Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Systemdoctor, Winantivirus, & Other Popups + Malware


  • Please log in to reply
13 replies to this topic

#1 theHeat

theHeat

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:29 AM

Posted 12 October 2006 - 07:43 PM

I am constantly receiving popup windows from SystemDoctor, WinAntiVirus, and Sygate Personal Firewall has detected the following trying to access the internet:

H:\Program Files\Common Files\{683AD889-07D9-1033-0310-051124040001}\Update.exe

trying to access

dr.mcboo.com [213.251.136.219]

I also have a red border around Firefox and a few other things. I've run AVG Free Edition in safe mode and cleaned to the best of my abilities. I have also run Ad-Aware and Spybot to do their best.

Please, take a look at my log and tell me if you notice anything unusual!

Thanks in advance!
Logfile of HijackThis v1.99.1
Scan saved at 8:34:14 PM, on 10/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\csrss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Sygate\SPF\smc.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\Tablet.exe
H:\WINDOWS\system32\wdfmgr.exe
H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
H:\WINDOWS\system32\wbem\wmiprvse.exe
H:\WINDOWS\system32\wbem\wmiprvse.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 195.175.37.8:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - H:\Program Files\Common Files\{383AD889-07D9-1033-0310-051124040001}\MyToolBar.dll
O3 - Toolbar: &VSToolBar - {821F87FF-8245-4972-9E28-732E92EC2F51} - H:\Program Files\VSToolbar\VSToolBar.dll
O4 - HKLM\..\Run: [NVMixerTray] "H:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [ATICCC] "H:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [SmcService] H:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] H:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [CloneCDTray] "H:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] H:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [iTunesHelper] "H:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "H:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "H:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "H:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] H:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] H:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [type32] "H:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "H:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [WinFast Schedule] H:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [AVG7_CC] H:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [BufferZone] "H:\Program Files\BufferZone\CLIENTGUI.EXE" /STARTUP
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] H:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: Konfabulator.lnk.disabled
O4 - Startup: Xfire.lnk.disabled
O4 - Startup: Yahoo! Widget Engine.lnk.disabled
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = H:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = H:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = H:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = H:\WINDOWS\system32\WTablet\TabUserW.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - H:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - H:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - H:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - H:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - H:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {10093E98-C073-4C75-8D0E-FB5CD3A71D33} (ZoneUpwords Object) - http://messenger.zone.msn.com/binary/Upwords.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O18 - Protocol: bw+0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "H:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - H:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Unknown owner - H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" -win32service (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - H:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - H:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: app_filter - Unknown owner - H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: BufferZone Service (BufferZoneSvc) - Unknown owner - H:\Program Files\BufferZone\ClntSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - H:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Maya 6.5 Documentation Server (maya65docserver) - Unknown owner - H:\Program Files\Alias\Maya6.5\docs\wrapper.exe" -s "H:\Program Files\Alias\Maya6.5\docs\Wrapper.conf (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - H:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - H:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - H:\Program Files\Sygate\SPF\smc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - H:\WINDOWS\system32\Tablet.exe


BC AdBot (Login to Remove)

 


#2 Mr_JAk3

Mr_JAk3

    HJT Team Member


  • Members
  • 527 posts
  • OFFLINE
  •  
  • Location:Finland
  • Local time:03:29 PM

Posted 15 October 2006 - 05:21 AM

Hi theHeat and welcome to Bleeping Computer :thumbsup:

You got infections there....

Create a new folder named HijackThis to your desktop. Move Hijackthis.exe into that folder.

Please rename HijackThis.exe to Scanner.exe

Please download VundoFix.exe to your desktop.
  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
  • Please post the contents of C:\vundofix.txt and a new HiJackThis log.
Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.
UNITE & ASAP member since 2006
Posted Image
Posted Image

#3 theHeat

theHeat
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:29 AM

Posted 16 October 2006 - 05:32 PM

Thanks so much! I haven't had a chance to do this yet as college is ruling my life, but I'll post my findings after following your suggestions!

#4 Mr_JAk3

Mr_JAk3

    HJT Team Member


  • Members
  • 527 posts
  • OFFLINE
  •  
  • Location:Finland
  • Local time:03:29 PM

Posted 25 October 2006 - 04:07 AM

Hi again, still there ? :thumbsup:
UNITE & ASAP member since 2006
Posted Image
Posted Image

#5 theHeat

theHeat
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:29 AM

Posted 07 November 2006 - 01:00 PM

Yes, thanks for your help Mr_JAk3! Sorry, I've been neglecting my desktop and using my laptop instead. I haven't had much time to spare.

Here are the details:

VundoFix V6.2.7

Checking Java version...

Java version is 1.5.0.2

Java version is 1.5.0.4

Java version is 1.5.0.6

Scan started at 12:46:16 PM 11/7/2006

Listing files found while scanning....

H:\WINDOWS\system32\urqpqpp.dll
H:\WINDOWS\system32\pybvwjsi.exe
H:\WINDOWS\system32\mllji.dll
H:\WINDOWS\system32\ijllm.ini
H:\WINDOWS\system32\ijllm.bak1
H:\WINDOWS\system32\ijllm.bak2

Beginning removal...

 Attempting to delete H:\WINDOWS\system32\urqpqpp.dll
H:\WINDOWS\system32\urqpqpp.dll Has been deleted!

 Attempting to delete H:\WINDOWS\system32\pybvwjsi.exe
H:\WINDOWS\system32\pybvwjsi.exe Has been deleted!

 Attempting to delete H:\WINDOWS\system32\ijllm.ini
H:\WINDOWS\system32\ijllm.ini Has been deleted!

 Attempting to delete H:\WINDOWS\system32\ijllm.bak1
H:\WINDOWS\system32\ijllm.bak1 Has been deleted!

 Attempting to delete H:\WINDOWS\system32\ijllm.bak2
H:\WINDOWS\system32\ijllm.bak2 Has been deleted!

Performing Repairs to the registry.
Done!

... and here's the new HijackThis! Log.

