Win32:Zlob-BM and Win32:Purityscan-Q

Discussion in 'Windows - Virus and spyware problems' started by RicePigeo, Jun 5, 2006.

  1. RicePigeo

    RicePigeo Member

    Joined:
    Jun 5, 2006
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    11
    Alright, apparently I downloaded these somehow, and avast seems to detect these on a system boot and while it claims to have deleted them, a popup of detecting an Adware.Purityscan when Windows boots up does not cease. Judging by these threads, I took the opportunity to download and use HJT.

    Logfile of HijackThis v1.99.1
    Scan saved at 2:43:46 PM, on 6/5/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Program Files\Symantec AntiVirus\DefWatch.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    c:\Toshiba\IVP\swupdate\swupdtmr.exe
    C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
    C:\Program Files\TOSHIBA\TOSHIBA Applet\tme3srv.exe
    c:\program files\verizon wireless\venturi\Client\ventc.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\Toshiba\Toshiba Applet\DockMsgFrom.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Toshiba\Tvs\TvsTray.exe
    C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
    C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\toshiba\ivp\ism\pinger.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\PROGRA~1\SYMANT~1\VPTray.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\455f15e.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe
    C:\Program Files\AIM\aim.exe
    C:\Program Files\s?stem32\?ttrib.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Netscape\Netscape Browser\netscape.exe
    C:\PROGRA~1\WINZIP\winzip32.exe
    C:\Documents and Settings\Owner\Desktop\dloaded crap\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = prosearching.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
    R3 - Default URLSearchHook is missing
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    O4 - HKLM\..\Run: [TMEPROP] C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe -S
    O4 - HKLM\..\Run: [DockMsgFrom] C:\Program Files\Toshiba\Toshiba Applet\DockMsgFrom.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
    O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
    O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
    O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [455f15e.exe] C:\WINDOWS\system32\455f15e.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe -a
    O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
    O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
    O4 - HKCU\..\Run: [Esrm] "C:\WINDOWS\MANTEC~1\nopdb.exe" -vt yazr
    O4 - HKCU\..\Run: [455f15e.exe] C:\Documents and Settings\Owner\Local Settings\Application Data\455f15e.exe
    O4 - HKCU\..\Run: [Tdermocb] C:\Program Files\s?stem32\?ttrib.exe
    O4 - Startup: VZAccess Manager.lnk = C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1127421342906
    O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
    O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINDOWS\system32\msiexec.exe (file missing)
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
    O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
    O23 - Service: TME3SRV - IEC - C:\Program Files\TOSHIBA\TOSHIBA Applet\tme3srv.exe
    O23 - Service: Venturi Client (Venturi2) - Venturi Wireless - c:\program files\verizon wireless\venturi\Client\ventc.exe
     
  2. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Hi RicePigeo

    Look in your control panels add/remove programs for PuritySCAN By OIN, OuterInfo, OIN or similar , click on it and click remove.
    Reboot and delete this folder if found:
    C:\Program Files\PurityScan

    If not listed, download and run this uninstaller:
    http://www.outerinfo.com/OiUninstaller.exe

    http://www.outerinfo.com/howto.html Tutorial for the uninstaller if needed

    Reboot when done and delete this folder if found:
    C:\Program Files\PurityScan

    Fix with HjT (do a system scan only, checkmark these and press fix checked):

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = prosearching.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
    R3 - Default URLSearchHook is missing
    O4 - HKLM\..\Run: [455f15e.exe] C:\WINDOWS\system32\455f15e.exe
    O4 - HKCU\..\Run: [455f15e.exe] C:\Documents and Settings\Owner\Local Settings\Application Data\455f15e.exe
    O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123


    Please download ewido anti-malware it is a free version of the program -> http://www.ewido.net/en/download/

    1. Install ewido anti-malware
    2. When installing, under "Additional Options" uncheck..
    * Install background guard
    * Install scan via context menu
    3. Launch ewido, there should be an icon on your desktop, double-click it.
    4. The program will now open to the main screen.
    5. When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
    6. You will need to update ewido to the latest definition files.
    * On the left hand side of the main screen click update.
    * Then click on Start Update.
    7. The update will start and a progress bar will show the updates being installed.
    (the status bar at the bottom will display ("Update successful")

    If you are having problems with the updater, you can use this link to manually update ewido.
    ewido manual updates -> http://download.ewido.net/ewido-signatures-full-current.exe Make sure to close Ewido before installing the update.

