla.232:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Custom-click : Cleaned with backup :mozilla.251:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup :mozilla.283:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup :mozilla.284:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup :mozilla.285:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup :mozilla.288:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup :mozilla.289:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup :mozilla.290:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup :mozilla.291:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup :mozilla.292:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup :mozilla.293:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup :mozilla.294:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.295:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.296:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.297:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.298:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.336:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup :mozilla.343:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup :mozilla.346:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup :mozilla.350:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup :mozilla.354:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup :mozilla.361:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.362:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.363:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.364:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.367:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.368:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.369:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.370:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.383:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup :mozilla.387:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.400:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup :mozilla.401:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup :mozilla.402:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup :mozilla.403:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup :mozilla.408:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.409:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup :mozilla.413:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup :mozilla.420:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup :mozilla.421:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup :mozilla.422:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup :mozilla.423:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup :mozilla.437:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned with backup :mozilla.443:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup :mozilla.444:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup :mozilla.445:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup :mozilla.446:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup :mozilla.448:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.449:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.473:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup :mozilla.474:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup :mozilla.475:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup :mozilla.476:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup :mozilla.497:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup :mozilla.498:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup :mozilla.499:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@cartoonnetwork.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@com[1].txt -> TrackingCookie.Com : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@entrepreneur.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@ivwbox[2].txt -> TrackingCookie.Ivwbox : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@reduxads.valuead[2].txt -> TrackingCookie.Valuead : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@revenue[1].txt -> TrackingCookie.Revenue : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@sel.as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup :mozilla.18:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Linkbuddies : Cleaned with backup :mozilla.19:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Doubleclick : Cleaned with backup :mozilla.25:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.26:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.27:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.28:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.29:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.30:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.46:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup :mozilla.47:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup :mozilla.48:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup :mozilla.49:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup :mozilla.50:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup :mozilla.51:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup :mozilla.65:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup :mozilla.66:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup :mozilla.67:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup :mozilla.68:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup :mozilla.71:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.72:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup :mozilla.73:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup :mozilla.74:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup :mozilla.75:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup :mozilla.82:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Hotlog : Cleaned with backup :mozilla.84:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Spylog : Cleaned with backup :mozilla.86:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Gator : Cleaned with backup :mozilla.94:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Bfast : Cleaned with backup :mozilla.108:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Euniverseads : Cleaned with backup :mozilla.109:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Euniverseads : Cleaned with backup :mozilla.110:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Specificpop : Cleaned with backup :mozilla.132:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup :mozilla.133:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup :mozilla.134:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup :mozilla.135:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup :mozilla.136:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup :mozilla.137:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Mediaplex : Cleaned with backup :mozilla.138:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adrevolver : Cleaned with backup :mozilla.139:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adrevolver : Cleaned with backup :mozilla.140:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adrevolver : Cleaned with backup :mozilla.143:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Masterstats : Cleaned with backup :mozilla.144:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Atdmt : Cleaned with backup :mozilla.145:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Revenue : Cleaned with backup :mozilla.155:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Esomniture : Cleaned with backup :mozilla.156:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Esomniture : Cleaned with backup :mozilla.157:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Centrport : Cleaned with backup :mozilla.158:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Centrport : Cleaned with backup :mozilla.159:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Centrport : Cleaned with backup :mozilla.164:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adserver : Cleaned with backup :mozilla.178:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Linkbuddies : Cleaned with backup :mozilla.179:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Doubleclick : Cleaned with backup :mozilla.185:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.186:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.187:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.188:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.189:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.190:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.206:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup :mozilla.207:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup :mozilla.208:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup :mozilla.209:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup :mozilla.210:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup :mozilla.211:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup :mozilla.225:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup :mozilla.226:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup :mozilla.227:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup :mozilla.228:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup :mozilla.231:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.232:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup :mozilla.233:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup :mozilla.234:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup :mozilla.235:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup :mozilla.242:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Hotlog : Cleaned with backup :mozilla.244:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Spylog : Cleaned with backup :mozilla.246:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Gator : Cleaned with backup :mozilla.254:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Bfast : Cleaned with backup :mozilla.268:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Euniverseads : Cleaned with backup :mozilla.269:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Euniverseads : Cleaned with backup :mozilla.270:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Specificpop : Cleaned with backup :mozilla.292:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup :mozilla.293:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup :mozilla.294:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup :mozilla.295:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup :mozilla.296:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup :mozilla.297:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Mediaplex : Cleaned with backup :mozilla.298:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adrevolver : Cleaned with backup :mozilla.299:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adrevolver : Cleaned with backup :mozilla.300:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adrevolver : Cleaned with backup :mozilla.303:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Masterstats : Cleaned with backup :mozilla.304:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Atdmt : Cleaned with backup :mozilla.305:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Revenue : Cleaned with backup :mozilla.315:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Esomniture : Cleaned with backup :mozilla.316:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Esomniture : Cleaned with backup :mozilla.317:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Centrport : Cleaned with backup :mozilla.318:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Centrport : Cleaned with backup :mozilla.319:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Centrport : Cleaned with backup :mozilla.324:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adserver : Cleaned with backup :mozilla.342:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.346:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Porngraph : Cleaned with backup :mozilla.361:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Questionmarket : Cleaned with backup :mozilla.363:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.364:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.365:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.369:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Realtracker : Cleaned with backup :mozilla.375:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.378:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Bluestreak : Cleaned with backup C:\Documents and Settings\Owner\Local Settings\Temp\!update.exe -> Downloader.PurityScan.co : Cleaned with backup C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup C:\Documents and Settings\Owner\Local Settings\Temp\win66.tmp.exe -> Hijacker.Small : Cleaned with backup C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\OPE3STI7\!update-3895[1].0000 -> Downloader.PurityScan.co : Cleaned with backup C:\Documents and Settings\Owner\Start Menu\Programs\WhenU -> Adware.SaveNow : Cleaned with backup C:\Documents and Settings\Owner\Start Menu\Programs\WhenU\Uninstall.lnk -> Adware.SaveNow : Cleaned with backup C:\os32mgr.dll -> Hijacker.Small.kb : Cleaned with backup C:\WINDOWS\system32\1024 -> Trojan.Small : Cleaned with backup C:\WINDOWS\system32\regperf.exe -> Downloader.Zlob.rf : Cleaned with backup ::Report End