Logfile of HijackThis v1.99.1
Scan saved at 12:57:12 PM, on 11/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\csrss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Sygate\SPF\smc.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
H:\Program Files\AntiVir PersonalEdition Classic\sched.exe
H:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
H:\Program Files\Alias\Maya6.5\docs\wrapper.exe
H:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
H:\Program Files\Alias\Maya6.5\docs\jre\bin\java.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\Tablet.exe
H:\WINDOWS\system32\wdfmgr.exe
H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\wbem\wmiprvse.exe
H:\WINDOWS\CTHELPER.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
H:\Program Files\Google\Gmail Notifier\gnotify.exe
H:\Program Files\iTunes\iTunesHelper.exe
H:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
H:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
H:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
H:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
H:\Program Files\Microsoft IntelliType Pro\type32.exe
H:\Program Files\Microsoft IntelliPoint\point32.exe
H:\Program Files\WinFast\WFTVFM\WFWIZ.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
H:\Program Files\ipwins\ipwins.exe
H:\Program Files\Common Files\{683AD889-07D9-1033-0310-051124040001}\Update.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\AIM\aim.exe
H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\acrobat_sl.exe
H:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
H:\WINDOWS\system32\WTablet\TabUserW.exe
H:\Program Files\iPod\bin\iPodService.exe
H:\WINDOWS\System32\alg.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\wuauclt.exe
H:\WINDOWS\system32\wuauclt.exe
H:\PROGRA~1\MOZILL~1\FIREFOX.EXE
H:\WINDOWS\system32\NOTEPAD.EXE
H:\Documents and Settings\Administrator\Desktop\HijackThis\Scanner.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 195.175.37.8:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - H:\WINDOWS\system32\cdtyhmmq.dll (file missing)
O2 - BHO: (no name) - {225442AC-DA56-470E-9E43-8C5E7416D7F8} - H:\WINDOWS\system32\mllji.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - H:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - H:\WINDOWS\system32\ixt0.dll (file missing)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - H:\Program Files\Common Files\{383AD889-07D9-1033-0310-051124040001}\MyToolBar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - H:\Program Files\Common Files\{383AD889-07D9-1033-0310-051124040001}\MyToolBar.dll
O3 - Toolbar: &VSToolBar - {821F87FF-8245-4972-9E28-732E92EC2F51} - H:\Program Files\VSToolbar\VSToolBar.dll
O4 - HKLM\..\Run: [NVMixerTray] "H:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [ATICCC] "H:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [SmcService] H:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] H:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [CloneCDTray] "H:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] H:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [iTunesHelper] "H:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "H:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "H:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "H:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] H:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] H:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [type32] "H:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "H:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [WinFast Schedule] H:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [AVG7_CC] H:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [BufferZone] "H:\Program Files\BufferZone\CLIENTGUI.EXE" /STARTUP
O4 - HKLM\..\Run: [IpWins] H:\Program Files\ipwins\ipwins.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] H:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: Konfabulator.lnk.disabled
O4 - Startup: Xfire.lnk.disabled
O4 - Startup: Yahoo! Widget Engine.lnk.disabled
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = H:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = H:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = H:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = H:\WINDOWS\system32\WTablet\TabUserW.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - H:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - H:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - H:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - H:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - H:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {10093E98-C073-4C75-8D0E-FB5CD3A71D33} (ZoneUpwords Object) - http://messenger.zone.msn.com/binary/Upwords.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O18 - Protocol: bw+0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "H:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: mllji - H:\WINDOWS\system32\mllji.dll (file missing)
O20 - Winlogon Notify: WgaLogon - H:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winrzf32 - winrzf32.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - H:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Unknown owner - H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" -win32service (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - H:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - H:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: app_filter - Unknown owner - H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: BufferZone Service (BufferZoneSvc) - Unknown owner - H:\Program Files\BufferZone\ClntSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - H:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Maya 6.5 Documentation Server (maya65docserver) - Unknown owner - H:\Program Files\Alias\Maya6.5\docs\wrapper.exe" -s "H:\Program Files\Alias\Maya6.5\docs\Wrapper.conf (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - H:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - H:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - H:\Program Files\Sygate\SPF\smc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - H:\WINDOWS\system32\Tablet.exe

Thanks again!
Sean

#6 Mr_JAk3

Mr_JAk3

    HJT Team Member


  • Members
  • 527 posts
  • OFFLINE
  •  
  • Location:Finland
  • Local time:03:29 PM

Posted 08 November 2006 - 08:40 AM

Hi again, we'll continue :thumbsup:

Please download SmitfraudFix (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.

Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlogic.org/consulting/proc...processutil.htm

NOTE: Do not run any other options from SmitfraudFix until I tell you to do so!
UNITE & ASAP member since 2006
Posted Image
Posted Image

#7 theHeat

theHeat
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:29 AM

Posted 11 February 2007 - 02:00 PM

Hi again!

Man, I'm really bad at fixing this thing. I appreciate all your help and I'm sorry my replies are so far apart! Life sure is busy!

As you requested, here's the text file log.

SmitFraudFix v2.141

Scan done at 13:57:43.58, Sun 02/11/2007
Run from H:\Documents and Settings\Administrator\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

 hosts


 H:\


 H:\WINDOWS


 H:\WINDOWS\system


 H:\WINDOWS\Web


 H:\WINDOWS\system32


 H:\WINDOWS\system32\LogFiles


 H:\Documents and Settings\Administrator


 H:\Documents and Settings\Administrator\Application Data


 Start Menu


 H:\DOCUME~1\ADMINI~1\FAVORI~1


 Desktop


 H:\Program Files 


 Corrupted keys


 Desktop Components
 
 

 Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


 AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


 Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


 pe386-msguard-lzx32-huy32


 Scanning wininet.dll infection


 End


#8 Mr_JAk3

Mr_JAk3

    HJT Team Member


  • Members
  • 527 posts
  • OFFLINE
  •  
  • Location:Finland
  • Local time:03:29 PM

Posted 12 February 2007 - 05:22 AM

Hi :flowers:

Please post a fresh HijackThis log and we'll continue :thumbsup:

Edited by Mr_JAk3, 12 February 2007 - 05:22 AM.

UNITE & ASAP member since 2006
Posted Image
Posted Image

#9 theHeat

theHeat
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:29 AM

Posted 24 May 2007 - 02:45 PM

Thanks for all your help Mr_JAk3! I've still been neglecting fixing this computer!

Here's the new log!