    Once the updates are installed do the following:

    Reboot your computer in SafeMode by doing the following:

    1. Restart your computer
    2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
    3. Instead of Windows loading as normal, a menu should appear
    4. Select the first option, to run Windows in Safe Mode.

    Delete, if found:

    C:\WINDOWS\system32\455f15e.exe
    C:\Documents and Settings\Owner\Local Settings\Application Data\455f15e.exe

    Then launch ewido:

    * Click on scanner
    * Click on Complete System Scan and the scan will begin.
    * You will be prompted to clean the first infection.
    * Select "Perform action on all infections", then proceed.
    * Once the scan has completed, there will be a button located on the bottom of the screen named Save report
    * Click Save report.
    * Save the report .txt file to your desktop or a location where you can find it easily.

    Close ewido anti-malware.

    Reboot back to normal mode

    Send ewido report and a fresh HJT log
     
  3. RicePigeo

    RicePigeo Member

    Joined:
    Jun 5, 2006
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    11
    ---------------------------------------------------------
    ewido anti-malware - Scan report
    ---------------------------------------------------------

    + Created on: 1:34:34 PM, 6/6/2006
    + Report-Checksum: E48819D2

    + Scan result:

    HKLM\SOFTWARE\Clickspring -> Adware.PurityScan : Cleaned with backup
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\\kernel32.dll -> Trojan.Small : Cleaned with backup
    :mozilla.13:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.14:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.15:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.16:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
    :mozilla.23:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.24:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.25:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.26:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.27:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.40:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
    :mozilla.41:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
    :mozilla.42:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
    :mozilla.45:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.46:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.47:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.48:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.50:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
    :mozilla.51:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
    :mozilla.52:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
    :mozilla.53:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
    :mozilla.56:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
    :mozilla.57:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.58:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.93:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
    :mozilla.94:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
    :mozilla.95:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
    :mozilla.96:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.97:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.103:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
    :mozilla.104:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.105:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.106:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
    :mozilla.107:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
    :mozilla.109:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
    :mozilla.110:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
    :mozilla.115:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.116:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.117:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.118:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.119:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.120:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.125:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.140:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.141:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.153:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.158:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.164:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup
    :mozilla.167:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
    :mozilla.181:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n1iru6j3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.39:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.40:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.41:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.42:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.43:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.44:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.45:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.46:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.47:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.48:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.49:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.52:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
    :mozilla.59:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
    :mozilla.60:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.68:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.69:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.70:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.71:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.72:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.73:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.74:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.75:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.76:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.77:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.79:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.80:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.81:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.82:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
    :mozilla.83:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.84:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.85:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.95:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.96:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.97:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.98:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.99:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.100:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.112:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.113:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.114:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.116:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.120:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.121:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.122:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.132:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.136:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.137:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.138:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.139:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.140:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.141:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.145:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
    :mozilla.146:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
    :mozilla.147:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
    :mozilla.148:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.149:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.150:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.151:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.154:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
    :mozilla.174:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.175:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.176:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.177:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.179:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup
    :mozilla.180:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.181:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.182:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.183:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.192:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.193:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.194:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.195:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.196:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.197:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.198:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.199:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.204:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
    :mozilla.205:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
    :mozilla.206:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
    :mozilla.207:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
    :mozilla.208:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
    :mozilla.213:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
    :mozilla.214:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
    :mozilla.215:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
    :mozilla.218:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned with backup
    :mozilla.231:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Custom-click : Cleaned with backup
    :mozilla.232:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Custom-click : Cleaned with backup
    :mozilla.251:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
    :mozilla.283:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.284:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.285:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.288:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
    :mozilla.289:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
    :mozilla.290:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
    :mozilla.291:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
    :mozilla.292:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
    :mozilla.293:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
    :mozilla.294:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.295:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.296:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.297:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.298:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.336:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
    :mozilla.343:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
    :mozilla.346:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup
    :mozilla.350:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
    :mozilla.354:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
    :mozilla.361:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.362:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.363:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.364:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.367:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
