There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
 
Malware Removal & HijackThis Logs
Tag Cloud
audio bios blue screen boot bsod computer connection crash dcom dell driver drivers email error excel firefox google hard drive hardware hijackthis internet laptop logon logs off macro malware microsoft motherboard network networking problem ram recovery router screen slow software sound trojan usb userinit.exe virus vista webcam wifi windows windows 7 windows 7 64 bit windows xp wireless
Search
Search for:
Tech Support Guy Forums > Security & Malware Removal > Malware Removal & HijackThis Logs >
Solved: Alcra (New)

Tip: Click here to scan for System Errors and Optimize PC performance
[ Sponsored Link ]

Closed Thread
 
Thread Tools
Englishem's Avatar
Member with 46 posts.
  
Join Date: Nov 2005
Experience: Beginner
06-Jul-2007, 09:33 PM #1
Solved: Alcra
Hi! I think I have gotten the Alcra worm, as LimeWire keeps popping up and won't stay closed. My Spy Sweeper just expired so of course something like this happens the next day. What should I do??
Thanks.....


Logfile of HijackThis v1.99.1
Scan saved at 8:29:34 PM, on 7/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\outlook\outlook.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.net/toolbar2.0/search/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/comcast.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [CreateCD_Reminder] "C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe"
O4 - HKLM\..\Run: [VAIO Recovery] "C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe"
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [McAgentexe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [McUpdateexe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [SAClient] "C:\Program Files\Comcast\BBClient\Programs\RegCon.exe" /admincheck
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe"
O4 - HKLM\..\Run: [SetDefPrt] "C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe"
O4 - HKLM\..\Run: [ControlCenter2.0] "C:\Program Files\Brother\ControlCenter2\brctrcen.exe" /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [REGSHAVE] "C:\Program Files\REGSHAVE\REGSHAVE.EXE" /AUTORUN
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Billminder.lnk = C:\Program Files\Quicken\billmind.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\Quicken\QWDLLS.EXE
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyfios.verizon.net/s...ad/tgctlcm.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/k...an_unicode.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/noc...up1.0.0.15.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com...45/yacscom.cab
O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/do...e_Inst_Win.cab
O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) - http://zone.msn.com/bingame/trix/def...x.1.0.0.67.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...6/mcinsctl.cab
O16 - DPF: {596AF4AC-40A0-474A-9F86-33F0A90F0FD6} (PictureItLauncher Class) - http://photos.msn.com/resources/neut...s/DigWebX2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1148136023750
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/14...2/cpbrkpie.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - c:\program files\yahoo!\installs\ymmapi.dll
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramewor...o.cab34246.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/sh...16/mcgdmgr.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O16 - DPF: {EE8B6D5F-FEF2-11D0-B13F-00A024798EF3} (Microsoft Search Settings Control) - http://lg.home.microsoft.com/search/...chsettings.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (Application) (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (Application) (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
Register for free to hide this ad!
MFDnNC's Avatar
Distinguished Member with 49,029 posts.
  
Join Date: Sep 2004
06-Jul-2007, 09:46 PM #2
NOTE: If you have downloaded ComboFix previously please delete that version and download it again!

Download this file :

http://www.techsupportforum.com/sect...s/ComboFix.exe
or
http://download.bleepingcomputer.com...a/ComboFix.exe

Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you. Post that log and a HiJack log in your next reply

Note:
Do not mouseclick combofix's window while its running. That may cause it to stall
===========

