Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please Take A Look.


  • This topic is locked This topic is locked
18 replies to this topic

#1 TheGonK

TheGonK

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Location:Singapore
  • Local time:10:04 AM

Posted 07 February 2007 - 09:33 PM

Hi, whenever I start windows I get an error message saying that windows cannot find taskmgr.exe.
Thanks for your help.

Logfile of HijackThis v1.99.1
Scan saved at 10:26:55 AM, on 2/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\LClock\LClock.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\QCONSVC.EXE
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgwb.dat
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.762\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.np.edu.sg/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=localhost:8080;gopher=localhost:8080;http=localhost:8080;https=localhost:8080;socks=localhost:1080
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [S3TRAY2] S3Tray2.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] D:\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\ThinkPad\PkgMgr\\PkgMgr.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://download.windowsupdate.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {2B866353-E598-4403-8E4D-B871AB30DC55} (Speed Class) - http://www.pacific.net.sg/articles/files/1...file21ra4mh.cab
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://npsdmail1.np.edu.sg/iNotes6W.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase9602.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1154162423085
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - http://www-307.ibm.com/pc/support/IbmEgath.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15016/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = npstd.npnet.np.edu.sg
O17 - HKLM\Software\..\Telephony: DomainName = npstd.npnet.np.edu.sg
O17 - HKLM\System\CCS\Services\Tcpip\..\{5FFFCA94-E610-47C7-B989-89606CDBA41F}: NameServer = 192.169.34.181,203.120.90.40
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = npstd.npnet.np.edu.sg
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = npstd.npnet.np.edu.sg
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: QConGina - C:\WINDOWS\SYSTEM32\QConGina.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: QCONSVC - IBM Corp. - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

BC AdBot (Login to Remove)

 


#2 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 08 February 2007 - 05:28 AM

Welcome TheGonk :thumbsup:

You are using Download Accelerator Plus - DAP.
Be informed that it delivers popup/popunder ads,and tracks your internet usage.
You can find safer alternatives here: SpywareInfo 'Software Recommendations':
http://www.spywareinfo.com/downloads.php?cat=dlman#dlman
I strongly suggest to remove this program.
If you agree, go to Start > Control Panel > Add/Remove Programs and remove 'Download Accelerator' Plus if present,then reboot.

=====================

Please download/install AVG Anti-Spyware 7.5.

Please follow these instructions carefully.
Launch/start up AVG Anti-Spyware.
On the main page click the 'Update' tab,and then 'Start Update'.
Once the updates have been installed,do the following:
Select the 'Scanner' icon at the top of the screen, then select the 'Settings' tab.
Once in the 'Settings' screen,under 'How to act?',then under 'Set default action for detected malware to:', click on 'Recommended actions',then click on 'Quarantine'.
Under 'Reports' select 'Automatically generate report after every scan' and unselect 'Only if threats were found'.
Exit AVG Anti-Spyware,don't run the scan just yet.

You might want to print/copy the following as you need to be in Safe Mode from here on.

Reboot your computer into SAFE MODE" using the F8 method.
To do this,restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly.
A menu will appear with several options.
Use the arrow keys on your keyboard to navigate and select the option to run Windows in "Safe Mode".

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting 'Fix checked'.
Make sure all browser and all Windows Explorer windows are closed before fixing:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)

Still in Safe Mode launch AVG Anti-Spyware.
Click the 'Scanner' icon at the top.
To start the scan click on 'Complete System Scan'.
Please be patient,it takes a while for the scan to finish.

Once the scan is complete,do the following.
If AVG Anti-Spyware detected any infected objects:,click on 'Apply All Actions'.
Next click on 'Save Report'.
Copy and paste that report into your next reply.
The report can be found under the 'Reports' tab at the top.
Close AVG Anti-Spyware when you've done.
Reboot normally.

