 |
 |
| Reply to guy who needs help |
| 
efekt101
New Member
Date Joined Feb 2008
Total Posts : 36
| Posted 7-7-2008 12:12 (GMT +2) |   | when i run lspfix webhandler not in there no more. i ran adaware and the superantispyware u told me to dl. heres new hijack log but i know my computer is still very infected. it keeps going to blue screen and says my computer is very infected.
aLogfile of HijackThis v1.99.1
Scan saved at 3:10:35 PM, on 7/6/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\uoyzsydz.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\All Users\Application Data\fmdilwru\xwdgbmrq.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\WINDOWS\LTMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\igfxtray.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\gearsec.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\sfsnsrox.exe
C:\Documents and Settings\Owner\Desktop\hijackthis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qus10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-qus10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qus10.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\uoyzsydz.exe,
O2 - BHO: (no name) - {00110011-4b0b-44d5-9718-90c88817369b} - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Common\ycomp5,1,1,0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {086ae192-23a6-48d6-96ec-715f53797e85} - (no file)
O2 - BHO: (no name) - {150fa160-130d-451f-b863-b655061432ba} - (no file)
O2 - BHO: (no name) - {17da0c9e-4a27-4ac5-bb75-5d24b8cdb972} - (no file)
O2 - BHO: (no name) - {1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1} - (no file)
O2 - BHO: (no name) - {1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2} - (no file)
O2 - BHO: (no name) - {2d38a51a-23c9-48a1-a33c-48675aa2b494} - (no file)
O2 - BHO: (no name) - {2e9caff6-30c7-4208-8807-e79d4ec6f806} - (no file)
O2 - BHO: (no name) - {467faeb2-5f5b-4c81-bae0-2a4752ca7f4e} - (no file)
O2 - BHO: (no name) - {5321e378-ffad-4999-8c62-03ca8155f0b3} - (no file)
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {587dbf2d-9145-4c9e-92c2-1f953da73773} - (no file)
O2 - BHO: (no name) - {6cc1c91a-ae8b-4373-a5b4-28ba1851e39a} - (no file)
O2 - BHO: (no name) - {79369d5c-2903-4b7a-ade2-d5e0dee14d24} - (no file)
O2 - BHO: (no name) - {799a370d-5993-4887-9df7-0a4756a77d00} - (no file)
O2 - BHO: (no name) - {98dbbf16-ca43-4c33-be80-99e6694468a4} - (no file)
O2 - BHO: (no name) - {a55581dc-2cdb-4089-8878-71a080b22342} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {b847676d-72ac-4393-bfff-43a1eb979352} - (no file)
O2 - BHO: (no name) - {bc97b254-b2b9-4d40-971d-78e0978f5f26} - (no file)
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765721306} - (no file)
O2 - BHO: (no name) - {e2ddf680-9905-4dee-8c64-0a5de7fe133c} - (no file)
O2 - BHO: (no name) - {e3eebbe8-9cab-4c76-b26a-747e25ebb4c6} - (no file)
O2 - BHO: (no name) - {e7afff2a-1b57-49c7-bf6b-e5123394c970} - (no file)
O2 - BHO: (no name) - {fcaddc14-bd46-408a-9842-cdbe1c6d37eb} - (no file)
O2 - BHO: (no name) - {fd9bc004-8331-4457-b830-4759ff704c22} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O2 - BHO: (no name) - {ff1bf4c7-4e08-4a28-a43f-9d60a9f7a880} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5,1,1,0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [SMrhc36oj0eedv] C:\Program Files\rhc36oj0eedv\rhc36oj0eedv.exe
O4 - HKLM\..\Run: [{39ed34db-d875-a077-10eb-13fb0d2c27ea}] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\xkjmglcpnkhyjwb.dll" DllStart
O4 - HKLM\..\Run: [lphc76oj0eedv] C:\WINDOWS\system32\lphc76oj0eedv.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [bzfuqspe] C:\WINDOWS\system32\bwbgtmvo.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Microsoft Windows Installer] C:\Documents and Settings\Owner\Application Data\Microsoft\dtsc\21798.exe
O4 - HKCU\..\Run: [ieoodjwv] C:\WINDOWS\system32\sfsnsrox.exe
O4 - Startup: Deewoo.lnk = C:\WINDOWS\system32\lcntmkdn.exe
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\jlwnw64n.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O21 - SSODL: ComHlp - {59F18BC1-178F-1E26-FAC0-03821CB3454F} - C:\Program Files\nvtkmz\ComHlp.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Gear Security Service (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Plug and Play (RPC) (PlugPlayRPC) - Unknown owner - C:\WINDOWS\portsv.exe (file missing)
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe | | Back to Top | | |
|
efekt101
New Member
Date Joined Feb 2008
Total Posts : 36
| Posted 7-7-2008 10:59 (GMT +2) | | combo logg
ComboFix 08-07-05.1 - Owner 2008-07-07 1:37:42.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.264 [GMT -7:00]
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt
C:\Documents and Settings\Owner\Application Data\Microsoft\dtsc
C:\Documents and Settings\Owner\Application Data\Microsoft\dtsc\s
C:\Documents and Settings\Owner\Application Data\rhc36oj0eedv
C:\Program Files\RcvSystem
C:\Program Files\RcvSystem\httpdchk.dll
C:\Program Files\rhc36oj0eedv
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\temp\tn3
C:\WINDOWS\444.471
C:\WINDOWS\accesss.exe
C:\WINDOWS\astctl32.ocx
C:\WINDOWS\avpcc.dll
C:\WINDOWS\BM3fe4dd61.txt
C:\WINDOWS\clrssn.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\cpan.dll
C:\WINDOWS\ctfmon32.exe
C:\WINDOWS\ctrlpan.dll
C:\WINDOWS\default.htm
C:\WINDOWS\directx32.exe
C:\WINDOWS\dnsrelay.dll
C:\WINDOWS\editpad.exe
C:\WINDOWS\explore.exe
C:\WINDOWS\explorer32.exe
C:\WINDOWS\funniest.exe
C:\WINDOWS\funny.exe
C:\WINDOWS\gfmnaaa.dll
C:\WINDOWS\helpcvs.exe
C:\WINDOWS\IA
C:\WINDOWS\IA\asappsrv.dll
C:\WINDOWS\IA\command.exe
C:\WINDOWS\IA\KE.vbs
C:\WINDOWS\iedll.exe
C:\WINDOWS\iexplorer.exe
C:\WINDOWS\inetinf.exe
C:\WINDOWS\internet.exe
C:\WINDOWS\lfn.exe
C:\WINDOWS\loader.exe
C:\WINDOWS\mainms.vpi
C:\WINDOWS\megavid.cdt
C:\WINDOWS\msconfd.dll
C:\WINDOWS\msspi.dll
C:\WINDOWS\mssys.exe
C:\WINDOWS\msupdate.exe
C:\WINDOWS\mswsc10.dll
C:\WINDOWS\mswsc20.dll
C:\WINDOWS\mtwirl32.dll
C:\WINDOWS\muotr.so
C:\WINDOWS\notepad32.exe
C:\WINDOWS\olehelp.exe
C:\WINDOWS\pskt.ini
C:\WINDOWS\qttasks.exe
C:\WINDOWS\quicken.exe
C:\WINDOWS\rundll16.exe
C:\WINDOWS\rundll32.vbe
C:\WINDOWS\searchword.dll
C:\WINDOWS\sistem.exe
C:\WINDOWS\svchost32.exe
C:\WINDOWS\svcinit.exe
C:\WINDOWS\systeem.exe
C:\WINDOWS\system32\blphc76oj0eedv.scr
C:\WINDOWS\system32\hljwugsf.bin
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\systemcritical.exe
C:\WINDOWS\time.exe
C:\WINDOWS\users32.exe
C:\WINDOWS\waol.exe
C:\WINDOWS\win32e.exe
C:\WINDOWS\win64.exe
C:\WINDOWS\winajbm.dll
C:\WINDOWS\window.exe
C:\WINDOWS\winmgnt.exe
C:\WINDOWS\x.exe
C:\WINDOWS\xplugin.dll
C:\WINDOWS\xxxvideo.hta
C:\WINDOWS\y.exe
.
