Generic host process for win32 services has encountered a problem and needs to close.

G'day there.

I have a problem regarding a strange error I just recently started getting.

It occurs when I've been using the net for around 1/2 hour or so, when suddenly a message pops up saying "Generic host process for win32 services has encountered a problem and needs to close. We are sorry for the inconvenience. "

If I click "don't send," the internet stops working until I restart. If I don't click it and just move the window out of the way, I can use the net for a while longer but eventually the net will die.


Here is a logfile from hijack this, both before and after the error occurs.

Before error:

Logfile of HijackThis v1.99.1
Scan saved at 8:28:05 PM, on 14/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\nvraidservice.exe
C:\WINDOWS\system32\hdsp32.exe
C:\WINDOWS\system32\hdspmix.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\system32\taskmgr.exe
I:\Downloads\HijackThis.exe

O1 - Hosts: 216.80.7.52 tracker.kaizoku-fansubs.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\System32\nvraidservice.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HDSPTray1] hdsp32.exe
O4 - HKLM\..\Run: [HDSPTray2] hdspmix.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PowerStrip] c:\program files\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: csrss.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - blank (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - blank (file missing)
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{94CAB8A5-355A-4413-94C5-A7C732406315}: NameServer = 192.231.203.132 192.231.203.3
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

After error:

Logfile of HijackThis v1.99.1
Scan saved at 9:39:04 PM, on 14/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\nvraidservice.exe
C:\WINDOWS\system32\hdsp32.exe
C:\WINDOWS\system32\hdspmix.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\taskmgr.exe
I:\Downloads\HijackThis.exe

O1 - Hosts: 216.80.7.52 tracker.kaizoku-fansubs.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\System32\nvraidservice.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HDSPTray1] hdsp32.exe
O4 - HKLM\..\Run: [HDSPTray2] hdspmix.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PowerStrip] c:\program files\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: csrss.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - blank (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - blank (file missing)
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{94CAB8A5-355A-4413-94C5-A7C732406315}: NameServer = 192.231.203.132 192.231.203.3
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe



Any ideas anyone?

 

Hello Alex W and welcome,

You have malware on your system.

O3 - Toolbar: (no name) - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - (no file)

SecurityToolbar is the name of the malware.

Security Toolbar.dll the file name in windows.

The description: Malware, hailing from the folks responsible for the notorious Spy Trooper/World AntiiSpy/PS Guard foistware alias FAKEALE-C TROJAN

I'm moving this thread to the malware removal section.

One of the security experts will look at this.

Regards - Charles

 

Charles, thanks very much.

 

Ok, since Charles pointed out that "security toolbar.dll" was a piece of malware, I did some googling and wound up at this site:



I followed all the instructions there for removal but I still can't seem to shake the problem.

Any further help on this matter would be greatly appreciated.

 

Hi Alex W
Welcome to windowsbbs.

I was hoping TeMerc would show up here first
I am just a student.

You may want to print this out to follow the instructions.


Please Download MsnVirRem.exe to your desktop from one of the following mirrors.

• • Mirror 1
  • Mirror 2
  • Mirror 3
• First close any other programs you have running as this will require a reboot
• Double click MsnVirRem.exe to run it
• Once open, click the button labelled "Search and Destroy "
  <<Your computer will now be scanned for Infected Files>>
• When scanning is finished you will be prompted to reboot only if infected, Click OK
• Now click the "REBOOT" Button.
• After the Reboot, you WILL receive file not found errors (usually 4) please acknowledge them and continue.
• A Message should popup from MsnVirRem if not, double click the program again and it will finish

Please Post the contents of C:\msnvirrem.log in your next reply.

Please download SmitfraudFix (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.

Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter "; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool "; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.

Please post logs from the scans and a new HJT log into this thread.

O1 - Hosts: 216.80.7.52 tracker.kaizoku-fansubs.com <<Did you add this to your Host file?

Geri

 

Hello fraser2006
Welcome to windowsbbs

Though the symptoms may be similar the fix could be different for each machine.
I have had your post moved to it's own thread, things can get confusing trying to work on two logs in the same thread.
Someone will help you out.
Geri

PS. Do not run any other options from the SmitFraudFix unless told to do so.