Logfile of HijackThis v1.99.1
Scan saved at 3:39:43 PM, on 5/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Sygate\SPF\smc.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\CTHELPER.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
H:\Program Files\iTunes\iTunesHelper.exe
H:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
H:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
H:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
H:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
H:\Program Files\Microsoft IntelliType Pro\type32.exe
H:\Program Files\Microsoft IntelliPoint\point32.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
H:\Program Files\AntiVir PersonalEdition Classic\sched.exe
H:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
H:\WINDOWS\system32\ctfmon.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
H:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
H:\WINDOWS\system32\WTablet\TabUserW.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
H:\Program Files\Adobe\Adobe Version Cue 

CS2\data\database\bin\mysqld-nt.exe
H:\Program Files\Alias\Maya6.5\docs\wrapper.exe
H:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
H:\Program Files\Alias\Maya6.5\docs\jre\bin\java.exe
H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
H:\Program Files\NVIDIA 

Corporation\NetworkAccessManager\bin\nSvcLog.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
H:\WINDOWS\system32\Tablet.exe
H:\Program Files\NVIDIA 

Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
H:\Program Files\iPod\bin\iPodService.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Program Files\Ventrilo\Ventrilo.exe
H:\Documents and Settings\Administrator\Desktop\HijackThis\Scanner.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet 

Settings,ProxyServer = 195.175.37.8:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName 

= 
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} 

- H:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - 

H:\WINDOWS\system32\cdtyhmmq.dll (file missing)
O2 - BHO: (no name) - {225442AC-DA56-470E-9E43-8C5E7416D7F8} - 

H:\WINDOWS\system32\mllji.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - 

H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Malicious Scripts Scanner - 

{55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - H:\Documents and Settings\All 

Users\Application Data\Prevx\pxbho.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - 

{601ED020-FB6C-11D3-87D8-0050DA59922B} - H:\Program 

Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - 

H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - 

H:\WINDOWS\system32\ixt0.dll (file missing)
O2 - BHO: AcroIEToolbarHelper Class - 

{AE7CD045-E861-484f-8273-0445EE161910} - H:\Program Files\Adobe\Adobe 

Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - 

H:\Program Files\Common 

Files\{383AD889-07D9-1033-0310-051124040001}\MyToolBar.dll (file 

missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - 

H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - 

H:\Program Files\Common 

Files\{383AD889-07D9-1033-0310-051124040001}\MyToolBar.dll (file 

missing)
O3 - Toolbar: (no name) - {821F87FF-8245-4972-9E28-732E92EC2F51} - (no 

file)
O4 - HKLM\..\Run: [NVMixerTray] "H:\Program Files\NVIDIA 

Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [SmcService] H:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program 

Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [CloneCDTray] "H:\Program 

Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] H:\Program 

Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [iTunesHelper] "H:\Program 

Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\K-Lite Codec 

Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "H:\Program Files\AntiVir PersonalEdition 

Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "H:\Program Files\Adobe\Adobe 

Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "H:\Program Files\Adobe\Adobe 

Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] H:\Program 

Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] H:\Program Files\ANI\ANIWZCS2 

Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [type32] "H:\Program Files\Microsoft IntelliType 

Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "H:\Program Files\Microsoft 

IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [WinFast Schedule] H:\Program 

Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [AVG7_CC] H:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe 

/STARTUP
O4 - HKLM\..\Run: [BufferZone] "H:\Program 

Files\BufferZone\CLIENTGUI.EXE" /STARTUP
O4 - HKLM\..\Run: [IpWins] H:\Program Files\ipwins\ipwins.exe
O4 - HKLM\..\Run: [PrevxOne] "H:\Program Files\Prevx1\PXConsole.exe"
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] H:\Program Files\ATI 

Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - Startup: Konfabulator.lnk.disabled
O4 - Startup: Xfire.lnk.disabled
O4 - Startup: Yahoo! Widget Engine.lnk.disabled
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = H:\Program Files\Common 

Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma.lnk = H:\Program Files\Common 

Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = H:\Program 

Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = H:\Program Files\Microsoft 

Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = 

H:\WINDOWS\system32\WTablet\TabUserW.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - 

res://H:\Program Files\Adobe\Adobe Acrobat 

7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - 

res://H:\Program Files\Adobe\Adobe Acrobat 

7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - 

res://H:\Program Files\Adobe\Adobe Acrobat 

7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - 

res://H:\Program Files\Adobe\Adobe Acrobat 

7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - 

res://H:\Program Files\Adobe\Adobe Acrobat 

7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - 

res://H:\Program Files\Adobe\Adobe Acrobat 

7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://H:\Program 

Files\Adobe\Adobe Acrobat 

7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - 

res://H:\Program Files\Adobe\Adobe Acrobat 

7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - 

res://H:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - 

H:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - 

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program 

Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - 

H:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - 

{4528BBE0-4E08-11D5-AD55-00010333D0AD} - H:\Program 

Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - 

H:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - 

{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - H:\Program 

Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - 

{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - H:\Program 

Files\PartyPoker\PartyPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - 

H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - 

{FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program 

Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - 

http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - 

http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {10093E98-C073-4C75-8D0E-FB5CD3A71D33} (ZoneUpwords Object) 

- http://messenger.zone.msn.com/binary/Upwords.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient 

Class) - 

http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.ca

b
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID 

Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient 

Class) - 

http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer 

Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - 

http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O18 - Protocol: bw+0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} 

- H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - 

H:\Program Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - 

"H:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - 

{32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program 

Files\Logitech\Desktop 

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: mllji - H:\WINDOWS\system32\mllji.dll (file 

missing)
O20 - Winlogon Notify: WgaLogon - H:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winrzf32 - winrzf32.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - H:\Program 

Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Unknown owner - H:\Program 

Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" -win32service 

(file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - 

H:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) 

- AVIRA GmbH - H:\Program Files\AntiVir PersonalEdition 

Classic\avguard.exe
O23 - Service: app_filter - Unknown owner - H:\Program Files\NVIDIA 

Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - 

H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - 

H:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - 

H:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - 

H:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - 

H:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: BufferZone Service (BufferZoneSvc) - Unknown owner - 

H:\Program Files\BufferZone\ClntSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision 

Corporation - H:\Program Files\Common 

Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - H:\Program 

Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - 

H:\Program Files\Common Files\Macromedia Shared\Service\Macromedia 

Licensing.exe
O23 - Service: Maya 6.5 Documentation Server (maya65docserver) - 

Unknown owner - H:\Program Files\Alias\Maya6.5\docs\wrapper.exe" -s 

"H:\Program Files\Alias\Maya6.5\docs\Wrapper.conf (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - 

H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - 

H:\Program Files\NVIDIA 

Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - H:\Program 

Files\Prevx1\PXAgent.exe" -f (file missing)
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - 

H:\Program Files\SiSoftware\SiSoftware Sandra Lite 

2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - H:\Program 

Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate 

Technologies, Inc. - H:\Program Files\Sygate\SPF\smc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - 

H:\WINDOWS\system32\Tablet.exe


#10 Mr_JAk3

Mr_JAk3

    HJT Team Member


  • Members
  • 527 posts
  • OFFLINE
  •  
  • Location:Finland
  • Local time:03:29 PM

Posted 25 May 2007 - 02:06 PM

Hello theHeat. Quite a gap between your posts.... :flowers:

Please delete any previous versions of SmitFraudFix.