---- Previous Run -------
.
C:\WINDOWS\pskt.ini
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_MSSECURITY1.209.4
((((((((((((((((((((((((( Files Created from 2008-06-07 to 2008-07-07 )))))))))))))))))))))))))))))))
.
2008-07-05 22:35 . 2008-07-05 22:35 <DIR> d-------- C:\Program Files\Lavasoft
2008-07-05 21:00 . 2008-07-05 22:25 <DIR> d-------- C:\WINDOWS\system32\2210
2008-07-05 20:50 . 2008-07-05 20:50 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Aim
2008-07-05 20:04 . 2006-08-21 02:14 128,896 -----c--- C:\WINDOWS\system32\dllcache\fltmgr.sys
2008-07-05 20:04 . 2006-08-21 02:14 23,040 -----c--- C:\WINDOWS\system32\dllcache\fltmc.exe
2008-07-05 20:04 . 2006-08-21 05:21 16,896 -----c--- C:\WINDOWS\system32\dllcache\fltlib.dll
2008-07-05 19:32 . 2008-07-05 19:32 <DIR> d-------- C:\WINDOWS\system32\olixds06
2008-07-05 19:32 . 2008-07-05 19:32 <DIR> d-------- C:\temp\stmpv4
2008-07-05 19:32 . 2008-07-05 19:32 64,317 --a------ C:\WINDOWS\system32\fuauagmsbvkpkmisi.exe
2008-07-05 19:31 . 2008-07-05 19:31 <DIR> d-------- C:\Program Files\nvtkmz
2008-07-05 19:31 . 2008-07-06 01:54 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\uTorrent
2008-07-05 19:31 . 2008-07-05 19:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\fmdilwru
2008-07-05 19:31 . 2008-07-05 19:31 63,909 --a------ C:\WINDOWS\system32\{f3a67f7d-8840-6ac1-4327-da3bb4a516b7}.dll-uninst.exe
2008-07-05 19:30 . 2008-07-05 19:31 <DIR> d-------- C:\Program Files\uTorrent
2008-07-05 19:30 . 2008-07-05 19:30 89,561 --a------ C:\WINDOWS\system32\uoyzsydz.exe
2008-07-05 17:15 . 2008-06-13 06:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-07-05 17:14 . 2007-07-09 06:09 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2008-07-05 17:04 . 2006-06-14 01:47 172,416 -----c--- C:\WINDOWS\system32\dllcache\kmixer.sys
2008-07-05 17:04 . 2006-06-14 02:00 82,944 -----c--- C:\WINDOWS\system32\dllcache\wdmaud.sys
2008-07-05 17:04 . 2006-06-14 01:47 6,400 -----c--- C:\WINDOWS\system32\dllcache\splitter.sys
2008-07-04 22:08 . 2008-07-04 22:08 32,768 --a------ C:\WINDOWS\system32\olixds06\olixds061083.exe
2008-07-03 10:07 . 2008-07-03 10:07 <DIR> d-------- C:\Program Files\MagicISO
2008-07-02 21:04 . 2008-07-02 21:04 <DIR> d-------- C:\Program Files\D-Tools
2008-07-02 21:04 . 2004-08-22 16:31 155,136 --a------ C:\WINDOWS\system32\drivers\d347bus.sys
2008-07-02 21:04 . 2004-08-22 16:31 5,248 --a------ C:\WINDOWS\system32\drivers\d347prt.sys
2008-07-01 22:09 . 2008-07-01 22:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Azureus
2008-07-01 22:08 . 2008-07-04 14:10 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Azureus
2008-07-01 22:04 . 2008-07-01 22:05 <DIR> d-------- C:\Program Files\Vuze
2008-07-01 21:55 . 2008-07-02 05:16 717,296 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-07-01 01:37 . 2008-07-06 01:49 <DIR> d-------- C:\Program Files\Warcraft III
2008-06-26 01:36 . 2004-08-20 15:50 159,744 --a------ C:\WINDOWS\system32\igfxres.dll
2008-06-26 00:06 . 2004-08-03 23:15 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2008-06-26 00:06 . 2004-08-03 23:07 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2008-06-24 16:43 . 2008-06-24 16:43 <DIR> d-------- C:\Program Files\Common Files\INCA Shared
2008-06-24 16:43 . 2003-07-17 02:17 5,174 --a------ C:\WINDOWS\system32\nppt9x.vxd
2008-06-24 16:43 . 2004-12-31 17:43 4,682 --a------ C:\WINDOWS\system32\npptNT2.sys
2008-06-24 15:22 . 2008-06-24 15:22 <DIR> d-------- C:\Program Files\NHN USA
2008-06-24 15:22 . 2008-06-24 15:22 <DIR> d-------- C:\ijji
2008-06-24 15:22 . 2008-06-24 16:41 <DIR> d--h----- C:\Documents and Settings\Owner\Application Data\ijjigame
2008-06-24 15:22 . 2008-06-17 19:28 710,064 --a------ C:\WINDOWS\system32\ijjiSetup.exe
2008-06-24 15:22 . 2008-06-11 23:01 58,800 --a------ C:\WINDOWS\system32\ijjiPlugin2.dll
2008-06-22 20:24 . 2004-08-04 00:56 148,480 --------- C:\WINDOWS\system32\wscui.cpl
2008-06-22 20:24 . 2004-08-04 00:56 129,536 --------- C:\WINDOWS\system32\xmlprov.dll
2008-06-22 20:24 . 2004-08-04 00:56 108,032 --------- C:\WINDOWS\system32\wshbth.dll
2008-06-22 20:24 . 2004-08-04 00:56 81,408 --------- C:\WINDOWS\system32\wscsvc.dll
2008-06-22 20:24 . 2004-08-04 00:56 50,176 --------- C:\WINDOWS\system32\xmlprovi.dll
2008-06-22 20:24 . 2004-08-04 00:56 13,824 --------- C:\WINDOWS\system32\wscntfy.exe
2008-06-22 20:22 . 2004-08-03 22:41 404,990 --------- C:\WINDOWS\system32\drivers\slntamr.sys
2008-06-22 20:21 . 2004-08-04 00:56 4,274,816 --------- C:\WINDOWS\system32\nv4_disp.dll
2008-06-22 20:20 . 2004-08-04 00:56 118,784 --------- C:\WINDOWS\system32\msdadiag.dll
2008-06-22 20:19 . 2004-08-03 22:41 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2008-06-22 20:18 . 2008-06-13 06:10 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-22 20:17 . 2004-08-04 00:56 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll
2008-06-22 16:58 . 2005-10-20 15:20 1,082,368 --a------ C:\WINDOWS\system32\esent.dll
2008-06-22 16:04 . 2008-06-22 16:04 <DIR> d-------- C:\WINDOWS\system32\bits
2008-06-22 16:03 . 2005-06-28 10:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-06-22 15:33 . 2004-08-04 00:56 351,232 --a------ C:\WINDOWS\system32\winhttp.dll
2008-06-22 15:33 . 2004-08-04 00:56 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2008-06-22 15:33 . 2004-08-04 00:56 8,192 --------- C:\WINDOWS\system32\bitsprx2.dll
2008-06-22 15:33 . 2004-08-04 00:56 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2008-06-22 15:24 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2008-06-22 15:24 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2008-06-22 15:24 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-06-22 15:24 . 2007-07-30 19:19 203,096 --a------ C:\WINDOWS\system32\wuweb.dll