 

contents of msnvirrem.log

MsnVirRem Log by Skate_Punk_21

Fix running from: I:\Downloads
16/08/2006
8:48:46 AM

---Infection Files Found---
C:\Documents and Settings\Alex1\Start Menu\Programs\Startup\csrss.lnk

Rebooting...
Fixing Registry Permissions...
Editing Registry...
Fixing Host File...
**Fix Complete!**

contents of rapport.txt

SmitFraudFix v2.81

Scan done at 11:26:16.32, Wed 16/08/2006
Run from C:\Documents and Settings\Alex1\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Alex1\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ALEX1\FAVORI~1


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components



»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End

contents of latest hijack this log

Logfile of HijackThis v1.99.1
Scan saved at 11:29:32 AM, on 16/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\nvraidservice.exe
C:\WINDOWS\system32\hdsp32.exe
C:\WINDOWS\system32\hdspmix.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\system32\NOTEPAD.EXE
I:\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/firefox
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\System32\nvraidservice.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HDSPTray1] hdsp32.exe
O4 - HKLM\..\Run: [HDSPTray2] hdspmix.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - blank (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - blank (file missing)
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{94CAB8A5-355A-4413-94C5-A7C732406315}: NameServer = 192.231.203.132 192.231.203.3
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe


The problem is still occuring

 

oh and yes I did add the line "216.80.7.52 tracker.kaizoku-fansubs.com" to my hosts.

 

Hi Alex W
You can delete the two programs that you downloaded. (MsnVirRem.exe and SmitfraudFix)

Please look in your add/remove programs for SecurityToolbar if it is there please delete it.

Please download ewido anti-spyware from HERE and save that file to your desktop.
This is a 30 day trial of the program

1. Once you have downloaded ewido anti-spyware, locate the icon on the desktop and double-click it to launch the set up program.
2. Once the setup is complete you will need run ewido and update the definition files.
3. On the main screen select the icon "Update" then select the "Update now" link.
   • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
4. Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
5. Once in the Settings screen click on "Recommended actions" and then select "Quarantine ".
6. Under "Reports "
   • Select "Automatically generate report after every scan "
   • Un-Select "Only if threats were found "

Close ewido anti-spyware, Do Not run a scan just yet, we will shortly.

1. Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
   IMPORTANT: Do not open any other windows or programs while ewido is scanning, it may interfere with the scanning proccess:
2. Lauch ewido-anti-spyware by double-clicking the icon on your desktop.
3. Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan ".
4. ewido will now begin the scanning process, be patient this may take a little time.
   Once the scan is complete do the following:
5. If you have any infections you will prompted, then select "Apply all actions "
6. Next select the "Reports" icon at the top.
7. Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
8. Close ewido and reboot your system back into Normal Mode and post the results of the ewido report scan.

Download and install CleanUp!

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).
Set the program up as follows:
Click "Options... "
Move the arrow down to "Custom CleanUp! "
Put a check next to the following (Make sure nothing else is checked!):

• Empty Recycle Bins
• Delete Cookies
• Delete Prefetch files
• Cleanup! All Users

Click OK
Press the CleanUp! button to start the program.

It may ask you to reboot at the end, click Yes.

Can I ask if you have a printer and/or scanner hooked up?
If so can you tell me the brand name and how old they are.

Please post the ewido report into a reply here.

Geri

 

Hi Alex W

Please Create a Startup List with HJT.

* Open HiJackThis
* Click on the "Config..." button on the bottom right, or click on the "open Misc tool section "
* Click on the tab "Misc Tools "
* Check off the 2 boxes next to the Box that says "Generate StartupList log "
* Click on the button "Generate StartupList log "
* Copy and past the StartupList from the notepad into your next post

Geri

 

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 5:11:47 PM 16/08/2006

+ Scan result:



:mozilla.268:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.759:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.760:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.761:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.9:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.10:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.10:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.11:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.11:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.12:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.12:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.13:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.13:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.14:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.14:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.15:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.15:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.16:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.16:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.17:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.17:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.18:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.18:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.197:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.198:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.199:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.19:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.19:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.200:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.201:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.202:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.203:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.204:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.205:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.206:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.207:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.208:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.209:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.20:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.20:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.20:C:\Documents and Settings\Alex\Application Data\Mozilla\Profiles\default\j040gpyv.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.210:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.211:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.212:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.213:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.214:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.215:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.216:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.217:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.218:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.219:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.21:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.21:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.220:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.221:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.222:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.223:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.224:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.225:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.226:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.227:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.228:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.229:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.22:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.22:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.230:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.231:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.232:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.233:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.234:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.235:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.236:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.23:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.23:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.24:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.24:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.25:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.25:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.26:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.26:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.27:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.27:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.28:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.29:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.30:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.31:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.32:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.33:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.34:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.434:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.545:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.594:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.625:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.6:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.743:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.7:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.8:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.8:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.943:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.959:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.981:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.9:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex1\Cookies\alex1@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex1\Cookies\alex1@cbs.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex1\Cookies\alex1@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex1\Local Settings\Temp\Cookies\alex1@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex1\Local Settings\Temp\Cookies\alex1@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.52:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Ad-flow : Cleaned with backup (quarantined).