=====================

Please run the F-Secure online virus/spyware scan using Internet Explorer:
http://support.f-secure.com/enu/home/ols3.shtml
Follow the directions in the F-Secure page for proper Installation.
Accept the License Agreement.
Once the ActiveX installs,Click ‘Custom Scan’ and be sure the following are checked:
1.Scan whole System
2.Scan all files
3.Scan whole system for rootkits
4.Scan whole system for spyware
5.Scan inside archives
6.Use advanced heuristics
Once the download completes,the scan will begin automatically.
The scan will take some time to finish,so please be patient.
When the scan completes, click the ‘I want to decide item by item’ button.
For each item found,Select ‘Disinfect’ and click ‘Next’.
Click the ‘Show Report’ button,then copy and paste the entire report into your next reply.
Also post the AVG Anti Spyware report,the F-Secure report, and a new Hijackthis log
Posted Image
Posted Image

#3 TheGonK

TheGonK
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Location:Singapore
  • Local time:10:04 AM

Posted 08 February 2007 - 05:36 AM

Thanks for your reply RichieUK. I have posted on another thread some error messages that I receive.

I have been getting these 2 error messages.

I get this message on startup.
Posted Image
and
I get this message when I double click on a hard drive on my computer. I can access the drive by the address bar though.
Posted Image

I did a hijack this and posted the log here
http://www.bleepingcomputer.com/forums/t/80668/please-take-a-look/


Help is greatly appreciated.



#4 TheGonK

TheGonK
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Location:Singapore
  • Local time:10:04 AM

Posted 09 February 2007 - 04:55 AM

These are the reports. Thanks for your help :thumbsup:
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 8:57:02 PM 2/8/2007

+ Scan result:



D:\NeoRagex\NeoRageX v4.8.exe -> Backdoor.Sdbot : Cleaned.
:mozilla.880:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.881:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.10:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.11:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.128:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.12:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.132:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.133:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.13:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.14:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.15:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.16:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.17:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.18:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.19:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.20:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.21:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.22:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.23:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.24:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.25:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.27:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.28:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.29:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.30:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.315:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.31:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.32:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.33:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.34:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.34:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.35:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.35:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.36:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.37:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.38:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.39:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.6:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.7:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.882:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.883:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.884:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.885:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.886:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.887:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.888:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.889:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.890:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.891:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.892:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.893:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.894:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.895:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.896:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.897:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.898:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.899:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.8:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.900:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.901:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.902:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.903:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.904:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.905:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.906:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.907:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.908:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.909:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.910:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.911:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.912:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.913:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.914:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.915:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.916:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.9:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.53:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.54:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.55:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.58:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.636:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.743:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.744:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.745:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.746:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.102:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.103:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.104:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.105:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.52:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.53:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.930:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.931:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.100:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.60:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.61:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.62:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.63:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.64:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.65:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.66:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.67:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.68:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.69:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.70:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.71:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.72:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.73:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.74:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.75:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.76:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.77:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.78:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.79:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.80:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.81:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.82:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.83:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.84:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.85:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.86:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.87:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.88:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.89:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.90:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.91:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.92:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.93:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.94:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.95:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.96:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.97:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.98:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.99:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.101:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.166:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.195:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.581:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.582:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.104:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.105:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.156:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.157:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.44:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.45:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.46:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.109:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.110:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.111:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.112:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.113:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.45:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.46:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.47:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.48:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.49:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.50:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.50:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.554:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.558:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Co : Cleaned.
:mozilla.134:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.134:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.135:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.135:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.236:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.237:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.238:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.239:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.240:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.241:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.631:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.30:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.28:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.29:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.30:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.31:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.44:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.28:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.396:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.397:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.398:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.65:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.57:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.181:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.390:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.115:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.116:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.120:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.121:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.122:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.254:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.531:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
:mozilla.125:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.126:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.639:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.640:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.641:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.140:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.141:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.142:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.143:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.48:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.49:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.50:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.51:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.926:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.927:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.928:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.929:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.172:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.372:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.376:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.377:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.622:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.623:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.385:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.172:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.173:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.190:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.191:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.192:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.193:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.194:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.351:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.352:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.353:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.354:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.355:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.356:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.409:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.410:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.411:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.412:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.617:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.618:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.648:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.923:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.431:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.125:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.131:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.132:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.133:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.134:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.135:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.136:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.137:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.138:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.139:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.140:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.141:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.142:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.143:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.144:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.145:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.146:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.147:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.148:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.149:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.150:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.151:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.152:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.153:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.154:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.182:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.155:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.158:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.445:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.446:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.67:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.68:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.69:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.70:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.153:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned.
:mozilla.154:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned.
:mozilla.475:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.476:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.395:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.477:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.106:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.481:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.160:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.169:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.20:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.21:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.22:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.23:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.24:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.25:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.26:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.27:C:\Documents and Settings\s10025547\Application Data\Mozilla\Firefox\Profiles\0f2wugmw.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.32:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.33:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.34:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.35:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.36:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.37:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.550:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.551:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.552:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5j8lgpyq.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.71:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.74:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.75:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cryzpzpn.Default User\cookies.txt -> TrackingCookie.Zedo : Cleaned.