    :mozilla.368:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
    :mozilla.369:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
    :mozilla.370:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
    :mozilla.383:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
    :mozilla.387:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.400:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.401:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.402:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.403:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.408:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.409:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.413:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
    :mozilla.420:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.421:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.422:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.423:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.437:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned with backup
    :mozilla.443:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
    :mozilla.444:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
    :mozilla.445:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
    :mozilla.446:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
    :mozilla.448:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.449:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.473:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.474:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.475:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.476:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.497:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
    :mozilla.498:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
    :mozilla.499:C:\Documents and Settings\Owner\Application Data\Netscape\NSB\Profiles\onixcwoy.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@cartoonnetwork.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@com[1].txt -> TrackingCookie.Com : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@entrepreneur.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@ivwbox[2].txt -> TrackingCookie.Ivwbox : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@reduxads.valuead[2].txt -> TrackingCookie.Valuead : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@revenue[1].txt -> TrackingCookie.Revenue : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@sel.as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    C:\Documents and Settings\Owner\Cookies\owner@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.18:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Linkbuddies : Cleaned with backup
    :mozilla.19:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Doubleclick : Cleaned with backup
    :mozilla.25:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.26:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.27:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.28:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.29:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.30:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.46:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.47:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.48:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.49:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.50:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.51:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.65:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.66:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.67:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.68:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.71:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.72:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup
    :mozilla.73:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup
    :mozilla.74:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup
    :mozilla.75:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup
    :mozilla.82:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Hotlog : Cleaned with backup
    :mozilla.84:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Spylog : Cleaned with backup
    :mozilla.86:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Gator : Cleaned with backup
    :mozilla.94:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Bfast : Cleaned with backup
    :mozilla.108:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Euniverseads : Cleaned with backup
    :mozilla.109:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Euniverseads : Cleaned with backup
    :mozilla.110:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Specificpop : Cleaned with backup
    :mozilla.132:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.133:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.134:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.135:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.136:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.137:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Mediaplex : Cleaned with backup
    :mozilla.138:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adrevolver : Cleaned with backup
    :mozilla.139:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adrevolver : Cleaned with backup
    :mozilla.140:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adrevolver : Cleaned with backup
    :mozilla.143:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Masterstats : Cleaned with backup
    :mozilla.144:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Atdmt : Cleaned with backup
    :mozilla.145:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Revenue : Cleaned with backup
    :mozilla.155:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.156:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.157:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Centrport : Cleaned with backup
    :mozilla.158:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Centrport : Cleaned with backup
    :mozilla.159:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Centrport : Cleaned with backup
    :mozilla.164:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adserver : Cleaned with backup
    :mozilla.178:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Linkbuddies : Cleaned with backup
    :mozilla.179:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Doubleclick : Cleaned with backup
    :mozilla.185:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.186:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.187:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.188:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.189:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.190:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.206:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.207:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.208:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.209:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.210:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.211:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.225:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.226:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.227:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.228:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.231:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.232:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup
    :mozilla.233:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup
    :mozilla.234:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup
    :mozilla.235:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Com : Cleaned with backup
    :mozilla.242:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Hotlog : Cleaned with backup
    :mozilla.244:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Spylog : Cleaned with backup
    :mozilla.246:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Gator : Cleaned with backup
    :mozilla.254:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Bfast : Cleaned with backup
    :mozilla.268:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Euniverseads : Cleaned with backup
    :mozilla.269:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Euniverseads : Cleaned with backup
    :mozilla.270:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Specificpop : Cleaned with backup
    :mozilla.292:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.293:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.294:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.295:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.296:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.297:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Mediaplex : Cleaned with backup
    :mozilla.298:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adrevolver : Cleaned with backup
    :mozilla.299:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adrevolver : Cleaned with backup
    :mozilla.300:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adrevolver : Cleaned with backup
    :mozilla.303:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Masterstats : Cleaned with backup
    :mozilla.304:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Atdmt : Cleaned with backup
    :mozilla.305:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Revenue : Cleaned with backup
    :mozilla.315:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.316:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.317:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Centrport : Cleaned with backup
    :mozilla.318:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Centrport : Cleaned with backup
    :mozilla.319:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Centrport : Cleaned with backup
    :mozilla.324:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Adserver : Cleaned with backup
    :mozilla.342:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.346:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Porngraph : Cleaned with backup
    :mozilla.361:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Questionmarket : Cleaned with backup
    :mozilla.363:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.364:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.365:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.369:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Realtracker : Cleaned with backup
    :mozilla.375:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.378:C:\Documents and Settings\Owner\Desktop\nnkkm\POKEMON PROGS\roms\Rubikon\MUGS-PKSC.GBA -> TrackingCookie.Bluestreak : Cleaned with backup
    C:\Documents and Settings\Owner\Local Settings\Temp\!update.exe -> Downloader.PurityScan.co : Cleaned with backup
    C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup
    C:\Documents and Settings\Owner\Local Settings\Temp\win66.tmp.exe -> Hijacker.Small : Cleaned with backup
    C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\OPE3STI7\!update-3895[1].0000 -> Downloader.PurityScan.co : Cleaned with backup
    C:\Documents and Settings\Owner\Start Menu\Programs\WhenU -> Adware.SaveNow : Cleaned with backup
    C:\Documents and Settings\Owner\Start Menu\Programs\WhenU\Uninstall.lnk -> Adware.SaveNow : Cleaned with backup
    C:\os32mgr.dll -> Hijacker.Small.kb : Cleaned with backup
    C:\WINDOWS\system32\1024 -> Trojan.Small : Cleaned with backup
    C:\WINDOWS\system32\regperf.exe -> Downloader.Zlob.rf : Cleaned with backup