 

:mozilla.182:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.183:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.184:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.185:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.674:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
:mozilla.282:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Adocean : Cleaned with backup (quarantined).
:mozilla.283:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Adocean : Cleaned with backup (quarantined).
:mozilla.646:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.647:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.648:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.649:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.45:C:\Documents and Settings\Alex\Application Data\Mozilla\Profiles\default\j040gpyv.slt\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.46:C:\Documents and Settings\Alex\Application Data\Mozilla\Profiles\default\j040gpyv.slt\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.532:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.533:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.534:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.535:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.536:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.537:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.538:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.649:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.650:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.651:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.652:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.653:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.654:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.655:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.656:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.292:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
:mozilla.293:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
:mozilla.325:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.103:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
:mozilla.10:E:\AL Backup\Application Data\Mozilla\Profiles\default\gfi80esi.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
:mozilla.262:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
:mozilla.40:C:\Documents and Settings\Alex\Application Data\Mozilla\Profiles\default\j040gpyv.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex1\Local Settings\Temp\Cookies\alex1@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
:mozilla.709:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
:mozilla.816:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex\Cookies\alex1@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex\Cookies\alex@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
E:\misc\Alex1\Cookies\alex1@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
E:\misc\Alex1\Cookies\alex1@www.burstbeacon[3].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
:mozilla.111:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
:mozilla.142:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex\Cookies\alex@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
:mozilla.114:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.115:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.116:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.117:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.118:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.119:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.120:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.143:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.144:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.146:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
:mozilla.343:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
:mozilla.500:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
:mozilla.625:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex\Cookies\alex1@cz6.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
E:\misc\Alex1\Cookies\alex1@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
E:\misc\Alex1\Cookies\alex1@cz6.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
E:\misc\Alex1\Cookies\alex1@cz7.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
E:\misc\Alex1\Cookies\alex1@cz9.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
:mozilla.134:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.135:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.317:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.318:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.35:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.36:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.7:E:\AL Backup\Application Data\Mozilla\Profiles\default\gfi80esi.slt\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.8:E:\AL Backup\Application Data\Mozilla\Profiles\default\gfi80esi.slt\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex\Cookies\alex1@com[2].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
E:\misc\Alex1\Cookies\alex1@com[1].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.617:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined).
:mozilla.39:C:\Documents and Settings\Alex\Application Data\Mozilla\Profiles\default\j040gpyv.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.67:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex1\Cookies\alex1@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.160:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.353:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.354:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.449:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.585:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex1\Cookies\alex1@e-2dj6wgkiumczwbq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex1\Cookies\alex1@e-2dj6wjl4gmd5eap.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.182:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup (quarantined).

 

:mozilla.183:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Euniverseads : Cleaned with backup (quarantined).
:mozilla.184:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Euniverseads : Cleaned with backup (quarantined).
:mozilla.374:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
:mozilla.375:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
:mozilla.376:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
:mozilla.377:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
:mozilla.183:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.39:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.40:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.556:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.68:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.77:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.78:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.79:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.80:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.81:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.82:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.83:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.34:C:\Documents and Settings\Alex\Application Data\Mozilla\Profiles\default\j040gpyv.slt\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.193:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Findwhat : Cleaned with backup (quarantined).
:mozilla.376:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Findwhat : Cleaned with backup (quarantined).
:mozilla.737:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.260:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.261:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.363:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.704:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.705:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.706:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.757:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.758:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.763:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.822:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.891:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.906:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.96:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.973:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.97:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.98:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.228:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup (quarantined).
:mozilla.57:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex\Cookies\alex1@hypertracker[1].txt -> TrackingCookie.Hypertracker : Cleaned with backup (quarantined).
:mozilla.266:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned with backup (quarantined).
:mozilla.678:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.679:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.680:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.770:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.771:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.772:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.127:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
:mozilla.128:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
:mozilla.21:E:\AL Backup\Application Data\Mozilla\Profiles\default\gfi80esi.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
:mozilla.48:C:\Documents and Settings\Alex\Application Data\Mozilla\Profiles\default\j040gpyv.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex1\Local Settings\Temp\Cookies\alex1@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
E:\misc\Alex1\Cookies\alex1@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup (quarantined).
E:\misc\Alex1\Cookies\alex1@www.myaffiliateprogram[2].txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup (quarantined).
:mozilla.684:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.685:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.686:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.776:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.777:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.778:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.779:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.780:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.173:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.174:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.175:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.372:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.373:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.533:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.534:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.377:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined).
:mozilla.538:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined).
:mozilla.6:C:\Documents and Settings\Alex\Application Data\Mozilla\Profiles\default\j040gpyv.slt\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined).
:mozilla.50:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.51:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.52:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.54:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.55:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.56:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
E:\misc\Alex1\Cookies\alex1@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
E:\misc\Alex1\Cookies\alex1@ads.pointroll[3].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.108:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
:mozilla.110:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
:mozilla.274:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
:mozilla.277:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
:mozilla.388:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
:mozilla.389:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex1\Local Settings\Temp\Cookies\alex1@qksrv[2].txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
:mozilla.390:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.546:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex\Cookies\alex1@www.realcastmedia[2].txt -> TrackingCookie.Realcastmedia : Cleaned with backup (quarantined).
E:\misc\Alex1\Cookies\alex1@www.realcastmedia[2].txt -> TrackingCookie.Realcastmedia : Cleaned with backup (quarantined).
:mozilla.400:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
:mozilla.553:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
:mozilla.13:E:\AL Backup\Application Data\Mozilla\Profiles\default\gfi80esi.slt\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.176:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.177:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.363:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.364:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.365:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.104:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.105:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.106:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.107:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).