::Report end

Scanning Report
Friday, February 09, 2007 10:04:37 - 17:46:53

Computer name: S10025547
Scanning type: Scan system for viruses, rootkits, spyware
Target: C:\ D:\ E:\
Result: 2 malware found
Tracking Cookie (spyware)

* System (Disinfected)

iDonate.BHO (spyware)

* System (Disinfected)

Statistics
Scanned:

* Files: 1060279
* System: 6194
* Not scanned

#5 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 09 February 2007 - 05:03 AM

Warning:
If your computer was used for online banking or has credit card information on it, all passwords should be changed immediately to include those used for email, eBay and forums. You should consider them to be compromised. They should be changed by using a different computer and not the infected one. If not, an attacker may get the new passwords and transaction information. Banking and credit card institutions should be notified of the possible security breech.

==============

Please download Combofix and save to the desktop:
http://download.bleepingcomputer.com/sUBs/combofix.exe
http://www.techsupportforum.com/sectools/combofix.exe
Note:
It is important that it is saved directly to your desktop

Close any open browsers.
Double click on combofix.exe & follow the prompts.
When finished, it will produce a log.
Post the C:\ComboFix.txt in your next reply.
Note:
Do not mouseclick combofix's window whilst it's running.
That may cause the program to freeze/hang.


Reboot,post the C:\ComboFix.txt,and a new Hijackthis log in your next reply.
Also let me know how your pc is running now.
Posted Image
Posted Image

#6 TheGonK

TheGonK
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Location:Singapore
  • Local time:10:04 AM

Posted 09 February 2007 - 09:09 AM

Thanks for your help RichieUK :thumbsup: . I have changed the necessary passwords and I still get those error messages.

"Administrator" - 07-02-09 21:32:12 Service Pack 2
ComboFix 07-02-07 - Running from: "C:\Program Files\Mozilla Firefox"

((((((((((((((((((((((((((((((( Files Created from 2007-01-09 to 2007-02-09 ))))))))))))))))))))))))))))))))))


2007-02-08 18:42 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-02-07 23:03 <DIR> dr-h----- C:\$VAULT$.AVG
2007-02-07 22:39 12,288,436 --------- C:\AVG7QT.DAT
2007-02-07 22:38 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Application Data\AVG7
2007-02-07 22:37 839,936 --a------ C:\WINDOWS\system32\drivers\avg7core.sys
2007-02-07 22:37 4,960 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys
2007-02-07 22:37 4,224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys
2007-02-07 22:37 3,968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys
2007-02-07 22:37 27,776 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys
2007-02-07 22:37 18,432 --a------ C:\WINDOWS\system32\drivers\avgmfx86.sys
2007-02-07 22:37 <DIR> d-------- C:\Program Files\Grisoft
2007-02-07 22:37 <DIR> d-------- C:\DOCUME~1\LOCALS~1\Application Data\AVG7
2007-02-07 22:37 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Grisoft
2007-02-07 22:37 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\avg7
2007-01-24 13:17 <DIR> d-------- C:\Program Files\LClock
2007-01-22 16:29 <DIR> d-------- C:\Program Files\Windows Live Safety Center
2007-01-19 12:53 51,056 --a------ C:\WINDOWS\system32\sirenacm.dll
2007-01-18 23:29 <DIR> d-------- C:\Program Files\Microsoft Bootvis
2007-01-12 10:35 <DIR> d-------- C:\Program Files\Opera
2007-01-11 13:09 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Adobe
2007-01-11 11:46 <DIR> d-------- C:\WINDOWS\pss
2007-01-11 11:38 <DIR> d-------- C:\WINDOWS\ie7updates