Please download tje latest version of SmitfraudFix (by S!Ri)

Double-click SmitfraudFix.exe
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

**If the tool fails to launch from the Desktop, please move SmitfraudFix.exe directly to the root of the system drive (usually C:), and launch from there.

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlogic.org/consulting/proc...processutil.htm

NOTE: Do not run any other options from SmitfraudFix until I tell you to do so!

post a fresh HijackThis log too but please disable the Notepad's "word wrap" function as it makes the log unreadable.

:thumbsup:
UNITE & ASAP member since 2006
Posted Image
Posted Image

#11 theHeat

theHeat
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:29 AM

Posted 25 May 2007 - 02:13 PM

Thanks again for your help (and your patience)!

Here's the SmitfraudFix log.

SmitFraudFix v2.188

Scan done at 15:06:54.85, Fri 05/25/2007
Run from H:\Documents and Settings\Administrator\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

 Process

H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Sygate\SPF\smc.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
H:\Program Files\AntiVir PersonalEdition Classic\sched.exe
H:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
H:\Program Files\Alias\Maya6.5\docs\wrapper.exe
H:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
H:\Program Files\Alias\Maya6.5\docs\jre\bin\java.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
H:\Program Files\Prevx1\PXAgent.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\Tablet.exe
H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\CTHELPER.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
H:\Program Files\Google\Gmail Notifier\gnotify.exe
H:\Program Files\iTunes\iTunesHelper.exe
H:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
H:\Program Files\iPod\bin\iPodService.exe
H:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
H:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
H:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
H:\Program Files\Microsoft IntelliType Pro\type32.exe
H:\Program Files\Microsoft IntelliPoint\point32.exe
H:\Program Files\WinFast\WFTVFM\WFWIZ.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
H:\Program Files\Prevx1\PXConsole.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
H:\WINDOWS\system32\wuauclt.exe
H:\WINDOWS\system32\WTablet\TabUserW.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\WINDOWS\system32\cmd.exe

 hosts


 H:\


 H:\WINDOWS


 H:\WINDOWS\system


 H:\WINDOWS\Web


 H:\WINDOWS\system32


 H:\WINDOWS\system32\LogFiles


 H:\Documents and Settings\Administrator


 H:\Documents and Settings\Administrator\Application Data


 Start Menu


 H:\DOCUME~1\ADMINI~1\FAVORI~1


 Desktop


 H:\Program Files 


 Corrupted keys


 Desktop Components
 
 

 Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


 AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


 Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


 pe386-msguard-lzx32-huy32-xpdt



 DNS

Description: NVIDIA nForce Networking Controller - Packet Scheduler Miniport
DNS Server Search Order: 192.168.1.254

HKLM\SYSTEM\CCS\Services\Tcpip\..\{BDFD3B6E-98A5-4313-8DC7-1F6AC66D4E13}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS1\Services\Tcpip\..\{AF7D74A2-6EDF-46F0-A74C-03561CF0D68B}: DhcpNameServer=63.240.76.198 204.127.199.8
HKLM\SYSTEM\CS2\Services\Tcpip\..\{BDFD3B6E-98A5-4313-8DC7-1F6AC66D4E13}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS3\Services\Tcpip\..\{BDFD3B6E-98A5-4313-8DC7-1F6AC66D4E13}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=63.240.76.198 204.127.199.8
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254


 Scanning for wininet.dll infection


 End

and here's the HijackThis! log.

Logfile of HijackThis v1.99.1
Scan saved at 3:09:11 PM, on 5/25/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Sygate\SPF\smc.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
H:\Program Files\AntiVir PersonalEdition Classic\sched.exe
H:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
H:\Program Files\Alias\Maya6.5\docs\wrapper.exe
H:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
H:\Program Files\Alias\Maya6.5\docs\jre\bin\java.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
H:\Program Files\Prevx1\PXAgent.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\Tablet.exe
H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\CTHELPER.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
H:\Program Files\Google\Gmail Notifier\gnotify.exe
H:\Program Files\iTunes\iTunesHelper.exe
H:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
H:\Program Files\iPod\bin\iPodService.exe
H:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
H:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
H:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
H:\Program Files\Microsoft IntelliType Pro\type32.exe
H:\Program Files\Microsoft IntelliPoint\point32.exe
H:\Program Files\WinFast\WFTVFM\WFWIZ.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
H:\Program Files\Prevx1\PXConsole.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
H:\WINDOWS\system32\wuauclt.exe
H:\WINDOWS\system32\WTablet\TabUserW.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Documents and Settings\Administrator\Desktop\HijackThis\Scanner.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 195.175.37.8:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - H:\WINDOWS\system32\cdtyhmmq.dll (file missing)
O2 - BHO: (no name) - {225442AC-DA56-470E-9E43-8C5E7416D7F8} - H:\WINDOWS\system32\mllji.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - H:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - H:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - H:\WINDOWS\system32\ixt0.dll (file missing)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - H:\Program Files\Common Files\{383AD889-07D9-1033-0310-051124040001}\MyToolBar.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - H:\Program Files\Common Files\{383AD889-07D9-1033-0310-051124040001}\MyToolBar.dll (file missing)
O3 - Toolbar: (no name) - {821F87FF-8245-4972-9E28-732E92EC2F51} - (no file)
O4 - HKLM\..\Run: [NVMixerTray] "H:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [SmcService] H:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [CloneCDTray] "H:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] H:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [iTunesHelper] "H:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "H:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "H:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "H:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] H:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] H:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [type32] "H:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "H:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [WinFast Schedule] H:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [AVG7_CC] H:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [BufferZone] "H:\Program Files\BufferZone\CLIENTGUI.EXE" /STARTUP
O4 - HKLM\..\Run: [IpWins] H:\Program Files\ipwins\ipwins.exe
O4 - HKLM\..\Run: [PrevxOne] "H:\Program Files\Prevx1\PXConsole.exe"
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - Startup: Konfabulator.lnk.disabled
O4 - Startup: Xfire.lnk.disabled
O4 - Startup: Yahoo! Widget Engine.lnk.disabled
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = H:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = H:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = H:\WINDOWS\system32\WTablet\TabUserW.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - H:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - H:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - H:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - H:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - H:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {10093E98-C073-4C75-8D0E-FB5CD3A71D33} (ZoneUpwords Object) - http://messenger.zone.msn.com/binary/Upwords.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O18 - Protocol: bw+0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "H:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: mllji - H:\WINDOWS\system32\mllji.dll (file missing)
O20 - Winlogon Notify: WgaLogon - H:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winrzf32 - winrzf32.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - H:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Unknown owner - H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" -win32service (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - H:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - H:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: app_filter - Unknown owner - H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: BufferZone Service (BufferZoneSvc) - Unknown owner - H:\Program Files\BufferZone\ClntSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - H:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Maya 6.5 Documentation Server (maya65docserver) - Unknown owner - H:\Program Files\Alias\Maya6.5\docs\wrapper.exe" -s "H:\Program Files\Alias\Maya6.5\docs\Wrapper.conf (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - H:\Program Files\Prevx1\PXAgent.exe" -f (file missing)
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - H:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - H:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - H:\Program Files\Sygate\SPF\smc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - H:\WINDOWS\system32\Tablet.exe