 

:mozilla.416:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.417:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.418:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.419:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.88:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.89:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.90:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.91:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex1\Cookies\alex1@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
E:\AL Backup\Local Settings\Temp\Cookies\alex1@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
E:\misc\Alex1\Cookies\alex1@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
E:\misc\Alex1\Cookies\alex1@bs.serving-sys[3].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
E:\misc\Alex1\Cookies\alex1@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
E:\misc\Alex1\Cookies\alex1@serving-sys[3].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex1\Cookies\alex1@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex1\Local Settings\Temp\Cookies\alex1@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.10:C:\Documents and Settings\Alex\Application Data\Mozilla\Profiles\default\j040gpyv.slt\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
:mozilla.8:C:\Documents and Settings\Alex\Application Data\Mozilla\Profiles\default\j040gpyv.slt\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
:mozilla.9:C:\Documents and Settings\Alex\Application Data\Mozilla\Profiles\default\j040gpyv.slt\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
:mozilla.435:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
:mozilla.143:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup (quarantined).
:mozilla.436:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup (quarantined).
:mozilla.94:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup (quarantined).
:mozilla.439:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.440:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.441:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.442:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.443:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.444:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.445:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.446:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.447:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.448:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.528:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.573:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.574:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.575:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.576:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.577:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.578:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.579:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.580:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.581:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.582:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.583:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.584:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex1\Local Settings\Temp\Cookies\alex1@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.257:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.258:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.259:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.473:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.608:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.475:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.561:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.611:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.669:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.476:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Trafic : Cleaned with backup (quarantined).
:mozilla.612:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Trafic : Cleaned with backup (quarantined).
:mozilla.477:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.478:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.62:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.378:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.379:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.380:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.85:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.86:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.87:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.88:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.89:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.90:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.498:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
:mozilla.622:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
:mozilla.697:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex\Cookies\alex1@server3.web-stat[2].txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).
:mozilla.629:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).
:mozilla.529:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined).
:mozilla.93:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined).
:mozilla.131:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.132:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.134:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.135:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.136:C:\Documents and Settings\Alex1\Application Data\Mozilla\Firefox\Profiles\uwl7f72z.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.670:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.671:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.672:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.673:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.674:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex1\Local Settings\Temp\Cookies\alex1@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.170:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\f07bk2gh.Alex\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.539:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.540:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.541:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\xefelctr.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\Program Files\Registry Mechanic\RegMech.exe -> Trojan.Agent.sk : Cleaned with backup (quarantined).
I:\Downloads\RegMech.exe -> Trojan.Agent.sk : Cleaned with backup (quarantined).


::Report end

 

woah! seems like ewido cleaned out a lot of junk

Sadly the problem is still occuring though, I'm just about to perform the clean up program now, and after that will post the hijackthis startup log.

I don't have any scanners or printers.