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-02-09 21:39 -------- d-------- C:\Program Files\mozilla firefox
2007-02-07 22:37 -------- d---s---- C:\DOCUME~1\ADMINI~1\Application Data\microsoft
2007-02-07 20:13 -------- d-------- C:\Program Files\msn messenger
2007-02-07 13:50 -------- d-------- C:\Program Files\spywareblaster
2007-01-23 23:34 -------- d-------- C:\DOCUME~1\ADMINI~1\Application Data\hamachi
2007-01-21 21:32 17480 --a------ C:\WINDOWS\system32\drivers\hamachi.sys
2007-01-20 10:03 -------- d-------- C:\DOCUME~1\ADMINI~1\Application Data\utorrent
2007-01-11 13:07 -------- d-------- C:\DOCUME~1\ADMINI~1\Application Data\adobeum
2007-01-03 20:22 -------- d-------- C:\Program Files\winamp
2007-01-01 13:46 -------- d-------- C:\Program Files\java
2007-01-01 13:45 -------- d-------- C:\DOCUME~1\ADMINI~1\Application Data\azureus
2006-12-26 14:08 -------- d-------- C:\Program Files\trustix
2006-12-26 14:06 -------- d-------- C:\DOCUME~1\ADMINI~1\Application Data\comodo
2006-12-26 11:24 -------- d-------- C:\Program Files\daemon tools
2006-12-23 12:50 -------- d--h----- C:\Program Files\installshield installation information
2006-12-23 12:46 -------- d-------- C:\Program Files\ubisoft
2006-12-21 17:50 -------- d-------- C:\Program Files\ubi soft
2006-12-20 16:20 639224 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2006-12-20 13:50 -------- d-------- C:\Program Files\hamachi
2006-12-13 21:03 -------- d-------- C:\DOCUME~1\ADMINI~1\Application Data\dmcache
2006-12-12 18:03 -------- d-------- C:\DOCUME~1\ADMINI~1\Application Data\crystalspace
2006-12-12 18:03 -------- d-------- C:\DOCUME~1\ADMINI~1\Application Data\crystalapp
2006-12-11 15:23 -------- d-------- C:\Program Files\divx
2006-12-09 20:05 -------- d-------- C:\Program Files\creative
2006-12-04 22:50 402030 --a------ C:\WINDOWS\war3unin.dat
2006-12-04 22:46 2829 --a------ C:\WINDOWS\war3unin.pif
2006-12-04 22:46 139264 --a------ C:\WINDOWS\war3unin.exe


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Creative Detector"="D:\\Creative\\MediaSource\\Detector\\CTDetect.exe /R"
"Steam"=""
"LClock"="C:\\Program Files\\LClock\\LClock.exe"
"SpybotSD TeaTimer"="C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AutorunsDisabled]
"ibmmessages"="C:\\Program Files\\IBM\\Messages By IBM\\ibmmessages.exe"
"MessengerPlus3"="\"C:\\Program Files\\MessengerPlus! 3\\MsgPlus.exe\" /WinStart"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"S3TRAY2"="S3Tray2.exe"
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"TPKMAPHELPER"="C:\\Program Files\\ThinkPad\\Utilities\\TpKmapAp.exe -helper"
"TpShocks"="TpShocks.exe"
"TPHOTKEY"="C:\\PROGRA~1\\ThinkPad\\PkgMgr\\HOTKEY\\TPHKMGR.exe"
"TP4EX"="tp4ex.exe"
"UC_SMB"=""
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
@=""
"BMMLREF"="C:\\Program Files\\ThinkPad\\Utilities\\BMMLREF.EXE"
"BMMMONWND"="rundll32.exe C:\\PROGRA~1\\ThinkPad\\UTILIT~1\\BatInfEx.dll,BMMAutonomicMonitor"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_10\\bin\\jusched.exe\""
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\AutorunsDisabled]
"DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
"EZEJMNAP"="C:\\PROGRA~1\\ThinkPad\\UTILIT~1\\EzEjMnAp.Exe"
"ibmmessages"="C:\\Program Files\\IBM\\Messages By IBM\\\\ibmmessages.exe"
"IMEKRMIG6.1"="C:\\WINDOWS\\ime\\imkr6_1\\IMEKRMIG.EXE"
"IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"
"MSPY2002"="C:\\WINDOWS\\system32\\IME\\PINTLGNT\\ImScInst.exe /SYNC"
"PCSuiteTrayApplication"="C:\\PROGRA~1\\Nokia\\NOKIAP~1\\LAUNCH~1.EXE -startup"
"PHIME2002A"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName"
"PHIME2002ASync"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC"
"QCWLICON"="C:\\Program Files\\ThinkPad\\ConnectUtilities\\QCWLICON.EXE"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"Synchronization Manager"="%SystemRoot%\\system32\\mobsync.exe /logon"
"UC_Start"="C:\\Program Files\\IBM\\Updater\\\\ucstartup.exe"
"UpdateManager"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
"Task"="C:\\DOCUME~1\\ADMINI~1\\taskmgr.exe"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\QConGina