Is there any way I could donate to this site for all your help? I'd be glad to, you provide something wonderful for free. :thumbsup:

#12 Mr_JAk3

Mr_JAk3

    HJT Team Member


  • Members
  • 527 posts
  • OFFLINE
  •  
  • Location:Finland
  • Local time:03:29 PM

Posted 26 May 2007 - 02:37 PM

Hi again, we'll continue :thumbsup:

You should print these instructions or save these to a text file. Follow these instructions carefully.

Please download AVG Anti-Spyware to your Desktop or to your usual Download Folder.
http://www.ewido.net/en/download/
  • Install AVG Anti-Spyware by double clicking the installer.
  • Follow the prompts. Make sure that Launch AVG Anti-Spyware is checked.
  • On the main screen under Your Computer's security.
    • Click on Change state next to Resident shield. It should now change to inactive.
    • Click on Change state next to Automatic updates. It should now change to inactive.
    • Next to Last Update, click on Update now. (You will need an active internet connection to perform this)
    • Wait until you see the Update succesfull message.
  • Right-click the AVG Anti-Spyware Tray Icon and uncheck Start with Windows.
  • Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
If you are having problems with the updater, you can use this link to manually update ewido.
AVG Anti-Spyware manual updates.
Download the Full database to your Desktop or to your usual Download Folder and install it by double clicking the file. Make sure that AVG Anti-Spyware is closed before installing the update.

At first you need to disable a few realtime protections. These may interfere with our cleaning process.
We'll enable these when you're clean...

Disable PrevX realtime protection
  • Right click on the Prevx icon in your system tray at the bottom-right corner of your screen and choose Show Management Console..
  • On the Management Console click the Protection Level drop-down menu. You will see three levels:
    • Maximum
    • Off
    • User Defined
  • Disable all protection by setting the level to Off. You will receive a prompt asking "You are about to change your security settings. Do you wish to continue?" Click Yes.
  • Click the X on the upper right hand corner to exit the Management console.

Download ATF Cleaner by Atribune to your desktop.
Do NOT run yet.

Make your hidden files visible:
  • Go to My Computer
  • Select the Tools menu and click Folder Options
  • Click the View tab.
  • Checkmark the "Display the contents of system folders"
  • Under the Hidden files and folders select "Show hidden files and folders"
  • Uncheck "Hide protected operating system files"
  • Click Apply and then the OK and close My Computer.
==================

Open Control Panel -> Add/Remove programs -> Remove all the of the following or similar entries if found:

PartyPoker
Oin
Yazzle by Oin
Purityscan by Oin
Snowballwars by Oin
or anything similar with Oin or Outerinfo in it.
Zolero
Tizzletalk
MediaTickets
Cowabanga
and any other programs you didn't install or don't recognize - if your not sure please ask first

[/color]

Download and run this uninstaller:
http://www.outerinfo.com/OiUninstaller.exe
Tutorial for the uninstaller if needed

Run HijackThis, click Do a system scan only, and check the box next to each of these entries if still present. Close all other windows and press Fix checked. If something isn't there, please continue with the next entry in the list.

O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - H:\WINDOWS\system32\cdtyhmmq.dll (file missing)
O2 - BHO: (no name) - {225442AC-DA56-470E-9E43-8C5E7416D7F8} - H:\WINDOWS\system32\mllji.dll (file missing)
O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - H:\WINDOWS\system32\ixt0.dll (file missing)
O2 - BHO: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - H:\Program Files\Common Files\{383AD889-07D9-1033-0310-051124040001}\MyToolBar.dll (file missing)
O3 - Toolbar: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - H:\Program Files\Common Files\{383AD889-07D9-1033-0310-051124040001}\MyToolBar.dll (file missing)
O3 - Toolbar: (no name) - {821F87FF-8245-4972-9E28-732E92EC2F51} - (no file)
O4 - HKLM\..\Run: [IpWins] H:\Program Files\ipwins\ipwins.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - H:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - H:\Program Files\PartyPoker\PartyPoker.exe
O20 - Winlogon Notify: mllji - H:\WINDOWS\system32\mllji.dll (file missing)
O20 - Winlogon Notify: winrzf32 - winrzf32.dll (file missing)

Restart your computer to the safe mode:
  • Restart your computer
  • Start tapping the F8 key when the computer restarts.
  • When the start menu opens, choose Safe mode
  • Press Enter. The computer then begins to start in Safe mode.
Go to the My Computer and delete the following folders (if present):
H:\Program Files\PartyPoker
H:\Program Files\ipwins
H:\Program Files\Common Files\{383AD889-07D9-1033-0310-051124040001}

Run ATF Cleaner Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.

Close ALL open Windows / Programs / Folders. Please start AVG Anti-Spyware and run a full scan.
  • Click on Scanner on the toolbar.
  • Click on the Settings tab.
    • Under How to act?
      • Click on Recommended Action and choose Quarantine from the popup menu.
    • Under How to scan?
      • All checkboxes should be ticked.
    • Under Possibly unwanted software:
      • All checkboxes should be ticked.
    • Under Reports:
      • Select Automatically generate report after every scan and uncheck Only if threats were found.
    • Under What to scan?
      • Select Scan every file.
  • Click on the Scan tab.
  • Click on Complete System Scan to start the scan process.
  • Let the program scan the machine.
  • When the scan has finished, follow the instructions below.
    IMPORTANT : Don't click on the "Save Scan Report" button before you did hit the "Apply all Actions" button.
    • Make sure that Set all elements to: shows Quarantine (1), if not click on the link and choose Quarantine from the popup menu. (2)
    • At the bottom of the window click on the Apply all Actions button. (3)
      Posted Image
  • When done, click the Save Scan Report button. (4)
    • Click the Save Report as button.
    • Save the report to your Desktop.
  • Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
Reboot in Normal Mode.