 

StartupList report, 16/08/2006, 5:56:50 PM
StartupList version: 1.52.2
Started from : I:\Downloads\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\nvraidservice.exe
C:\WINDOWS\system32\hdsp32.exe
C:\WINDOWS\system32\hdspmix.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
I:\Downloads\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Documents and Settings\Alex1\Start Menu\Programs\Startup]
*No files*

Shell folders AltStartup:
*Folder not found*

User shell folders Startup:
*Folder not found*

User shell folders AltStartup:
*Folder not found*

Shell folders Common Startup:
[C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup]
*No files*

Shell folders Common AltStartup:
*Folder not found*

User shell folders Common Startup:
*Folder not found*

User shell folders Alternate Common Startup:
*Folder not found*

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*

[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

SoundMan = SOUNDMAN.EXE
NVRaidService = C:\WINDOWS\System32\nvraidservice.exe
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz = nwiz.exe /install
HDSPTray1 = hdsp32.exe
HDSPTray2 = hdspmix.exe
SunJavaUpdateSched = C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe
iTunesHelper = "C:\Program Files\iTunes\iTunesHelper.exe "
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
SW20 = C:\WINDOWS\system32\sw20.exe
SW24 = C:\WINDOWS\system32\sw24.exe
NvMediaCenter = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
DAEMON Tools = "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
RegistryMechanic =
avgnt = "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
!ewido = "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

Steam =
MessengerPlus3 = "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
msnmsgr = "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

[ApprovedByRegRun2]
*No values found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command

(Default) = "%1" /S

--------------------------------------------------

File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command

(Default) = C:\WINDOWS\System32\mshta.exe "%1" %*

--------------------------------------------------

File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command

(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

[{4b218e3e-bc98-4770-93d3-2731b9329278}] *
StubPath = %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf

[{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = %SystemRoot%\system32\ie4uinit.exe

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install

--------------------------------------------------

Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps

*Registry key not found*

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present

 

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Verifying REGEDIT.EXE integrity:

- Regedit.exe found in C:\WINDOWS
- .reg open command is normal (regedit.exe %1)
- Company name OK: 'Microsoft Corporation'
- Original filename OK: 'REGEDIT.EXE'
- File description: 'Registry Editor'

Registry check passed

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}

--------------------------------------------------

Enumerating Task Scheduler jobs:

*No jobs found*

--------------------------------------------------

Enumerating Download Program Files:

[{00000055-9980-0010-8000-00AA00389B71}]
CODEBASE = http://codecs.microsoft.com/codecs/i386/fhg.CAB

[{00000161-0000-0010-8000-00AA00389B71}]
CODEBASE = http://codecs.microsoft.com/codecs/i386/msaudio.cab

[Checkers Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\msgrchkr.dll
CODEBASE = http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

[{33564D57-0000-0010-8000-00AA00389B71}]
CODEBASE = http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

[Java Plug-in]
InProcServer32 = blank
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

[MessengerStatsClient Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll
CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab

[ActiveScan Installer Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll
CODEBASE = http://www.pandasoftware.com/activescan/as5/asinst.cab

[Java Plug-in]
InProcServer32 = blank
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab

[Java Plug-in]
InProcServer32 = blank
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

[Java Plug-in 1.5.0_06]
InProcServer32 = C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\WINDOWS\System32\mswsock.dll
NameSpace #2: C:\WINDOWS\System32\winrnr.dll
NameSpace #3: C:\WINDOWS\System32\mswsock.dll
Protocol #1: C:\WINDOWS\system32\mswsock.dll
Protocol #2: C:\WINDOWS\system32\mswsock.dll
Protocol #3: C:\WINDOWS\system32\mswsock.dll
Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
Protocol #6: C:\WINDOWS\system32\mswsock.dll
Protocol #7: C:\WINDOWS\system32\mswsock.dll
Protocol #8: C:\WINDOWS\system32\mswsock.dll
Protocol #9: C:\WINDOWS\system32\mswsock.dll
Protocol #10: C:\WINDOWS\system32\mswsock.dll
Protocol #11: C:\WINDOWS\system32\mswsock.dll
Protocol #12: C:\WINDOWS\system32\mswsock.dll
Protocol #13: C:\WINDOWS\system32\mswsock.dll
Protocol #14: C:\WINDOWS\system32\mswsock.dll
Protocol #15: C:\WINDOWS\system32\mswsock.dll
Protocol #16: C:\WINDOWS\system32\mswsock.dll
Protocol #17: C:\WINDOWS\system32\mswsock.dll
Protocol #18: C:\WINDOWS\system32\mswsock.dll
Protocol #19: C:\WINDOWS\system32\mswsock.dll
Protocol #20: C:\WINDOWS\system32\mswsock.dll
Protocol #21: C:\WINDOWS\system32\mswsock.dll