2008-06-22 15:24 . 2004-08-03 14:03 186,136 --a------ C:\WINDOWS\system32\wuaueng1.dll
2008-06-22 15:24 . 2004-08-03 14:01 167,704 --a------ C:\WINDOWS\system32\wuauclt1.exe
2008-06-22 15:24 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll
2008-06-22 12:22 . 2008-06-22 12:22 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-22 12:22 . 2008-06-22 12:22 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-18 18:06 . 2002-08-29 03:41 150,528 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-06-18 18:06 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-06-18 18:06 . 2001-08-17 22:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-06-16 16:47 . 2004-08-04 00:56 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-06-16 16:45 . 2008-06-16 16:45 <DIR> d-------- C:\WINDOWS\system32\QuickTime
2008-06-16 16:45 . 2008-06-22 12:22 9,533 --a------ C:\WINDOWS\system32\QuickTime.qtp
2008-06-16 13:46 . 2008-06-16 13:46 3,762 -rahs---- C:\WINDOWS\system32\drivers\HP_DW255A-ABA SR1020N NA510_YC_Pres_QMXK410_E42NAheREG3_4_IGamila Giovani Neon series_SMICRO-STAR INTERNATIONAL CO., LTD_V030_B3.08_T040225_WXH1_L409_M504_J80_7Intel_8Celeron_92.8_1_N10EC8139_P_Z11C1044C_K_A808624C5.MRK
2008-06-16 13:43 . 2004-01-27 07:18 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\WINDOWS
2008-06-16 13:39 . 2004-08-03 23:14 52,736 --a------ C:\WINDOWS\system32\drivers\i8042prt.sys
2008-06-16 13:39 . 2004-08-03 22:58 24,576 --a------ C:\WINDOWS\system32\drivers\kbdclass.sys
2008-06-16 13:37 . 2001-08-17 13:48 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-06-16 13:37 . 2001-08-17 14:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-06-16 12:12 . 2008-07-06 16:27 <DIR> dr-hsc--- C:\WINDOWS\system32\dllcache
2008-06-09 19:25 . 2008-06-09 19:25 <DIR> d-------- C:\Program Files\Apple Software Update
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-06 08:53 --------- d-----w C:\Program Files\Twain
2008-07-06 05:58 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-07-06 05:58 --------- d-----w C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
2008-07-06 05:55 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-07-06 05:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-24 22:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-24 18:56 --------- d-----w C:\Program Files\DivX
2008-06-17 06:46 28,256 ----a-w C:\WINDOWS\system32\drivers\MxlW2k.sys
2008-06-16 23:45 --------- d-----w C:\Program Files\QuickTime
2008-06-16 23:11 --------- d-----w C:\Program Files\Google
2008-06-16 21:40 3,888 ----a-w C:\WINDOWS\viassary-hp.reg
2008-06-16 21:39 --------- d-----w C:\Program Files\Easy Internet signup
2008-06-15 22:48 --------- d-----w C:\Documents and Settings\Owner\Application Data\LimeWire
2008-06-11 16:53 --------- d-----w C:\Program Files\AIM
2008-05-27 16:39 --------- d-----w C:\Documents and Settings\Owner\Application Data\Apple Computer
2008-05-26 19:29 --------- d-----w C:\Program Files\The KMPlayer
2008-05-22 22:20 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-05-22 22:20 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-05-16 18:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-05-14 01:49 --------- d-----w C:\Program Files\Sun
2008-05-14 01:43 --------- d-----w C:\Program Files\LimeWire
2008-05-14 01:26 --------- d-----w C:\Program Files\iTunes
2008-05-14 01:26 --------- d-----w C:\Program Files\iPod
2008-05-14 01:25 --------- d-----w C:\Program Files\Bonjour
2008-05-14 01:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-05-14 01:21 --------- d-----w C:\Program Files\Common Files\Apple
2008-05-14 01:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 07:05 --------- d-----w C:\Program Files\Absolute Poker
2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2008-04-22 15:23 37,376 ----a-w C:\WINDOWS\mrofinu572.exe
2008-04-22 15:16 37,376 ----a-w C:\WINDOWS\mrofinu572.exe.tmp
2008-04-22 15:16 37,376 ----a-w C:\WINDOWS\mrofinu1000106.exe
2008-04-21 07:04 659,456 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-14 21:43 74,240 ----a-w C:\WINDOWS\b156.exe
2008-04-14 15:08 46,592 ----a-w C:\WINDOWS\b157.exe
2008-04-11 11:48 11,264 ----a-w C:\WINDOWS\b138.exe
2008-04-08 20:33 68,096 ----a-w C:\WINDOWS\b155.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIM"="C:\Program Files\AIM\aim.exe" [2006-08-01 15:35 67112]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-06-16 16:11 171448]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-28 10:33 1506544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 17:04 52736]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2004-08-20 15:51 118784]
"HPHUPD05"="c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [2003-08-21 04:23 49152]
"HPHmon05"="C:\WINDOWS\System32\hphmon05.exe" [2003-08-21 04:15 483328]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2003-11-03 17:50 221184]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-06-16 16:45 98304]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2004-08-20 15:55 155648]
"LTMSG"="LTMSG.exe" [2003-07-14 18:52 40960 C:\WINDOWS\ltmsg.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"04yAYIz21U"="C:\Documents and Settings\All Users\Application Data\fmdilwru\xwdgbmrq.exe" [2008-07-05 19:31 61440]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Quicken Scheduled Updates.lnk - C:\Program Files\Quicken\bagent.exe [2003-07-30 05:49:48 57344]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"ComHlp"= {59F18BC1-178F-1E26-FAC0-03821CB3454F} - C:\Program Files\nvtkmz\ComHlp.dll [2008-07-05 19:31 106496]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Compaq Connections\\1940576\\Program\\BackWeb-1940576.exe"=
"C:\\Program Files\\AIM\\aim.exe"=
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
S2 PlugPlayRPC;Plug and Play (RPC);C:\WINDOWS\portsv.exe service []
.