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0


[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46cd5b70-b305-11d9-9f26-0012f01842cc}]
Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Boot.exe e
Shell\Open\command I:\Boot.exe e

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a3d419c0-a6be-11db-bbea-0012f01842cc}]
Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Setup.pif

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{afd01d41-e549-11da-b9d7-0012f01842cc}]
Shell\Auto\command AdobeR.exe e
Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e0a1e247-641e-11db-bafd-0012f01842cc}]
Shell\Auto\command AdobeR.exe e
Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fbb319f0-ace5-11db-bbff-0012f01842cc}]
Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Boot.exe e
Shell\Open\command G:\Boot.exe e


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\BMMTask.job


********************************************************************

catchme 0.1 W2K/XP - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

********************************************************************

Completion time: 07-02-09 21:46:26


Logfile of HijackThis v1.99.1
Scan saved at 10:05:19 PM, on 2/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\QCONSVC.EXE
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\LClock\LClock.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.046\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=localhost:8080;gopher=localhost:8080;http=localhost:8080;https=localhost:8080;socks=localhost:1080
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [S3TRAY2] S3Tray2.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] D:\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\ThinkPad\PkgMgr\\PkgMgr.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://download.windowsupdate.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {2B866353-E598-4403-8E4D-B871AB30DC55} (Speed Class) - http://www.pacific.net.sg/articles/files/1...file21ra4mh.cab
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://npsdmail1.np.edu.sg/iNotes6W.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase9602.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1154162423085
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - http://www-307.ibm.com/pc/support/IbmEgath.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15016/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = npstd.npnet.np.edu.sg
O17 - HKLM\Software\..\Telephony: DomainName = npstd.npnet.np.edu.sg
O17 - HKLM\System\CCS\Services\Tcpip\..\{5FFFCA94-E610-47C7-B989-89606CDBA41F}: NameServer = 192.169.34.181,203.120.90.40
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = npstd.npnet.np.edu.sg
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = npstd.npnet.np.edu.sg
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: QConGina - C:\WINDOWS\SYSTEM32\QConGina.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: QCONSVC - IBM Corp. - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

#7 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 09 February 2007 - 09:37 AM

Copy and paste the following bold blue text below into Notepad.
Click on File(in the menu at the top)>Save as..Save as Type: 'All Files' File name: fix.reg to your desktop.
Then double click on the fix.reg file on your desktop and agree to merge it into the registry,then reboot.
==============================================
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
"Task"=-

==============================================

Download NGenFix:
http://download.norman.no/public/NGenFix.exe
Disconnect from the internet,close any running programs.
Disable your current antivirus program (don't forget to re-enable it once this scan has finished).
Double click on the NGenFix icon on your desktop.
There's no need to change any of the preconfigured scan selections in the top window [Scan areas].
Click on the 'Start scan' button.
Allow the scan to run until it's finished,don't cancel it,your pc will reboot if you do.
Restart your pc when it's finished.

==================

If you have the MS Windows XP install disk.
Click Start>Run,type sfc /scannow then press Ok.
Leave a space in between sfc and /scannow
Reboot when you've done.

Reboot when you've done,let me know whats happening now please.
Posted Image
Posted Image

#8 TheGonK

TheGonK
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Location:Singapore
  • Local time:10:04 AM

Posted 09 February 2007 - 11:18 PM

I followed what you've said but I still have the error messages.

Norman Generic Fix
Copyright © 1990 - 2007, Norman ASA. Built 2007/02/06 22:31:36

Norman Scanner Engine Version: 5.90.30
Nvcbin.def Version: 5.90.00, Date: 2007/02/06 22:31:36, Variants: 202204
Nvcmacro.def Version: 5.90.00, Date: 2007/02/06 22:31:36, Variants: 12
Running pre-scan cleanup routine:
Operating System: Microsoft Windows XP Professional 5.1.2600 Service Pack 2
Logged on user: S10025547\Administrator

Removed registry value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -> DisableRegistryTools = 0x00000000




Scanning running processes and process memory...