--------------------------------------------------

Enumerating Windows NT/2000/XP services

Microsoft ACPI Driver: System32\DRIVERS\ACPI.sys (system)
Microsoft Kernel Acoustic Echo Canceller: system32\drivers\aec.sys (manual start)
AFD Networking Support Environment: \SystemRoot\System32\drivers\afd.sys (system)
Service for Realtek AC97 Audio (WDM): system32\drivers\ALCXWDM.SYS (manual start)
Alerter: %SystemRoot%\System32\svchost.exe -k LocalService (disabled)
Application Layer Gateway Service: %SystemRoot%\System32\alg.exe (manual start)
AntiVir PersonalEdition Classic Scheduler: C:\Program Files\AntiVir PersonalEdition Classic\sched.exe (autostart)
AntiVir PersonalEdition Classic Guard: C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe (autostart)
Application Management: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
1394 ARP Client Protocol: System32\DRIVERS\arp1394.sys (manual start)
Aspi32: System32\drivers\aspi32.sys (system)
ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (manual start)
RAS Asynchronous Media Driver: System32\DRIVERS\asyncmac.sys (manual start)
Standard IDE/ESDI Hard Disk Controller: System32\DRIVERS\atapi.sys (system)
ATM ARP Client Protocol: System32\DRIVERS\atmarpc.sys (manual start)
Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Audio Stub Driver: System32\DRIVERS\audstub.sys (manual start)
avgio: \??\C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys (system)
avgntflt: \??\C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys (manual start)
Background Intelligent Transfer Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Computer Browser: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
CD-ROM Driver: System32\DRIVERS\cdrom.sys (system)
ClipBook: %SystemRoot%\system32\clipsrv.exe (disabled)
cpuz: \??\C:\DOCUME~1\Alex1\LOCALS~1\Temp\Rar$EX19.875\cpuz.sys (manual start)
Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
DCOM Server Process Launcher: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
DHCP Client: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Disk Driver: System32\DRIVERS\disk.sys (system)
Logical Disk Manager Administrative Service: %SystemRoot%\System32\dmadmin.exe /com (manual start)
dmboot: System32\drivers\dmboot.sys (disabled)
Logical Disk Manager Driver: System32\drivers\dmio.sys (system)
dmload: System32\drivers\dmload.sys (system)
Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Microsoft Kernel DLS Syntheiszer: system32\drivers\DMusic.sys (manual start)
DNS Client: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start)
dtscsi: \SystemRoot\System32\Drivers\dtscsi.sys (manual start)
ENTECH: \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys (manual start)
Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Event Log: %SystemRoot%\system32\services.exe (autostart)
ewido anti-spyware 4.0 driver: \??\C:\Program Files\ewido anti-spyware 4.0\guard.sys (system)
ewido anti-spyware 4.0 guard: C:\Program Files\ewido anti-spyware 4.0\guard.exe (autostart)
Fast User Switching Compatibility: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Floppy Disk Controller Driver: System32\DRIVERS\fdc.sys (manual start)
Floppy Disk Driver: System32\DRIVERS\flpydisk.sys (manual start)
FltMgr: system32\drivers\fltmgr.sys (system)
Volume Manager Driver: System32\DRIVERS\ftdisk.sys (system)
GEAR CDRom Filter: SYSTEM32\DRIVERS\GEARAspiWDM.sys (manual start)
GMSIPCI: \??\G:\INSTALL\GMSIPCI.SYS (manual start)
Generic Packet Classifier: System32\DRIVERS\msgpc.sys (manual start)
RME Hammerfall Audio Device: System32\DRIVERS\hdsp.sys (manual start)
Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Human Interface Device Access: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Microsoft HID Class Driver: System32\DRIVERS\hidusb.sys (manual start)
HTTP: System32\Drivers\HTTP.sys (manual start)
HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start)
i8042 Keyboard and PS/2 Mouse Port Driver: System32\DRIVERS\i8042prt.sys (system)
CD-Burning Filter Driver: system32\DRIVERS\imapi.sys (system)
IPv6 Windows Firewall Driver: system32\drivers\ip6fw.sys (manual start)
IP Traffic Filter Driver: System32\DRIVERS\ipfltdrv.sys (manual start)
IP in IP Tunnel Driver: System32\DRIVERS\ipinip.sys (manual start)
IP Network Address Translator: System32\DRIVERS\ipnat.sys (manual start)
iPod Service: C:\Program Files\iPod\bin\iPodService.exe (manual start)
IPSEC driver: System32\DRIVERS\ipsec.sys (system)
IR Enumerator Service: System32\DRIVERS\irenum.sys (manual start)
PnP ISA/EISA Bus Driver: System32\DRIVERS\isapnp.sys (system)