and as for HJT Logfile of HijackThis v1.99.1 Scan saved at 1:47:54 PM, on 6/6/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\WINDOWS\system32\DVDRAMSV.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Agnitum\Outpost Firewall\outpost.exe C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe c:\Toshiba\IVP\swupdate\swupdtmr.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe C:\Program Files\TOSHIBA\TOSHIBA Applet\tme3srv.exe c:\program files\verizon wireless\venturi\Client\ventc.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe C:\Program Files\Toshiba\Toshiba Applet\DockMsgFrom.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Toshiba\Tvs\TvsTray.exe C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\toshiba\ivp\ism\pinger.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe C:\Program Files\AIM\aim.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\WINDOWS\system32\RAMASST.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Owner\Desktop\dloaded crap\HijackThis.exe C:\Program Files\Common Files\Agnitum Shared\aupdate\aupdrun.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe O4 - HKLM\..\Run: [TMEPROP] C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe -S O4 - HKLM\..\Run: [DockMsgFrom] C:\Program Files\Toshiba\Toshiba Applet\DockMsgFrom.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Outpost Firewall] "C:\Program Files\Agnitum\Outpost Firewall\outpost.exe" /waitservice O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dumps_startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe -a O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun O4 - Startup: VZAccess Manager.lnk = C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1127421342906 O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINDOWS\system32\msiexec.exe (file missing) O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe O23 - Service: TME3SRV - IEC - C:\Program Files\TOSHIBA\TOSHIBA Applet\tme3srv.exe O23 - Service: Venturi Client (Venturi2) - Venturi Wireless - c:\program files\verizon wireless\venturi\Client\ventc.exe
Ok, we'll continue Download SmitfraudFix.zip to your desktop -> http://siri.urz.free.fr/Fix/SmitfraudFix.zip Unzip it (folder named SmitFraudFix) to your desktop: Open the folder SmitfraudFix and doubleclick smitfraudfix.cmd Choose option #1 - Search by typing 1 and pressing "Enter"; a textfile opens and lists the infected files (if those exist) Post the contents of this textfile to here. (Some antiviruses recognises process.exe as a malware. It is not malware, it is a program that stops processes)
SmitFraudFix v2.55 Scan done at 4:47:29.53, Wed 06/07/2006 Run from C:\Documents and Settings\Owner\Desktop\SFF\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT Fix ran in normal mode »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 C:\WINDOWS\system32\dcomcfg.exe FOUND ! C:\WINDOWS\system32\ot.ico FOUND ! C:\WINDOWS\system32\simpole.tlb FOUND ! »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Owner\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Start Menu »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Owner\FAVORI~1 C:\DOCUME~1\Owner\FAVORI~1\Antivirus Test Online.url FOUND ! »»»»»»»»»»»»»»»»»»»»»»»» Desktop »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="My Current Home Page" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}"="alongshore" [HKEY_CLASSES_ROOT\CLSID\{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}\InProcServer32] @="C:\WINDOWS\system32\yhbdupd.dll" [HKEY_CURRENT_USER\Software\Classes\CLSID\{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}\InProcServer32] @="C:\WINDOWS\system32\yhbdupd.dll" »»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection »»»»»»»»»»»»»»»»»»»»»»»» End
* Reboot your computer in Safe Mode (before the Windows icon appears, tap the F8 key continually) * Double-click smitfraudfix.cmd * Select 2 and hit Enter to delete infect files. * You will be prompted: Do you want to clean the registry ? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection. * The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): Replace infected file ? answer Y (yes) and hit Enter to restore a clean file. * A reboot may be needed to finish the cleaning process. The report can be found at the root of the system drive, usually at C:\rapport.txt Send contents of that file and a fresh HjT log.
SmitFraudFix v2.55 Scan done at 11:25:14.16, Wed 06/07/2006 Run from C:\Documents and Settings\Owner\Desktop\SFF\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT Fix ran in safe mode »»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}"="alongshore" [HKEY_CLASSES_ROOT\CLSID\{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}\InProcServer32] @="C:\WINDOWS\system32\yhbdupd.dll" [HKEY_CURRENT_USER\Software\Classes\CLSID\{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}\InProcServer32] @="C:\WINDOWS\system32\yhbdupd.dll" »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files C:\WINDOWS\system32\dcomcfg.exe Deleted C:\WINDOWS\system32\ot.ico Deleted C:\WINDOWS\system32\simpole.tlb Deleted C:\DOCUME~1\Owner\FAVORI~1\Antivirus Test Online.url Deleted »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri C:\WINDOWS\system32\yhbdupd.dll -> Missing File »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning Registry Cleaning done. »»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» End HJT: Logfile of HijackThis v1.99.1 Scan saved at 11:31:55 AM, on 6/7/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\WINDOWS\system32\DVDRAMSV.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe c:\Toshiba\IVP\swupdate\swupdtmr.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe C:\Program Files\TOSHIBA\TOSHIBA Applet\tme3srv.exe c:\program files\verizon wireless\venturi\Client\ventc.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe C:\Program Files\Toshiba\Toshiba Applet\DockMsgFrom.exe C:\WINDOWS\system32\TPSBattM.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Toshiba\Tvs\TvsTray.exe C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\toshiba\ivp\ism\pinger.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe C:\Program Files\AIM\aim.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\WINDOWS\system32\RAMASST.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Owner\Desktop\dloaded crap\HijackThis.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe O4 - HKLM\..\Run: [TMEPROP] C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe -S O4 - HKLM\..\Run: [DockMsgFrom] C:\Program Files\Toshiba\Toshiba Applet\DockMsgFrom.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dumps_startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe -a O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun O4 - Startup: VZAccess Manager.lnk = C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1127421342906 O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINDOWS\system32\msiexec.exe (file missing) O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe O23 - Service: TME3SRV - IEC - C:\Program Files\TOSHIBA\TOSHIBA Applet\tme3srv.exe O23 - Service: Venturi Client (Venturi2) - Venturi Wireless - c:\program files\verizon wireless\venturi\Client\ventc.exe