Contents of the 'Scheduled Tasks' folder
"2008-06-29 03:41:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-06-16 21:39:57 C:\WINDOWS\Tasks\Easy Internet Sign-up.job"
- C:\Program Files\Easy Internet signup\HPSdpApp.exe
"2008-06-14 03:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer.job"
- c:\PROGRA~1\NORTON~1\Navw32.exeh/task:
"2004-01-28 08:26:59 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
"2008-06-02 09:00:00 C:\WINDOWS\Tasks\wrSpySweeperTrialSweep.job"
- C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe&/ScheduleSweep=wrSpySweeperTrialSweep
- C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.ex
- A:\
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-bzfuqspe - C:\WINDOWS\system32\bwbgtmvo.exe
HKCU-Run-ieoodjwv - C:\WINDOWS\system32\sfsnsrox.exe
HKLM-Run-SMrhc36oj0eedv - C:\Program Files\rhc36oj0eedv\rhc36oj0eedv.exe
HKLM-Run-{39ed34db-d875-a077-10eb-13fb0d2c27ea} - C:\WINDOWS\system32\xkjmglcpnkhyjwb.dll
HKLM-Run-VTTimer - VTTimer.exe
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-07 01:45:56
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\gearsec.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\imapi.exe
.
**************************************************************************
.
Completion time: 2008-07-07 1:54:19 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-07 08:54:06
ComboFix2.txt 2008-04-16 07:13:35
ComboFix3.txt 2008-04-16 03:54:58
ComboFix4.txt 2008-02-27 11:54:47
Pre-Run: 57,983,131,648 bytes free
Post-Run: 58,518,233,088 bytes free
309 --- E O F --- 2008-07-06 23:27:58
here my superantispyware logg
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 07/06/2008 at 01:51 AM
Application Version : 4.15.1000
Core Rules Database Version : 3497
Trace Rules Database Version: 1488
Scan type : Complete Scan
Total Scan Time : 02:48:39
Memory items scanned : 377
Memory threats detected : 9
Registry items scanned : 5137
Registry threats detected : 81
File items scanned : 22093
File threats detected : 295
Adware.webHancer
C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WEBHDLL.DLL
C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WEBHDLL.DLL
C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WHIEHLPR.DLL
C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WHIEHLPR.DLL
C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WHAGENT.EXE
C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WHAGENT.EXE
[webHancer Agent] C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WHAGENT.EXE
HKLM\Software\Classes\CLSID\{c900b400-cdfe-11d3-976a-00e02913a9e0}
HKCR\CLSID\{C900B400-CDFE-11D3-976A-00E02913A9E0}
HKCR\CLSID\{C900B400-CDFE-11D3-976A-00E02913A9E0}
HKCR\CLSID\{C900B400-CDFE-11D3-976A-00E02913A9E0}\InprocServer32
HKCR\CLSID\{C900B400-CDFE-11D3-976A-00E02913A9E0}\InprocServer32#ThreadingModel
HKCR\CLSID\{C900B400-CDFE-11D3-976A-00E02913A9E0}\ProgID
HKCR\CLSID\{C900B400-CDFE-11D3-976A-00E02913A9E0}\Programmable
HKCR\CLSID\{C900B400-CDFE-11D3-976A-00E02913A9E0}\VersionIndependentProgID
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c900b400-cdfe-11d3-976a-00e02913a9e0}
SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001
SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002
SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003
SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004
SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000022
HKCR\WhIeHelperObj.WhIeHelperObj
HKCR\WhIeHelperObj.WhIeHelperObj\CurVer
HKCR\WhIeHelperObj.WhIeHelperObj.1
HKCR\WhIeHelperObj.WhIeHelperObj.1\CLSID
HKCR\Interface\{C89435B0-CDFE-11D3-976A-00E02913A9E0}
HKCR\Interface\{C89435B0-CDFE-11D3-976A-00E02913A9E0}\ProxyStubClsid
HKCR\Interface\{C89435B0-CDFE-11D3-976A-00E02913A9E0}\ProxyStubClsid32
HKCR\Interface\{C89435B0-CDFE-11D3-976A-00E02913A9E0}\TypeLib
HKCR\Interface\{C89435B0-CDFE-11D3-976A-00E02913A9E0}\TypeLib#Version
HKCR\TypeLib\{C8CB3870-CDFE-11D3-976A-00E02913A9E0}
HKCR\TypeLib\{C8CB3870-CDFE-11D3-976A-00E02913A9E0}\1.0
HKCR\TypeLib\{C8CB3870-CDFE-11D3-976A-00E02913A9E0}\1.0\0
HKCR\TypeLib\{C8CB3870-CDFE-11D3-976A-00E02913A9E0}\1.0\0\win32
HKCR\TypeLib\{C8CB3870-CDFE-11D3-976A-00E02913A9E0}\1.0\FLAGS
HKCR\TypeLib\{C8CB3870-CDFE-11D3-976A-00E02913A9E0}\1.0\HELPDIR
HKLM\Software\WebHancer
HKLM\Software\WebHancer#BaseDir
HKLM\Software\WebHancer\CC
HKLM\Software\WebHancer\CC#DistTag
HKLM\Software\WebHancer\CC#INSTFRM
HKLM\Software\WebHancer\CC#DWLLTM
HKLM\Software\WebHancer\CC#SLNTIND
HKLM\Software\WebHancer\CC#ACCPTPS
HKLM\Software\WebHancer\CC#id
HKLM\Software\WebHancer\ESO
HKLM\Software\WebHancer\ESO#aa
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webHancer Agent
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webHancer Agent#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webHancer Agent#DisplayName
C:\Program Files\WEBHANCER\Programs\license.txt
C:\Program Files\WEBHANCER\Programs\readme.txt
C:\Program Files\WEBHANCER\Programs\sporder.dll
C:\Program Files\WEBHANCER\Programs\whagent.ini
C:\Program Files\WEBHANCER\Programs\whinstaller.exe
C:\Program Files\WEBHANCER\Programs
C:\Program Files\WEBHANCER
HKLM\Software\Microsoft\Windows\CurrentVersion\Run#webHancer Agent [ C:\Program Files\webHancer\Programs\whagent.exe ]
C:\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\SYSWCC32.EXE
C:\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\CPGJ0DSJ\SYSWCC32.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{D1BD6C0F-8411-4455-8163-CEF0F28EC0B2}\RP84\A0015882.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{D1BD6C0F-8411-4455-8163-CEF0F28EC0B2}\RP84\A0015883.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{D1BD6C0F-8411-4455-8163-CEF0F28EC0B2}\RP84\A0015884.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{D1BD6C0F-8411-4455-8163-CEF0F28EC0B2}\RP84\SNAPSHOT\MFEX-3.DAT
C:\SYSTEM VOLUME INFORMATION\_RESTORE{D1BD6C0F-8411-4455-8163-CEF0F28EC0B2}\RP84\SNAPSHOT\MFEX-4.DAT
C:\SYSTEM VOLUME INFORMATION\_RESTORE{D1BD6C0F-8411-4455-8163-CEF0F28EC0B2}\RP84\SNAPSHOT\MFEX-5.DAT
Rogue.Dropper/Gen
C:\WINDOWS\SYSTEM32\LPHC76OJ0EEDV.EXE
C:\WINDOWS\SYSTEM32\LPHC76OJ0EEDV.EXE
[lphc76oj0eedv] C:\WINDOWS\SYSTEM32\LPHC76OJ0EEDV.EXE
NotHarmful.Sysinternals Bluescreen Screen Saver
C:\WINDOWS\SYSTEM32\BLPHC76OJ0EEDV.SCR
C:\WINDOWS\SYSTEM32\BLPHC76OJ0EEDV.SCR
C:\SYSTEM VOLUME INFORMATION\_RESTORE{D1BD6C0F-8411-4455-8163-CEF0F28EC0B2}\RP84\A0015927.SCR
C:\SYSTEM VOLUME INFORMATION\_RESTORE{D1BD6C0F-8411-4455-8163-CEF0F28EC0B2}\RP84\A0015948.SCR
Rogue.AntiVirus XP 2008
C:\PROGRAM FILES\RHC36OJ0EEDV\RHC36OJ0EEDV.EXE
C:\PROGRAM FILES\RHC36OJ0EEDV\RHC36OJ0EEDV.EXE
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\How to Register Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\License Agreement.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\Register Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\Uninstall.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Desktop\Antivirus XP 2008.lnk
Adware.AdRotate/System
C:\WINDOWS\SYSTEM32\XKJMGLCPNKHYJWB.DLL
C:\WINDOWS\SYSTEM32\XKJMGLCPNKHYJWB.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{259e5650-e4a2-7ad6-b974-4410cbfbc525}
HKCR\CLSID\{259E5650-E4A2-7AD6-B974-4410CBFBC525}
HKCR\CLSID\{259E5650-E4A2-7AD6-B974-4410CBFBC525}