Keyboard Class Driver: System32\DRIVERS\kbdclass.sys (system)
Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start)
Server: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Workstation: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
TCP/IP NetBIOS Helper: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Messenger: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Mouse Class Driver: System32\DRIVERS\mouclass.sys (system)
Mouse HID Driver: System32\DRIVERS\mouhid.sys (manual start)
WebDav Client Redirector: System32\DRIVERS\mrxdav.sys (manual start)
MRXSMB: System32\DRIVERS\mrxsmb.sys (system)
MSICPL: \??\G:\install4\MSICPL.sys (manual start)
Windows Installer: C:\WINDOWS\System32\msiexec.exe /V (manual start)
Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start)
Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
Microsoft System Management BIOS Driver: System32\DRIVERS\mssmbios.sys (manual start)
Remote Access NDIS TAPI Driver: System32\DRIVERS\ndistapi.sys (manual start)
NDIS Usermode I/O Protocol: System32\DRIVERS\ndisuio.sys (manual start)
Remote Access NDIS WAN Driver: System32\DRIVERS\ndiswan.sys (manual start)
NetBIOS Interface: System32\DRIVERS\netbios.sys (system)
NetBios over Tcpip: System32\DRIVERS\netbt.sys (system)
Network DDE: %SystemRoot%\system32\netdde.exe (disabled)
Network DDE DSDM: %SystemRoot%\system32\netdde.exe (disabled)
Net Logon: %SystemRoot%\System32\lsass.exe (manual start)
Network Connections: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
1394 Net Driver: System32\DRIVERS\nic1394.sys (manual start)
Network Location Awareness (NLA): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
NTACCESS: \??\G:\NTACCESS.sys (manual start)
NT LM Security Support Provider: %SystemRoot%\System32\lsass.exe (manual start)
Removable Storage: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
nv: System32\DRIVERS\nv4_mini.sys (manual start)
nvatabus: System32\DRIVERS\nvatabus.sys (system)
NVIDIA nForce Networking Controller Driver: System32\DRIVERS\NVENETFD.sys (manual start)
NVIDIA Network Bus Enumerator: System32\DRIVERS\nvnetbus.sys (manual start)
NVIDIA nForce(tm) RAID Class Driver: System32\DRIVERS\nvraid.sys (system)
NVIDIA Display Driver Service: %SystemRoot%\system32\nvsvc32.exe (autostart)
IPX Traffic Filter Driver: System32\DRIVERS\nwlnkflt.sys (manual start)
IPX Traffic Forwarder Driver: System32\DRIVERS\nwlnkfwd.sys (manual start)
Texas Instruments OHCI Compliant IEEE 1394 Host Controller: System32\DRIVERS\ohci1394.sys (system)
PCI Bus Driver: System32\DRIVERS\pci.sys (system)
PCIIde: System32\DRIVERS\pciide.sys (system)
Plug and Play: %SystemRoot%\system32\services.exe (autostart)
Silicon Image SiI 0680 Medley Raid Controller: System32\DRIVERS\pnp680r.sys (system)
IPSEC Services: %SystemRoot%\System32\lsass.exe (autostart)
PowerCore: System32\DRIVERS\PCore.sys (manual start)
WAN Miniport (PPTP): System32\DRIVERS\raspptp.sys (manual start)
Processor Driver: System32\DRIVERS\processr.sys (system)
Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
QoS Packet Scheduler: System32\DRIVERS\psched.sys (manual start)
Direct Parallel Link Driver: System32\DRIVERS\ptilink.sys (manual start)
PxHelp20: System32\Drivers\PxHelp20.sys (system)
Remote Access Auto Connection Driver: System32\DRIVERS\rasacd.sys (system)
Remote Access Auto Connection Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
WAN Miniport (L2TP): System32\DRIVERS\rasl2tp.sys (manual start)
Remote Access Connection Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Remote Access PPPOE Driver: System32\DRIVERS\raspppoe.sys (manual start)
Direct Parallel: System32\DRIVERS\raspti.sys (manual start)
Rdbss: System32\DRIVERS\rdbss.sys (system)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Terminal Server Device Redirector Driver: System32\DRIVERS\rdpdr.sys (manual start)
Digital CD Audio Playback Filter Driver: System32\DRIVERS\redbook.sys (system)
Routing and Remote Access: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Remote Registry: %SystemRoot%\system32\svchost.exe -k LocalService (disabled)
Remote Procedure Call (RPC) Locator: %SystemRoot%\System32\locator.exe (manual start)
Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start)
Nintendo Wi-Fi USB Connector Service: System32\DRIVERS\rt25usbap.sys (manual start)
Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
Smart Card: %SystemRoot%\System32\SCardSvr.exe (manual start)
Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Secdrv: System32\DRIVERS\secdrv.sys (autostart)
Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