================

When you're ready, please post the following logs to here:
- AVG's report
- a fresh HijackThis log

Edited by Mr_JAk3, 26 May 2007 - 02:38 PM.

UNITE & ASAP member since 2006
Posted Image
Posted Image

#13 theHeat

theHeat
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:29 AM

Posted 01 June 2007 - 10:05 PM

Whew, done and done! Thanks for those lengthy instructions!

AVG Log
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

 + Created at:	9:54:45 PM 5/31/2007

 + Scan result:	



C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Adware.Aws : Cleaned with backup (quarantined).
HKU\S-1-5-21-1957994488-616249376-839522115-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{052B12F7-86FA-4921-8482-26C42316B522} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\BufferZone\Virtual\Untrusted\SOFTWARE\Classes\CLSID\{a43385f0-7113-496d-96d7-b9b550e3fcca} -> Adware.Isearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\BufferZone\Virtual\Untrusted\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a43385f0-7113-496d-96d7-b9b550e3fcca} -> Adware.Isearch : Cleaned with backup (quarantined).
HKU\S-1-5-21-1957994488-616249376-839522115-500\Software\BufferZone\Virtual\Untrusted\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A43385F0-7113-496D-96D7-B9B550E3FCCA} -> Adware.Isearch : Cleaned with backup (quarantined).
HKU\S-1-5-21-1957994488-616249376-839522115-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A43385F0-7113-496D-96D7-B9B550E3FCCA} -> Adware.Isearch : Cleaned with backup (quarantined).
H:\VundoFix Backups\pybvwjsi.exe.bad -> Adware.Searchcolor : Cleaned with backup (quarantined).
H:\System Volume Information\_restore{B7F53A72-D69C-4BEE-9E7E-42E3638BFA84}\RP429\A0093760.dll -> Adware.Searchcolours : Cleaned with backup (quarantined).
H:\Program Files\Common Files\{683AD889-07D9-1033-0310-051124040001}\services.dll -> Adware.Softomate : Cleaned with backup (quarantined).
H:\Program Files\Common Files\{683AD889-07D9-1033-0310-051124040001}\system.dll -> Adware.Softomate : Cleaned with backup (quarantined).
H:\VundoFix Backups\urqpqpp.dll.bad -> Adware.Virtumonde : Cleaned with backup (quarantined).
H:\System Volume Information\_restore{B7F53A72-D69C-4BEE-9E7E-42E3638BFA84}\RP473\A0113967.exe -> Dropper.DollarR.b : Cleaned with backup (quarantined).
H:\john-16\run\john-k6.zip/john.exe -> Not-A-Virus.HackTool.Win32.John : Cleaned with backup (quarantined).
H:\john-16\run\john-mmx.zip/john.exe -> Not-A-Virus.HackTool.Win32.John : Cleaned with backup (quarantined).
H:\john-16\run\john.exe -> Not-A-Virus.HackTool.Win32.John : Cleaned with backup (quarantined).
H:\LCP\Data\pwdump2-orig\samdump.dll -> Not-A-Virus.PSWTool.Win32.PWDump.2 : Cleaned with backup (quarantined).
H:\Documents and Settings\Administrator\My Documents\pwdump.exe -> Not-A-Virus.PSWTool.Win32.PWDump.b : Cleaned with backup (quarantined).
H:\LCP\Data\pwdump3\pwservice.exe -> Not-A-Virus.PSWTool.Win32.PWDump3 : Cleaned with backup (quarantined).
H:\LCP\Data\pwdump3e\pwservice.exe -> Not-A-Virus.PSWTool.Win32.PWDump3 : Cleaned with backup (quarantined).
:mozilla.100:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.104:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.119:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.120:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.121:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.122:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.123:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.124:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.125:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.446:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.447:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.448:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.449:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.450:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.451:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.452:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.453:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.454:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.455:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.456:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.457:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.458:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.459:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.460:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.461:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.462:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.463:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.464:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.465:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.466:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.467:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.468:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.469:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.470:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.471:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.472:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.473:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.474:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.475:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.476:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.477:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.478:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.479:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.480:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.481:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.482:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.483:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.484:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.485:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.486:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.487:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.488:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.489:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.490:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.491:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.492:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.493:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.494:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.495:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.499:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.522:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.597:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.691:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.6:C:\Documents and Settings\Administrator\Application Data\Phoenix\Profiles\default\fwpi1cjk.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.72:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.74:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.75:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.77:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.780:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.78:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.79:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.7:C:\Documents and Settings\Administrator\Application Data\Phoenix\Profiles\default\fwpi1cjk.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.80:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.81:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.82:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.83:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.84:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.85:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.86:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.87:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.88:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.89:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.90:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.91:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.92:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.93:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.94:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.95:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.96:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.97:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.98:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.99:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@abetterinternet[2].txt -> TrackingCookie.Abetterinternet : Cleaned.
:mozilla.564:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Ad-flow : Cleaned.
:mozilla.130:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.131:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.180:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.504:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.276:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.277:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.280:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.777:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Admarketplace : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@www.adobe[1].txt -> TrackingCookie.Adobe : Cleaned.
:mozilla.260:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.261:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.262:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.266:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.267:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.268:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.490:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.491:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.492:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.493:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.494:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.31:C:\Documents and Settings\Administrator\Application Data\Phoenix\Profiles\default\fwpi1cjk.slt\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.32:C:\Documents and Settings\Administrator\Application Data\Phoenix\Profiles\default\fwpi1cjk.slt\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.40:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.41:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.42:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.43:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.45:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.46:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.47:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.48:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.50:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.51:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.52:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.53:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.54:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.55:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.56:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.576:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.577:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.578:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.61:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.644:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.645:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.709:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.710:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.36:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.37:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.38:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.39:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.40:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.431:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.432:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.433:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.434:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.435:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.436:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.437:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.438:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.439:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.440:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.441:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.442:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.443:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.444:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.445:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.446:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.447:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.448:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.449:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.450:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.451:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.452:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.453:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.454:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.455:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.456:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.457:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.458:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.459:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.460:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.461:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.462:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.463:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.464:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.465:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.466:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.467:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.468:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.469:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.470:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.471:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.472:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.473:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.474:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.475:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.476:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.477:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.478:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.479:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.480:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@servedby.advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.43:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.62:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.306:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.307:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.308:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.309:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.310:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.311:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.312:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.313:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.171:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.333:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.113:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.378:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.263:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.264:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.265:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.377:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.379:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.314:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.661:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.662:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.663:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.664:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.665:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.667:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.69:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Centrport : Cleaned.
:mozilla.71:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Centrport : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@cz8.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@ads.guardian.co[1].txt -> TrackingCookie.Co : Cleaned.
:mozilla.148:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.149:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.150:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.387:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.391:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@download.com[2].txt -> TrackingCookie.Com : Cleaned.
:mozilla.372:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Commission-junction : Cleaned.
:mozilla.373:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Commission-junction : Cleaned.
:mozilla.158:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.593:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@dealtime[2].txt -> TrackingCookie.Dealtime : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@stat.dealtime[1].txt -> TrackingCookie.Dealtime : Cleaned.
:mozilla.34:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.73:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.194:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.634:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.635:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.636:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.640:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.684:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.687:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.688:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.783:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@-1shz2prbmdj6wvny-1sez2pra2dj6wjkoalazglpw-1dj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@-1shz2prbmdj6wvny-1sez2pra2dj6wjl4cocpglow-1dj6x9ny-1seq-2-2.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@-1shz2prbmdj6wvny-1sez2pra2dj6wjny-1sczekoqqdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@y-1shz2prbmdj6wvny-1sez2pra2dj6wfkiagd5afogydj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@y-1shz2prbmdj6wvny-1sez2pra2dj6wfkosodjskpgydj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@y-1shz2prbmdj6wvny-1sez2pra2dj6wfkyakajsdqqmdj6x9ny-1seq-2-2.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkogocjokpgmdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkowmcjmgqaqdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkyahdzefqa2dj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkygnazckoqidj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkykhczelpawdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkyshcpiaoaudj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkysmcpsdpgidj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@y-1shz2prbmdj6wvny-1sez2pra2dj6wjl4qmczokowudj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlochajcdqqwdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlocjazofog2dj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlyepajchowqdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlyggdjshogsdj6x9ny-1seq-2-2.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@y-1shz2prbmdj6wvny-1sez2pra2dj6wjmyemdjafogidj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@y-1shz2prbmdj6wvny-1sez2pra2dj6wjnyoiczkbpgmdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@y-1shz2prbmdj6wvny-1sez2pra2dj6wjnyojc5skpqwdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@y-1shz2prbmdj6wvny-1sez2pra2dj6wjnyumazwaqqidj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@estat[1].txt -> TrackingCookie.Estat : Cleaned.
:mozilla.11:C:\Documents and Settings\Administrator\Application Data\Phoenix\Profiles\default\fwpi1cjk.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.202:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.296:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.297:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.298:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.299:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.300:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.301:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.302:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.303:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.304:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.305:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.35:C:\Documents and Settings\Administrator\Application Data\Phoenix\Profiles\default\fwpi1cjk.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.36:C:\Documents and Settings\Administrator\Application Data\Phoenix\Profiles\default\fwpi1cjk.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.37:C:\Documents and Settings\Administrator\Application Data\Phoenix\Profiles\default\fwpi1cjk.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.38:C:\Documents and Settings\Administrator\Application Data\Phoenix\Profiles\default\fwpi1cjk.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.397:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.39:C:\Documents and Settings\Administrator\Application Data\Phoenix\Profiles\default\fwpi1cjk.slt\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.552:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.553:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.554:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Falkag : Cleaned.