HKCR\CLSID\{259E5650-E4A2-7AD6-B974-4410CBFBC525}\InProcServer32
HKCR\CLSID\{259E5650-E4A2-7AD6-B974-4410CBFBC525}\InProcServer32#ThreadingModel
C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\HIJACKTHIS\BACKUPS\BACKUP-20080417-042241-309.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{D1BD6C0F-8411-4455-8163-CEF0F28EC0B2}\RP84\A0015881.DLL
Rogue.MalwareProtector/Variant
C:\WINDOWS\SYSTEM32\PPHC76OJ0EEDV.EXE
C:\WINDOWS\SYSTEM32\PPHC76OJ0EEDV.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{D1BD6C0F-8411-4455-8163-CEF0F28EC0B2}\RP84\A0015926.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{D1BD6C0F-8411-4455-8163-CEF0F28EC0B2}\RP84\A0015949.EXE
Trojan.Dropper/Gen-PortSv
C:\WINDOWS\PORTSV.EXE
C:\WINDOWS\PORTSV.EXE
Trojan.AnyCracks/Gen
[Microsoft Windows Installer] C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MICROSOFT\DTSC\21798.EXE
C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MICROSOFT\DTSC\21798.EXE
C:\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\CV03EJA5\TD_MAINTOR.EXE
Trojan.Unknown Origin
[BackupWallpaper] C:\WINDOWS\SYSTEM32\PHC76OJ0EEDV.BMP
C:\WINDOWS\SYSTEM32\PHC76OJ0EEDV.BMP
C:\PROGRAM FILES\COMMON FILES\QRWF\QRWFA.EXE
C:\PROGRAM FILES\COMMON FILES\QRWF\QRWFL.EXE
C:\PROGRAM FILES\COMMON FILES\QRWF\QRWFM.EXE
Rogue.LiveSecurityCenter-Trace
[Wallpaper] C:\WINDOWS\DEFAULT.HTM
C:\WINDOWS\DEFAULT.HTM
Parasite.CoolWebSearch Variant
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00110011-4b0b-44d5-9718-90c88817369b}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{587dbf2d-9145-4c9e-92c2-1f953da73773}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{98dbbf16-ca43-4c33-be80-99e6694468a4}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e3eebbe8-9cab-4c76-b26a-747e25ebb4c6}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fd9bc004-8331-4457-b830-4759ff704c22}
HTMLCore Module BHO
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{086ae192-23a6-48d6-96ec-715f53797e85}
CoolWebSearch Parasite Variant
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{467faeb2-5f5b-4c81-bae0-2a4752ca7f4e}
Adware.CoolWebSearch
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5321e378-ffad-4999-8c62-03ca8155f0b3}
Browser Hijacker.Tubby
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765721306}
ClientMan BHO
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fcaddc14-bd46-408a-9842-cdbe1c6d37eb}
Adware.Tracking Cookie
C:\Documents and Settings\Owner\Cookies\owner@windowsmedia.txt
C:\Documents and Settings\Owner\Cookies\owner@cgm.adbureau.txt
C:\Documents and Settings\Owner\Cookies\owner@rotator.its.adjuggler.txt
C:\Documents and Settings\Owner\Cookies\owner@advertising.txt
C:\Documents and Settings\Owner\Cookies\owner@ad1.clickhype.txt
C:\Documents and Settings\Owner\Cookies\owner@1072522647.txt
C:\Documents and Settings\Owner\Cookies\owner@cgi-bin.txt
C:\Documents and Settings\Owner\Cookies\owner@247realmedia.txt
C:\Documents and Settings\Owner\Cookies\owner@adecn.txt
C:\Documents and Settings\Owner\Cookies\owner@media.adrevolver.txt
C:\Documents and Settings\Owner\Cookies\owner@bs.serving-sys.txt
C:\Documents and Settings\Owner\Cookies\owner@ads.adbrite.txt
C:\Documents and Settings\Owner\Cookies\owner@questionmarket.txt
C:\Documents and Settings\Owner\Cookies\owner@ads.gamesbannernet.txt
C:\Documents and Settings\Owner\Cookies\owner@tremor.adbureau.txt
C:\Documents and Settings\Owner\Cookies\owner@media6degrees.txt
C:\Documents and Settings\Owner\Cookies\owner@realmedia.txt
C:\Documents and Settings\Owner\Cookies\owner@sales.liveperson.txt
C:\Documents and Settings\Owner\Cookies\owner@tacoda.txt
C:\Documents and Settings\Owner\Cookies\owner@adserver.txt
C:\Documents and Settings\Owner\Cookies\owner@crackle.txt
C:\Documents and Settings\Owner\Cookies\owner@tribalfusion.txt
C:\Documents and Settings\Owner\Cookies\owner@statcounter.txt
C:\Documents and Settings\Owner\Cookies\owner@2o7.txt
C:\Documents and Settings\Owner\Cookies\owner@specificclick.txt
C:\Documents and Settings\Owner\Cookies\owner@zedo.txt
C:\Documents and Settings\Owner\Cookies\owner@eas.apm.emediate.txt
C:\Documents and Settings\Owner\Cookies\owner@apmebf.txt
C:\Documents and Settings\Owner\Cookies\owner@fastclick.txt
C:\Documents and Settings\Owner\Cookies\owner@blockbuster.112.2o7.txt
C:\Documents and Settings\Owner\Cookies\owner@ehg-groupernetworks.hitbox.txt
C:\Documents and Settings\Owner\Cookies\owner@ads.addynamix.txt
C:\Documents and Settings\Owner\Cookies\owner@interclick.txt
C:\Documents and Settings\Owner\Cookies\owner@at.atwola.txt
C:\Documents and Settings\Owner\Cookies\owner@revsci.txt
C:\Documents and Settings\Owner\Cookies\owner@atdmt.txt
C:\Documents and Settings\Owner\Cookies\owner@ads.bridgetrack.txt
C:\Documents and Settings\Owner\Cookies\owner@ads.realtechnetwork.txt
C:\Documents and Settings\Owner\Cookies\owner@rotator.adjuggler.txt
C:\Documents and Settings\Owner\Cookies\owner@insightexpressai.txt
C:\Documents and Settings\Owner\Cookies\owner@html.txt
C:\Documents and Settings\Owner\Cookies\owner@nextag.txt
C:\Documents and Settings\Owner\Cookies\owner@adbrite.txt
C:\Documents and Settings\Owner\Cookies\owner@1071457141.txt
C:\Documents and Settings\Owner\Cookies\owner@ads-dev.youporn.txt
C:\Documents and Settings\Owner\Cookies\owner@network.realmedia.txt
C:\Documents and Settings\Owner\Cookies\owner@adopt.specificclick.txt
C:\Documents and Settings\Owner\Cookies\owner@nebuad.adjuggler.txt
C:\Documents and Settings\Owner\Cookies\owner@hitbox.txt
C:\Documents and Settings\Owner\Cookies\owner@adopt.euroclick.txt
C:\Documents and Settings\Owner\Cookies\owner@glb.adtechus.txt
C:\Documents and Settings\Owner\Cookies\owner@adrevolver.txt
C:\Documents and Settings\Owner\Cookies\owner@trafficmp.txt
C:\Documents and Settings\Owner\Cookies\owner@ad.txt
C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll.txt
C:\Documents and Settings\Owner\Cookies\owner@mediaplex.txt
C:\Documents and Settings\Owner\Cookies\owner@www.burstnet.txt
C:\Documents and Settings\Owner\Cookies\owner@casalemedia.txt
C:\Documents and Settings\Owner\Cookies\owner@atwola.txt
C:\Documents and Settings\Owner\Cookies\owner@ads.widgetbucks.txt
C:\Documents and Settings\Owner\Cookies\owner@youporn.txt
C:\Documents and Settings\Owner\Cookies\owner@overture.txt
C:\Documents and Settings\Owner\Cookies\owner@76226072.txt
C:\Documents and Settings\Owner\Cookies\owner@doubleclick.txt
C:\Documents and Settings\Owner\Cookies\owner@myroitracking.txt
C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager.txt
C:\Documents and Settings\Owner\Cookies\owner@anad.tacoda.txt
C:\Documents and Settings\Owner\Cookies\owner@perf.overture.txt
C:\Documents and Settings\Owner\Cookies\owner@serving-sys.txt
C:\Documents and Settings\Owner\Cookies\owner@ads.clicksor.txt
C:\Documents and Settings\LocalService\Cookies\system@atdmt.txt
C:\Documents and Settings\LocalService\Cookies\system@zedo.txt
C:\Documents and Settings\LocalService\Cookies\system@indextools.txt
C:\Documents and Settings\LocalService\Cookies\system@advertising.txt
C:\Documents and Settings\LocalService\Cookies\system@6144.nosubid.clickshield.txt
C:\Documents and Settings\LocalService\Cookies\system@ads.revsci.txt
C:\Documents and Settings\LocalService\Cookies\system@doubleclick.txt