SetupNTGLM7X: \??\G:\NTGLM7X.sys (manual start)
StarForce Protection Environment Driver (version 1.x): System32\drivers\sfdrv01.sys (system)
StarForce Protection Helper Driver (version 2.x): System32\drivers\sfhlp02.sys (system)
Windows Firewall/Internet Connection Sharing (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
SiI-3114 SoftRaid 5 Controller: System32\DRIVERS\Si3114r5.sys (system)
SATALink driver accelerator: System32\DRIVERS\SiWinAcc.sys (system)
Acronis Snapshots Manager: System32\DRIVERS\snapman.sys (system)
Microsoft Kernel Audio Splitter: system32\drivers\splitter.sys (manual start)
Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
sptd: System32\Drivers\sptd.sys (system)
System Restore Filter Driver: \SystemRoot\System32\DRIVERS\sr.sys (disabled)
System Restore Service: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Srv: System32\DRIVERS\srv.sys (manual start)
SSDP Discovery Service: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
Windows Image Acquisition (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (manual start)
Software Bus Driver: System32\DRIVERS\swenum.sys (manual start)
Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start)
SynasUSB: system32\drivers\SynasUSB.sys (manual start)
Microsoft Kernel System Audio Device: system32\drivers\sysaudio.sys (manual start)
Performance Logs and Alerts: %SystemRoot%\system32\smlogsvc.exe (manual start)
Telephony: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
TCP/IP Protocol Driver: System32\DRIVERS\tcpip.sys (system)
Terminal Device Driver: System32\DRIVERS\termdd.sys (system)
Terminal Services: %SystemRoot%\System32\svchost -k DComLaunch (manual start)
Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Windows User Mode Driver Framework: C:\WINDOWS\System32\wdfmgr.exe (autostart)
Microcode Update Driver: System32\DRIVERS\update.sys (manual start)
Universal Plug and Play Device Host: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start)
Midiman USB MidiSport 2x2 Loader: system32\drivers\usb22ldr.sys (manual start)
Microsoft USB Standard Hub Driver: System32\DRIVERS\usbhub.sys (manual start)
Midiman USB MidiSport 2x2 Midi Driver: system32\drivers\usbmm2x2.sys (manual start)
Microsoft USB Open Host Controller Miniport Driver: System32\DRIVERS\usbohci.sys (manual start)
USB Mass Storage Driver: System32\DRIVERS\USBSTOR.SYS (manual start)
Messenger Sharing USN Journal Reader service: C:\WINDOWS\system32\svchost.exe -k usnsvc (manual start)
VGA Display Controller.: \SystemRoot\System32\drivers\vga.sys (system)
Volume Shadow Copy: %SystemRoot%\System32\vssvc.exe (manual start)
Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Remote Access IP ARP Driver: System32\DRIVERS\wanarp.sys (manual start)
Microsoft WINMM WDM Audio Compatibility Driver: system32\drivers\wdmaud.sys (manual start)
WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Portable Media Serial Number Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Windows Management Instrumentation Driver Extensions: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Automatic Updates: %systemRoot%\System32\svchost.exe -k netsvcs (autostart)
Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Network Provisioning Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Microsoft Common Controller For Windows Driver Service: system32\DRIVERS\xnacc.sys (manual start)
NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller: System32\DRIVERS\yk51x86.sys (manual start)


--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: *Registry value not found*

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll

--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*No values found*

--------------------------------------------------

End of report, 33,593 bytes
Report generated in 0.125 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

 

Hi Alex W

Can you tell me the last time you ran "windows update "?

Do you use Registry Mechanic?
If so you will need to restore it from ewido quarantine.
Open Ewido
Click Quarantine on the left side.
Look for the following item:

Registry Mechanic

Click to highlight the above item only, then click Restore.

I would suggest caution when using any Registry cleaners.

I will go through the start up list this evening.

Geri

 

Wow, I can't believe how helpful you've been so far, thank you so much.

The last update I downloaded for windows was SP2.

Thanks for the tip regarding registry mechanic, I do use it.

 

Hi Alex
I have asked TeMerc (The Expert here) to look over the start up list.
Please be patient we have not forgot about you

Geri