Number of processes/threads found: 2057
Number of processes/threads scanned: 2056
Number of processes/threads not scanned: 1
Number of infected processes/threads terminated: 0
Total scanning time: 25s


Scanning file system...

Scanning: C:\*.*

Scanning: D:\*.*

Scanning: E:\*.*


Running post-scan cleanup routine:


Number of files found: 150190
Number of archives unpacked: 0
Number of files scanned: 150132
Number of files not scanned: 58
Number of files skipped due to exclude list: 0
Number of infected files found: 0
Number of infected files repaired/deleted: 0
Number of infections removed: 0
Total scanning time: 37m 44s

Edited by TheGonK, 10 February 2007 - 12:48 AM.


#9 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 10 February 2007 - 05:10 AM

Download Registry Search Tool:
http://billsway.com/vbspage/
Unzip the contents of RegSrch.zip to a convenient location.
Double-click on RegSrch.vbs
If you have an anti-virus installed it might prompt you about a running script.
Please ignore this warning and allow the script to run.
In the "Enter search string (case insensitive) and click OK..." box, paste in the following below:
taskmgr.exe
Click "OK" to search the registry for that string.
Wait for a few minutes while it completes the search.
Click "OK" to open the results in WordPad.
Copy and paste the entire results into your next reply.
Posted Image
Posted Image

#10 TheGonK

TheGonK
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Location:Singapore
  • Local time:10:04 AM

Posted 10 February 2007 - 08:25 AM

REGEDIT4
; RegSrch.vbs © Bill James

; Registry search results for string "taskmgr.exe" 2/10/2007 9:20:50 PM

; NOTE: This file will be deleted when you close WordPad.
; You must manually save this file to a new location if you want to refer to it again later.
; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.)


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\MUILanguages\RCV2\taskmgr.exe]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Nls\MUILanguages\RCV2\taskmgr.exe]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\MUILanguages\RCV2\taskmgr.exe]

[HKEY_USERS\S-1-5-21-4264649163-3238835185-2771580065-500\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="C:\\WINDOWS\\Explorer.exe C:\\DOCUME~1\\ADMINI~1\\taskmgr.exe"

Thank you once again :thumbsup:

#11 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 10 February 2007 - 09:35 AM

Copy and paste the following bold blue text below into Notepad.
Click on File(in the menu at the top)>Save as..Save as Type: 'All Files' File name: fix.reg to your desktop.
Then double click on the fix.reg file on your desktop and agree to merge it into the registry,then reboot.
==============================================
Windows Registry Editor Version 5.00

[HKEY_USERS\S-1-5-21-4264649163-3238835185-2771580065-500\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="C:\\WINDOWS\\Explorer.exe"

==============================================


Download and cleanup the registry using the last freeware version of JV16 PowerTools:
http://www.oldversion.com/download.php?idl...ecc80fd9d36f9c1
Let me know how you get on please.

Edited by RichieUK, 10 February 2007 - 09:49 AM.

Posted Image
Posted Image

#12 TheGonK

TheGonK
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Location:Singapore
  • Local time:10:04 AM

Posted 11 February 2007 - 03:32 AM

I followed your instructions and now I do not have the taskmgr error message but I still have the boot.exe error message

#13 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 11 February 2007 - 09:44 AM

I get this message when I double click on a hard drive on my computer. I can access the drive by the address bar though.


Would that be when clicking on drives G:\ or I:\
Posted Image
Posted Image

#14 TheGonK

TheGonK
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Location:Singapore
  • Local time:10:04 AM

Posted 11 February 2007 - 09:00 PM

That would be clicking on drive E:\, a partition of my hard drive.

#15 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 11 February 2007 - 09:06 PM

Copy and paste the following bold blue text below into Notepad.
Click on File(in the menu at the top)>Save as..Save as Type: 'All Files' File name: fix.reg to your desktop.
Then double click on the fix.reg file on your desktop and agree to merge it into the registry,then reboot.
==============================================
Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46cd5b70-b305-11d9-9f26-0012f01842cc}\Shell]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fbb319f0-ace5-11db-bbff-0012f01842cc}\Shell]

==============================================
Posted Image
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users