.indextools.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.indextools.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.indextools.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.media6degrees.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.media6degrees.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.media6degrees.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.media6degrees.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.media6degrees.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
cache.trafficmp.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
cache.trafficmp.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.media6degrees.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.network.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
ads.revsci.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
adopt.euroclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.questionmarket.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.questionmarket.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.ads.clicksor.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.clicksor.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adfarm1.adition.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.videoegg.adbureau.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.overture.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.overture.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.jcrew.112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.youporn.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.youporn.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.youporn.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.youporn.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adultfriendfinder.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adultfriendfinder.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adultfriendfinder.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adultfriendfinder.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adultfriendfinder.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
ads-dev.youporn.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.pro-market.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.cbs.112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
stats.gamestop.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
stats.gamestop.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.precisionclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.precisionclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
www.burstbeacon.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
code.mediatext.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.247realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.bs.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
tremor.adbureau.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.tremor.adbureau.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.upclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.upclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
www.googleadservices.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.atwola.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.kontera.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.kontera.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.eyewonder.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.eyewonder.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.stat.youku.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.lstat.youku.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.lstat.youku.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.mediafileshost.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
server.iad.liveperson.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
server.iad.liveperson.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
www.googleadservices.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
nebuad.adjuggler.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
nebuad.adjuggler.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adecn.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adecn.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
ad1.clickhype.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.yadro.ru [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.onclickvideos.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.onclickvideos.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.ads102.clicksor.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.myroitracking.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adserver.easyad.info [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
www.warezgarden.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
www.warezgarden.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
www.warezgarden.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
www.warezgarden.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
www.warezgarden.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
www.warezgarden.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
www.warezgarden.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
www.warezgarden.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.warezgarden.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.warezgarden.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.collective-media.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.collective-media.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.collective-media.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.collective-media.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.reunion.adbureau.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.reunion.adbureau.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.richmedia.yahoo.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.nba.112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adlegend.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.media.brandreachsys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.media.brandreachsys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
www.warezforum.info [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
www.warezforum.info [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.electronicarts.112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.mmstat.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.mmstat.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.adfi.adbureau.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
www.googleadservices.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
www.googleadservices.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