    ::Report End
     
  4. RicePigeo

    RicePigeo Member

    Joined:
    Jun 5, 2006
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    11
    and as for HJT

    Logfile of HijackThis v1.99.1
    Scan saved at 1:47:54 PM, on 6/6/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Program Files\Symantec AntiVirus\DefWatch.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\ewido anti-malware\ewidoguard.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    c:\Toshiba\IVP\swupdate\swupdtmr.exe
    C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
    C:\Program Files\TOSHIBA\TOSHIBA Applet\tme3srv.exe
    c:\program files\verizon wireless\venturi\Client\ventc.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe
    C:\Program Files\Toshiba\Toshiba Applet\DockMsgFrom.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Toshiba\Tvs\TvsTray.exe
    C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
    C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\toshiba\ivp\ism\pinger.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\PROGRA~1\SYMANT~1\VPTray.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe
    C:\Program Files\AIM\aim.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Owner\Desktop\dloaded crap\HijackThis.exe
    C:\Program Files\Common Files\Agnitum Shared\aupdate\aupdrun.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    O4 - HKLM\..\Run: [TMEPROP] C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe -S
    O4 - HKLM\..\Run: [DockMsgFrom] C:\Program Files\Toshiba\Toshiba Applet\DockMsgFrom.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
    O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
    O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
    O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Outpost Firewall] "C:\Program Files\Agnitum\Outpost Firewall\outpost.exe" /waitservice
    O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:eek:s_startup
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe -a
    O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
    O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
    O4 - Startup: VZAccess Manager.lnk = C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1127421342906
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll
    O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
    O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINDOWS\system32\msiexec.exe (file missing)
    O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
    O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
    O23 - Service: TME3SRV - IEC - C:\Program Files\TOSHIBA\TOSHIBA Applet\tme3srv.exe
    O23 - Service: Venturi Client (Venturi2) - Venturi Wireless - c:\program files\verizon wireless\venturi\Client\ventc.exe

     
  5. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Ok, we'll continue :)

    Download SmitfraudFix.zip to your desktop -> http://siri.urz.free.fr/Fix/SmitfraudFix.zip

    Unzip it (folder named SmitFraudFix) to your desktop:

    Open the folder SmitfraudFix and doubleclick smitfraudfix.cmd
    Choose option #1 - Search by typing 1 and pressing "Enter"; a textfile opens and lists the infected files (if those exist)

    Post the contents of this textfile to here.

    (Some antiviruses recognises process.exe as a malware. It is not malware, it is a program that stops processes)
     
  6. RicePigeo

    RicePigeo Member

    Joined:
    Jun 5, 2006
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    11
    SmitFraudFix v2.55

    Scan done at 4:47:29.53, Wed 06/07/2006
    Run from C:\Documents and Settings\Owner\Desktop\SFF\SmitfraudFix
    OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
    Fix ran in normal mode

    »»»»»»»»»»»»»»»»»»»»»»»» C:\


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

    C:\WINDOWS\system32\dcomcfg.exe FOUND !
    C:\WINDOWS\system32\ot.ico FOUND !
    C:\WINDOWS\system32\simpole.tlb FOUND !

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Owner\Application Data


    »»»»»»»»»»»»»»»»»»»»»»»» Start Menu


    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Owner\FAVORI~1

    C:\DOCUME~1\Owner\FAVORI~1\Antivirus Test Online.url FOUND !