C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.121:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.122:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.44:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.49:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.57:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.58:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.59:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.60:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@hit.gemius[2].txt -> TrackingCookie.Gemius : Cleaned.
:mozilla.763:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.767:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.768:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.770:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.106:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.107:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.262:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.263:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.264:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.266:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.267:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.268:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.270:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.289:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.429:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.430:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.439:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.442:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.496:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.497:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.498:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.498:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.499:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.500:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.506:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.523:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.586:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.587:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.651:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.670:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.671:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.673:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.732:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.746:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@ehg.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.624:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.625:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.626:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.627:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.759:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.760:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.761:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.762:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.16:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.549:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.285:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.286:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.569:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.570:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.500:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Intelli-direct : Cleaned.
:mozilla.701:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Kmpads : Cleaned.
:mozilla.702:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Kmpads : Cleaned.
:mozilla.138:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.141:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.678:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Live : Cleaned.
:mozilla.679:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Live : Cleaned.
:mozilla.680:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Live : Cleaned.
:mozilla.335:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.336:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.337:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.611:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.612:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.714:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.715:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.716:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@sterling.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.15:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.17:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.32:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.33:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@search.msn[2].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@myaffiliateprogram[2].txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
:mozilla.177:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.383:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.384:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.385:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.48:C:\Documents and Settings\Administrator\Application Data\Phoenix\Profiles\default\fwpi1cjk.slt\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.49:C:\Documents and Settings\Administrator\Application Data\Phoenix\Profiles\default\fwpi1cjk.slt\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.588:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.589:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.590:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.322:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.361:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.413:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.414:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.415:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.669:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
:mozilla.250:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.292:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@www.paypal[2].txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.669:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.670:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.677:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.678:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.679:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.68:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.69:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.70:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.71:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.193:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.194:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.375:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.376:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.386:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.63:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.64:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.65:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.6:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\obimxa7v.slt\cookies.txt -> TrackingCookie.Real : Cleaned.
:mozilla.7:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\obimxa7v.slt\cookies.txt -> TrackingCookie.Real : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@real[1].txt -> TrackingCookie.Real : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@realguide.real[2].txt -> TrackingCookie.Real : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@realcastmedia[2].txt -> TrackingCookie.Realcastmedia : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@www.realcastmedia[2].txt -> TrackingCookie.Realcastmedia : Cleaned.
:mozilla.74:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.75:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.76:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.77:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.78:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.79:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.80:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.81:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.82:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.83:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.84:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.85:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.86:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.87:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.808:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.152:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.153:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.155:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.156:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.157:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.159:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.160:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.161:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.162:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.163:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.164:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.165:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.166:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.167:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.168:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.169:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.170:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.178:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.323:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.324:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.325:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.332:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.333:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.334:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.335:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.336:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.337:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.351:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.352:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.353:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.354:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.377:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.772:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@specificpop[1].txt -> TrackingCookie.Specificpop : Cleaned.
:mozilla.15:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.745:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.195:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.196:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.197:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.198:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.199:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.200:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.201:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.202:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.203:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.204:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.204:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.205:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.205:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.206:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.206:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.207:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.207:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.208:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.208:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.209:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.209:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.210:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.210:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.211:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.211:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.212:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.212:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.213:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.213:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.214:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.214:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.215:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.215:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.216:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.216:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.217:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.217:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.218:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.218:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.219:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.219:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.220:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.220:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.221:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.221:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.222:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.222:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.223:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.223:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.224:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.224:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.225:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.225:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.226:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.226:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.227:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.227:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.228:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.228:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.229:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.229:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.230:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.230:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.231:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.231:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.232:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.232:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.233:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.233:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.234:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.234:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.235:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.235:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.236:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.236:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.237:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.237:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.238:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.238:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.239:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.239:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.240:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.240:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.241:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.241:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.242:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.242:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.243:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.243:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.244:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.244:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.245:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.246:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.247:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.248:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.249:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.250:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.251:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.252:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.253:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.346:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.347:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.807:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@toplist[1].txt -> TrackingCookie.Toplist : Cleaned.
:mozilla.255:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.256:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.257:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@trafic[1].txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.145:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.28:C:\Documents and Settings\Administrator\Application Data\Phoenix\Profiles\default\fwpi1cjk.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.392:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.393:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.394:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.395:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.396:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.397:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.398:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.399:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.400:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.604:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.605:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.256:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.258:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.259:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.260:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@server3.web-stat[2].txt -> TrackingCookie.Web-stat : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@webstat[2].txt -> TrackingCookie.Web-stat : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@www.web-stat[2].txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.652:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.358:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.362:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.363:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.656:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@ads.x10[2].txt -> TrackingCookie.X10 : Cleaned.
:mozilla.17:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.332:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Yadro : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@yadro[2].txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.134:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.135:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.136:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.137:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.138:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.139:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Local Settings\Temp\Cookies\administrator@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.357:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.358:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.359:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.515:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.516:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.517:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.518:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.519:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.gae\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.612:C:\Virtual\Untrusted\H_\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\d7ehwwu7.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Administrator\Application Data\Opera\Opera75\profile\cache4\opr022GK.html -> Trojan.NoClose.i : Cleaned with backup (quarantined).