www.googleadservices.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.viamtvcom.112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.prospect.adbureau.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.prospect.adbureau.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.safeway.112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.usatoday1.112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.tracking.foxnews.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.tracking.foxnews.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.leeenterprises.112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.partner2profit.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.partner2profit.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.partner2profit.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.partner2profit.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.partner2profit.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.revenue.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
.educationmanagementllc.112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\24m47qv4.default\cookies.txt ]
C:\Documents and Settings\Owner\Cookies\owner@atdmt.txt
C:\Documents and Settings\Owner\Cookies\owner@casalemedia.txt
C:\Documents and Settings\Owner\Cookies\owner@statse.webtrendslive.txt
C:\Documents and Settings\Owner\Cookies\owner@questionmarket.txt
C:\Documents and Settings\Owner\Cookies\owner@nba.112.2o7.txt
C:\Documents and Settings\Owner\Cookies\owner@tremor.adbureau.txt
C:\Documents and Settings\Owner\Cookies\owner@ehg-foxsports.hitbox.txt
C:\Documents and Settings\Owner\Cookies\owner@ads.tnt.txt
C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager.txt
C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager.txt
C:\Documents and Settings\Owner\Cookies\owner@travidia.112.2o7.txt
C:\Documents and Settings\Owner\Cookies\owner@tribalfusion.txt
C:\Documents and Settings\Owner\Cookies\owner@overture.txt
C:\Documents and Settings\Owner\Cookies\owner@2o7.txt
C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager.txt
C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager.txt
C:\Documents and Settings\Owner\Cookies\owner@network.realmedia.txt
C:\Documents and Settings\Owner\Cookies\owner@realmedia.txt
C:\Documents and Settings\Owner\Cookies\owner@serving-sys.txt
C:\Documents and Settings\Owner\Cookies\owner@anad.tacoda.txt
C:\Documents and Settings\Owner\Cookies\owner@realmedia.txt
C:\Documents and Settings\Owner\Cookies\owner@anat.tacoda.txt
C:\Documents and Settings\Owner\Cookies\owner@fastclick.txt
C:\Documents and Settings\Owner\Cookies\owner@yieldmanager.txt
C:\Documents and Settings\Owner\Cookies\owner@us.adserver.yahoo.txt
C:\Documents and Settings\Owner\Cookies\owner@media6degrees.txt
C:\Documents and Settings\Owner\Cookies\owner@serving-sys.txt
C:\Documents and Settings\Owner\Cookies\owner@realmedia.txt
C:\Documents and Settings\Owner\Cookies\owner@realmedia.txt
C:\Documents and Settings\Owner\Cookies\owner@metacafe.122.2o7.txt
C:\Documents and Settings\Owner\Cookies\owner@youporn.txt
C:\Documents and Settings\Owner\Cookies\owner@stat.onestat.txt
C:\Documents and Settings\Owner\Cookies\owner@www.burstbeacon.txt
C:\Documents and Settings\Owner\Cookies\owner@linksynergy.txt
C:\Documents and Settings\Owner\Cookies\owner@hitbox.txt
C:\Documents and Settings\Owner\Cookies\owner@insightexpressai.txt
C:\Documents and Settings\Owner\Cookies\owner@ads.addynamix.txt
C:\Documents and Settings\Owner\Cookies\owner@mediaplex.txt
C:\Documents and Settings\Owner\Cookies\owner@bluestreak.txt
C:\Documents and Settings\Owner\Cookies\owner@doubleclick.txt
C:\Documents and Settings\Owner\Cookies\owner@viamtvcom.112.2o7.txt
C:\Documents and Settings\Owner\Cookies\owner@ehg-myspaceinc.hitbox.txt
C:\Documents and Settings\Owner\Cookies\owner@www.googleadservices.txt
C:\Documents and Settings\Owner\Cookies\owner@www.googleadservices.txt
C:\Documents and Settings\Owner\Cookies\owner@d3.zedo.txt
C:\Documents and Settings\Owner\Cookies\owner@rotator.its.adjuggler.txt
C:\Documents and Settings\Owner\Cookies\owner@rotator.its.adjuggler.txt
C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll.txt
C:\Documents and Settings\Owner\Cookies\owner@rm.yieldmanager.txt
C:\Documents and Settings\Owner\Cookies\owner@interclick.txt
C:\Documents and Settings\Owner\Cookies\owner@cdn.atwola.txt
C:\Documents and Settings\Owner\Cookies\owner@adlegend.txt
C:\Documents and Settings\Owner\Cookies\owner@superstats.txt
C:\Documents and Settings\Owner\Cookies\owner@eyewonder.txt
C:\Documents and Settings\Owner\Cookies\owner@eb.adbureau.txt
C:\Documents and Settings\Owner\Cookies\owner@adfi.adbureau.txt
C:\Documents and Settings\Owner\Cookies\owner@imrworldwide.txt
C:\Documents and Settings\Owner\Cookies\owner@media.adrevolver.txt
C:\Documents and Settings\Owner\Cookies\owner@media.adrevolver.txt
C:\Documents and Settings\Owner\Cookies\owner@collective-media.txt
C:\Documents and Settings\Owner\Cookies\owner@www.myfirstsexteacher.txt
C:\Documents and Settings\Owner\Cookies\owner@ehg-veohnetworksinc.hitbox.txt
C:\Documents and Settings\Owner\Cookies\owner@adfarm1.adition.txt
C:\Documents and Settings\Owner\Cookies\owner@ehg-dig.hitbox.txt
C:\Documents and Settings\Owner\Cookies\owner@specificclick.txt
C:\Documents and Settings\Owner\Cookies\owner@adrevolver.txt
C:\Documents and Settings\Owner\Cookies\owner@tacoda.txt
C:\Documents and Settings\Owner\Cookies\owner@adbrite.txt
C:\Documents and Settings\Owner\Cookies\owner@ads.revsci.txt
C:\Documents and Settings\Owner\Cookies\owner@revsci.txt
C:\Documents and Settings\Owner\Cookies\owner@viamtvnvideo.112.2o7.txt
C:\Documents and Settings\Owner\Cookies\owner@ads.cheapflights.txt
C:\Documents and Settings\Owner\Cookies\owner@www.burstnet.txt
C:\Documents and Settings\Owner\Cookies\owner@adopt.euroclick.txt
C:\Documents and Settings\Owner\Cookies\owner@ar.atwola.txt
C:\Documents and Settings\Owner\Cookies\owner@richmedia.yahoo.txt
C:\Documents and Settings\Owner\Cookies\owner@ads-dev.youporn.txt
C:\Documents and Settings\Owner\Cookies\owner@precisionclick.txt
C:\Documents and Settings\Owner\Cookies\owner@bs.serving-sys.txt
C:\Documents and Settings\Owner\Cookies\owner@burstnet.txt
C:\Documents and Settings\Owner\Cookies\owner@zedo.txt
C:\Documents and Settings\Owner\Cookies\owner@zedo.txt
C:\Documents and Settings\Owner\Cookies\owner@advertising.txt
C:\Documents and Settings\Owner\Cookies\owner@tradedoubler.txt
C:\Documents and Settings\Owner\Cookies\owner@247realmedia.txt
C:\Documents and Settings\Owner\Cookies\owner@prospect.adbureau.txt
C:\Documents and Settings\Owner\Cookies\owner@adultfriendfinder.txt
C:\Documents and Settings\Owner\Cookies\owner@trafficmp.txt
C:\Documents and Settings\Owner\Cookies\owner@trafficmp.txt
C:\Documents and Settings\Owner\Cookies\owner@dynamic.media.adrevolver.txt
C:\Documents and Settings\Owner\Cookies\owner@adopt.specificclick.txt
C:\Documents and Settings\Owner\Cookies\owner@trafficmp.txt
C:\Documents and Settings\Owner\Cookies\owner@AdDisplayTrackerServlet.txt
C:\Documents and Settings\Owner\Cookies\owner@atwola.txt
C:\Documents and Settings\Owner\Cookies\owner@rotator.adjuggler.txt
C:\Documents and Settings\Owner\Cookies\owner@apmebf.txt
C:\Documents and Settings\Owner\Cookies\owner@revenue.txt
C:\Documents and Settings\Owner\Cookies\owner@pro-market.txt