    »»»»»»»»»»»»»»»»»»»»»»»» Desktop


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


    »»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


    »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="My Current Home Page"


    »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    "{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}"="alongshore"

    [HKEY_CLASSES_ROOT\CLSID\{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}\InProcServer32]
    @="C:\WINDOWS\system32\yhbdupd.dll"

    [HKEY_CURRENT_USER\Software\Classes\CLSID\{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}\InProcServer32]
    @="C:\WINDOWS\system32\yhbdupd.dll"


    »»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


    »»»»»»»»»»»»»»»»»»»»»»»» End

     
  7. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    * Reboot your computer in Safe Mode (before the Windows icon appears, tap the F8 key continually)
    * Double-click smitfraudfix.cmd
    * Select 2 and hit Enter to delete infect files.
    * You will be prompted: Do you want to clean the registry ? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.
    * The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): Replace infected file ? answer Y (yes) and hit Enter to restore a clean file.
    * A reboot may be needed to finish the cleaning process. The report can be found at the root of the system drive, usually at C:\rapport.txt

    Send contents of that file and a fresh HjT log.
     
  8. RicePigeo

    RicePigeo Member

    Joined:
    Jun 5, 2006
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    11
    SmitFraudFix v2.55

    Scan done at 11:25:14.16, Wed 06/07/2006
    Run from C:\Documents and Settings\Owner\Desktop\SFF\SmitfraudFix
    OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
    Fix ran in safe mode

    »»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    "{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}"="alongshore"

    [HKEY_CLASSES_ROOT\CLSID\{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}\InProcServer32]
    @="C:\WINDOWS\system32\yhbdupd.dll"

    [HKEY_CURRENT_USER\Software\Classes\CLSID\{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}\InProcServer32]
    @="C:\WINDOWS\system32\yhbdupd.dll"


    »»»»»»»»»»»»»»»»»»»»»»»» Killing process


    »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

    C:\WINDOWS\system32\dcomcfg.exe Deleted
    C:\WINDOWS\system32\ot.ico Deleted
    C:\WINDOWS\system32\simpole.tlb Deleted
    C:\DOCUME~1\Owner\FAVORI~1\Antivirus Test Online.url Deleted

    »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

    GenericRenosFix by S!Ri

    C:\WINDOWS\system32\yhbdupd.dll -> Missing File


    »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


    »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

    Registry Cleaning done.

    »»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll


    »»»»»»»»»»»»»»»»»»»»»»»» End





    HJT:




    Logfile of HijackThis v1.99.1
    Scan saved at 11:31:55 AM, on 6/7/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Program Files\Symantec AntiVirus\DefWatch.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\ewido anti-malware\ewidoguard.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    c:\Toshiba\IVP\swupdate\swupdtmr.exe
    C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
    C:\Program Files\TOSHIBA\TOSHIBA Applet\tme3srv.exe
    c:\program files\verizon wireless\venturi\Client\ventc.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe
    C:\Program Files\Toshiba\Toshiba Applet\DockMsgFrom.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Toshiba\Tvs\TvsTray.exe
    C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
    C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\toshiba\ivp\ism\pinger.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\PROGRA~1\SYMANT~1\VPTray.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe
    C:\Program Files\AIM\aim.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Owner\Desktop\dloaded crap\HijackThis.exe

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    O4 - HKLM\..\Run: [TMEPROP] C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe -S
    O4 - HKLM\..\Run: [DockMsgFrom] C:\Program Files\Toshiba\Toshiba Applet\DockMsgFrom.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
    O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
    O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
    O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:eek:s_startup
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe -a
    O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
    O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
    O4 - Startup: VZAccess Manager.lnk = C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1127421342906
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll
    O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
    O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINDOWS\system32\msiexec.exe (file missing)
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
    O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
    O23 - Service: TME3SRV - IEC - C:\Program Files\TOSHIBA\TOSHIBA Applet\tme3srv.exe
    O23 - Service: Venturi Client (Venturi2) - Venturi Wireless - c:\program files\verizon wireless\venturi\Client\ventc.exe

     
  9. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Looks clean to me. Still problems?
     
  10. RicePigeo

    RicePigeo Member

    Joined:
    Jun 5, 2006
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    11
    Not that I've noticed. Everything seems to be running fine. Thanks.
     

Share This Page