::Report end

Fresh HijackThis! Log
Logfile of HijackThis v1.99.1
Scan saved at 11:00:28 PM, on 6/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Sygate\SPF\smc.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
H:\Program Files\AntiVir PersonalEdition Classic\sched.exe
H:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
H:\Program Files\Alias\Maya6.5\docs\wrapper.exe
H:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
H:\Program Files\Alias\Maya6.5\docs\jre\bin\java.exe
H:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\Tablet.exe
H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\CTHELPER.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
H:\Program Files\Google\Gmail Notifier\gnotify.exe
H:\Program Files\iTunes\iTunesHelper.exe
H:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
H:\Program Files\iPod\bin\iPodService.exe
H:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
H:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
H:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
H:\Program Files\Microsoft IntelliType Pro\type32.exe
H:\Program Files\Microsoft IntelliPoint\point32.exe
H:\Program Files\WinFast\WFTVFM\WFWIZ.exe
H:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
H:\WINDOWS\system32\WTablet\TabUserW.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
H:\WINDOWS\system32\NOTEPAD.EXE
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Documents and Settings\Administrator\Desktop\HijackThis\Scanner.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 195.175.37.8:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - H:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
O4 - HKLM\..\Run: [NVMixerTray] "H:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [SmcService] H:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [CloneCDTray] "H:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] H:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [iTunesHelper] "H:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "H:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "H:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "H:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] H:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] H:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [type32] "H:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "H:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [WinFast Schedule] H:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [AVG7_CC] H:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [BufferZone] "H:\Program Files\BufferZone\CLIENTGUI.EXE" /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - Startup: Konfabulator.lnk.disabled
O4 - Startup: Xfire.lnk.disabled
O4 - Startup: Yahoo! Widget Engine.lnk.disabled
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = H:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = H:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = H:\WINDOWS\system32\WTablet\TabUserW.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://H:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - H:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - H:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - H:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {10093E98-C073-4C75-8D0E-FB5CD3A71D33} (ZoneUpwords Object) - http://messenger.zone.msn.com/binary/Upwords.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O18 - Protocol: bw+0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "H:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {32F8BBCB-2B09-40FA-BB9A-14CEDFC1A6CB} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - H:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - H:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Unknown owner - H:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" -win32service (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - H:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - H:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: app_filter - Unknown owner - H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: BufferZone Service (BufferZoneSvc) - Unknown owner - H:\Program Files\BufferZone\ClntSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - H:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Maya 6.5 Documentation Server (maya65docserver) - Unknown owner - H:\Program Files\Alias\Maya6.5\docs\wrapper.exe" -s "H:\Program Files\Alias\Maya6.5\docs\Wrapper.conf (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - H:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - H:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - H:\Program Files\Sygate\SPF\smc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - H:\WINDOWS\system32\Tablet.exe


#14 Mr_JAk3

Mr_JAk3

    HJT Team Member


  • Members
  • 527 posts
  • OFFLINE
  •  
  • Location:Finland
  • Local time:03:29 PM

Posted 03 June 2007 - 08:41 AM

Hello :thumbsup:

H:\john-16\run\john-k6.zip/john.exe -> Not-A-Virus.HackTool.Win32.John : Cleaned with backup (quarantined).
H:\john-16\run\john-mmx.zip/john.exe -> Not-A-Virus.HackTool.Win32.John : Cleaned with backup (quarantined).
H:\john-16\run\john.exe -> Not-A-Virus.HackTool.Win32.John : Cleaned with backup (quarantined).
H:\LCP\Data\pwdump2-orig\samdump.dll -> Not-A-Virus.PSWTool.Win32.PWDump.2 : Cleaned with backup (quarantined).
H:\Documents and Settings\Administrator\My Documents\pwdump.exe -> Not-A-Virus.PSWTool.Win32.PWDump.b : Cleaned with backup (quarantined).
H:\LCP\Data\pwdump3\pwservice.exe -> Not-A-Virus.PSWTool.Win32.PWDump3 : Cleaned with backup (quarantined).
H:\LCP\Data\pwdump3e\pwservice.exe -> Not-A-Virus.PSWTool.Win32.PWDump3 : Cleaned with backup (quarantined).

You have installed those?

1. Download this file - combofix.exe
2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
UNITE & ASAP member since 2006
Posted Image
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users