C:\Documents and Settings\Owner\Cookies\owner@ads.bridgetrack.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@casalemedia.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@questionmarket.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@ad.yieldmanager.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@tribalfusion.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@realmedia.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@2o7.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@anad.tacoda.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@fastclick.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@atdmt.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@media6degrees.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@imeem.112.2o7.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@insightexpressai.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@mediaplex.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@doubleclick.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@ads.pointroll.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@windowsmedia.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@mediaservices.myspace.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@interclick.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@adlegend.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@adopt.specificclick.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@specificclick.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@revsci.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@glb.adtechus.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@adopt.euroclick.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@zedo.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@advertising.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@trafficmp.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@adserver.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@apmebf.txt
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@atwola.txt
Trojan.NetMon/DNSChange
C:\Program Files\Network Monitor\netmon.exe
C:\Program Files\Network Monitor
Adware.ClickSpring/Outer Info Network
C:\Program Files\Outerinfo\FF\chrome.manifest
C:\Program Files\Outerinfo\FF\components\FF.dll
C:\Program Files\Outerinfo\FF\components\OuterinfoAds.xpt
C:\Program Files\Outerinfo\FF\components
C:\Program Files\Outerinfo\FF\install.rdf
C:\Program Files\Outerinfo\FF
C:\Program Files\Outerinfo\Terms.rtf
C:\Program Files\Outerinfo
C:\Documents and Settings\Owner\Start Menu\Programs\Outerinfo\Terms.lnk
C:\Documents and Settings\Owner\Start Menu\Programs\Outerinfo\Uninstall.lnk
C:\Documents and Settings\Owner\Start Menu\Programs\Outerinfo
Trojan.DNSChanger-Codec
HKU\S-1-5-21-3710928948-3635490524-2248870109-1003\Software\uninstall
Adware.WinTouch/XInside
C:\Program Files\InetGet2
Adware.JavaCore/NoDNS
C:\Program Files\JavaCore\JavaCore.exe
C:\Program Files\JavaCore\UnInstall.exe
C:\Program Files\JavaCore
Trojan.Unclassified/NVCOI
C:\Program Files\CPV\CPV8.dll
C:\Program Files\CPV
C:\Program Files\Temporary
Rogue.AntiSpywareMaster
C:\Program Files\AntiSpywareMaster\asm.exe
C:\Program Files\AntiSpywareMaster
C:\Documents and Settings\All Users\Start Menu\Programs\AntiSpywareMaster\AntiSpywareMaster.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\AntiSpywareMaster\Uninstall AntiSpywareMaster.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\AntiSpywareMaster
C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiSpywareMaster.lnk
C:\DECKARD\SYSTEM SCANNER\BACKUP\DOCUME~1\OWNER\LOCALS~1\TEMP\WINVSNET.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{D1BD6C0F-8411-4455-8163-CEF0F28EC0B2}\RP74\A0007785.LNK
Rogue.PC-Cleaner
HKU\S-1-5-21-3710928948-3635490524-2248870109-1003\Software\mwc
Adware.SpeedRunner
C:\Documents and Settings\Owner\Application Data\SpeedRunner\config.cfg
C:\Documents and Settings\Owner\Application Data\SpeedRunner\SpeedRunner.exe
C:\Documents and Settings\Owner\Application Data\SpeedRunner\SRUninstall.exe
C:\Documents and Settings\Owner\Application Data\SpeedRunner
Trojan.Unclassified/WinSelf
HKLM\SYSTEM\CurrentControlSet\Services\MsSecurity1.209.4
HKLM\SYSTEM\CurrentControlSet\Services\MsSecurity1.209.4#Type
HKLM\SYSTEM\CurrentControlSet\Services\MsSecurity1.209.4#Start
HKLM\SYSTEM\CurrentControlSet\Services\MsSecurity1.209.4#ErrorControl
HKLM\SYSTEM\CurrentControlSet\Services\MsSecurity1.209.4#ImagePath
HKLM\SYSTEM\CurrentControlSet\Services\MsSecurity1.209.4#DisplayName
HKLM\SYSTEM\CurrentControlSet\Services\MsSecurity1.209.4#ObjectName
HKLM\SYSTEM\CurrentControlSet\Services\MsSecurity1.209.4#Description
HKLM\SYSTEM\CurrentControlSet\Services\MsSecurity1.209.4\Security
HKLM\SYSTEM\CurrentControlSet\Services\MsSecurity1.209.4\Security#Security
HKLM\SYSTEM\CurrentControlSet\Services\MsSecurity1.209.4\Enum
HKLM\SYSTEM\CurrentControlSet\Services\MsSecurity1.209.4\Enum#0
HKLM\SYSTEM\CurrentControlSet\Services\MsSecurity1.209.4\Enum#Count
HKLM\SYSTEM\CurrentControlSet\Services\MsSecurity1.209.4\Enum#NextInstance
Trojan.Dropper/Gen-Packed
C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MICROSOFT\WINDOWS\WWSTUD.EXE
Trojan.Downloader-Gen/Suspicious
C:\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\4BTI.EXE
C:\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\CPGJ0DSJ\4BTI.EXE
Adware.ClickSpring/Yazzle
C:\PROGRAM FILES\COMMON FILES\YAZZLE1281OINUNINSTALLER.EXE
C:\PROGRAM FILES\COMMON FILES\YAZZLE1281OINADMIN.EXE
Trojan.Downloader-CommandDesktop
C:\DECKARD\SYSTEM SCANNER\BACKUP\DOCUME~1\OWNER\LOCALS~1\TEMP\CMDINST.EXE
Adware.TargetSavers
C:\DECKARD\SYSTEM SCANNER\BACKUP\DOCUME~1\OWNER\LOCALS~1\TEMP\TSINSTALL_4_0_4_0_B4.EXE
C:\DECKARD\SYSTEM SCANNER\BACKUP\DOCUME~1\OWNER\LOCALS~1\TEMP\TSUPDATE_4_0_4_1_B3.EXE
Adware.Yazzle-Installer
C:\DECKARD\SYSTEM SCANNER\BACKUP\DOCUME~1\OWNER\LOCALS~1\TEMP\YAZZSNET.EXE
Unclassified.Unknown Origin/System
C:\PROGRAM FILES\COMMON FILES\QRWF\QRWFD\QRWFC.DLL
Trojan.Downloader-Gen
C:\PROGRAM FILES\COMMON FILES\QRWF\QRWFP.EXE
Trojan.Unclassified/TWAIN-Fake
C:\PROGRAM FILES\TWAIN\TWAIN.EXE | | Back to Top | | |
|
efekt101
New Member
Date Joined Feb 2008
Total Posts : 36
| Posted 7-7-2008 11:20 (GMT +2) | | | umm i downloaded this game off a torrent with azerus and i think its the virus cause my girlfriend deleted the game and than when i went to reinstall it started to happen agian and this antivirus xp 2008 popped up as a program and scanning my comp and my background of my desktop is all messed up and says i got spyware so imam rerun combo fix and scan my computer with superantispyware and ill post up new hijacklog and new combo fix and new superantispyware logg and this happen right after i just posted that new combo fix and superantispyware logg | | Back to Top | | |
|
efekt101
New Member
Date Joined Feb 2008
Total Posts : 36
| Posted 7-7-2008 11:21 (GMT +2) | | | i scanned the file with the superantispyware and it said it was clean should i delete it? | | Back to Top | | |
|
Touch
Forum Moderator
Date Joined Jun 2004
Total Posts : 13069
| Posted 7-7-2008 12:39 (GMT +2) | | Not now 
Run this scan tool -
Please download Malwarebytes' Anti-Malware:
to your desktop.
Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch
Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform full scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. Please save it to a convenient location.
Copy and Paste that log into your next reply, along with new combofix log.
Do NOT post your problem in someone elses thread.
| | Back to Top | | |
| |