Download Superantispyware (SAS) free home version

http://www.superantispyware.com/supe...freevspro.html

Install it and double-click the icon on your desktop to run it.
· It will ask if you want to update the program definitions, click Yes.
· Under Configuration and Preferences, click the Preferences button.
· Click the Scanning Control tab.
· Under Scanner Options make sure the following are checked:
o Close browsers before scanning
o Scan for tracking cookies
o Terminate memory threats before quarantining.
o Please leave the others unchecked.
o Click the Close button to leave the control center screen.
· On the main screen, under Scan for Harmful Software click Scan your computer.
· On the left check C:\Fixed Drive.
· On the right, under Complete Scan, choose Perform Complete Scan.
· Click Next to start the scan. Please be patient while it scans your computer.
· After the scan is complete a summary box will appear. Click OK.
· Make sure everything in the white box has a check next to it, then click Next.
· It will quarantine what it found and if it asks if you want to reboot, click Yes.
· To retrieve the removal information for me please do the following:
o After reboot, double-click the SUPERAntispyware icon on your desktop.
o Click Preferences. Click the Statistics/Logs tab.
o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
o It will open in your default text editor (such as Notepad/Wordpad).
o Please highlight everything in the notepad, then right-click and choose copy.
· Click close and close again to exit the program.
· Please paste that information here for me with a new HijackThis log.

This will take some time!!!!!!!!
Englishem's Avatar
Member with 46 posts.
  
Join Date: Nov 2005
Experience: Beginner
06-Jul-2007, 11:20 PM #3
While ComboFix was running, a message popped up saying, "C:\windows\system32\cmd.com is not a valid Win32 application." It would not let me close the message window and nothing else ever happened, except that all the desktop icons vanished. I tried it twice and had to restart the computer.
Englishem's Avatar
Member with 46 posts.
  
Join Date: Nov 2005
Experience: Beginner
07-Jul-2007, 10:46 AM #4
***
MFDnNC's Avatar
Distinguished Member with 49,029 posts.
  
Join Date: Sep 2004
07-Jul-2007, 01:59 PM #5
Download pocket killbox from http://www.thespykiller.co.uk/files/killbox.exe & put it on the desktop where you can find it easily

now Start killbox paste the first file listed below into the full pathname and file to delete box

The file name will appear in the window and if the file exists it will appear in blue under that window then select standard file kill, press the red X button, say yes to the prompt and once the file deleted message comes up then repeat for each file in turn

C:\WINDOWS\system32\CMD.COM
C:\WINDOWS\system32\netstat.com
C:\WINDOWS\system32\ping.com
C:\WINDOWS\system32\regedit.com
C:\WINDOWS\system32\tasklist.com
C:\WINDOWS\system32\taskkill.com
C:\WINDOWS\system32\tracert.com
Englishem's Avatar
Member with 46 posts.
  
Join Date: Nov 2005
Experience: Beginner
07-Jul-2007, 03:40 PM #6
Here is the ComboFix log:

"Valued Customer" - 2007-07-07 2:31:20 - ComboFix 07-07-07.3 - Service Pack 2


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\DOCUME~1\ALLUSE~1\APPLIC~1.\TEMP
C:\onoes.exe
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\music\mainmenumusic.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\areabomb.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\beetlezap.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\bonusrow.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\bonustimer.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\bucketfilled.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\clearpyramid.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\cleartriangle1a.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\cleartriangle1b.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\cleartriangle1c.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\cleartriangle2a.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\cleartriangle2b.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\cleartriangle2c.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\colorchain.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\dialogbox.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\drumbeat.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\fillrow.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\gateopen.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\helptip.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\powerup.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\rotateboardleft.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\timerup.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\warning.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\audio\sfx\warning2.ogg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\backgrounds\artifacts-bb.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\backgrounds\bar.jpg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\backgrounds\chamber0.jpg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\backgrounds\chamber1.jpg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\backgrounds\circledoor.jpg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\backgrounds\full_screen_dialog .jpg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\backgrounds\global-hs-bb_large.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\backgrounds\global-hs-bb_small.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\backgrounds\help-bb_large.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\backgrounds\help-bb_small.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\backgrounds\hexfield.jpg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\backgrounds\hidden-artifact_icon.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\backgrounds\large_dialog.jpg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\backgrounds\local-hs-bb.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\backgrounds\mainmenu.jpg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\backgrounds\small_dialog.jpg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\backgrounds\textfield.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\backgrounds\trifield.jpg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\beetles\beetlehover1.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\beetles\beetlehover2.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\beetles\beetlehover3.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\beetles\beetlehover4.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\beetles\beetleshock1.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\beetles\beetleshock2.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\beetles\beetleshock3.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\beetles\beetleshock4.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\beetles\beetletatoo.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\beetles\dirt.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\beetles\scarabpost.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\beetles\scarabpostovr.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\beetles\tritop.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\arrowdown_down.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\arrowdown_over.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\arrowdown_up.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\arrowleft_down.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\arrowleft_over.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\arrowleft_up.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\arrowright_down.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\arrowright_over.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\arrowright_up.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\arrowup_down.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\arrowup_over.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\arrowup_up.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\bluearrowleft_down.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\bluearrowleft_over.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\bluearrowleft_up.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\bluearrowright_down.pn g
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\bluearrowright_over.pn g
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\bluearrowright_up.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\checkdown.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\checkup.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\long_button_down.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\long_button_over.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\long_button_up.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\orange-button_down.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\orange-button_over.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\orange-button_up.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\rotleft_down.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\rotleft_over.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\rotleft_up.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\rotright_down.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\rotright_over.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\rotright_up.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\simplebutton_down.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\simplebutton_over.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\simplebutton_up.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\sliderknob.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\sliderknobover.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\buttons\sliderrail.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\characters\anwar\look\pl0001.p ng
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\characters\bast\look\bl0001.pn g
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\characters\kristine\look\kl000 1.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\crackedstopper.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\cursor.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\doorlights.txt
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\fonts\jackarmstrong.mvec
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\fonts\lithos.mvec
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\greybomb.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\helptips\arrowkeys.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\helptips\helptip.jpg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\levels\levels.dat
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\models\disk.mesh
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\models\equilateraltriangle.mes h
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\models\flattri.mesh
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\models\pyramid.mesh
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\models\quad.mesh
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\models\rotatingpyramid.mesh
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\models\scarabpanel.mesh
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\p1icon.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\scenes\page1-0.xml
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\scenes\page1-1.xml
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\scenes\panel1-0-1.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\scenes\panel1-1-1.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\scorecloud.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\setup.xml
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\sfx\areashockwave.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\sfx\bolt_1.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\sfx\bolt_2.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\sfx\bolt_3.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\sfx\bolt_4.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\sfx\bolt_starter.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\sfx\bolt_tail.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\sfx\flash.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\sfx\rubble.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\sfx\smoke.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\sfx\smoke2.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\sfx\smoke3.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\splash\aol_logo.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\splash\playfirst_logo.jpg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\statues\statue0\snake_dirty.pn g
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\statues\statue1\arm01_dirty.pn g
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\statues\statue1\mask01_1.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\statues\statue1\statue01_dirty .jpg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\stopper.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\timer.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\timerglow.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\timericon.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\tm.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\trails\mouseblue1.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\trails\mouseblue2.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\trails\mouseblue3.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\trails\mousegreen1.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\trails\mousegreen2.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\trails\mousegreen3.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\trails\mousered1.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\trails\mousered2.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\trails\mousered3.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\trails\mouseyellow1.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\trails\mouseyellow2.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\trails\mouseyellow3.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\areabomb.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\areabombrollover.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\blue.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\bluerollover.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\boardfill.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\brick.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\brick1.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\brick2.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\brick3.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\bricktip.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\clearanim\cleared1.p ng
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\clearanim\cleared2.p ng
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\clearanim\cleared3.p ng
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\clearanim\cleared4.p ng
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\clearanim\cleared5.p ng
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\clearanim\cleared6.p ng
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\eye1.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\eye2.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\eye3.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\eye4.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\green.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\greenrollover.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\plain_tri-blue.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\plain_tri-bluerollover.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\plain_tri-green.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\plain_tri-greenrollover.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\plain_tri-red.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\plain_tri-redrollover.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\plain_tri-yellow.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\plain_tri-yellowrollover.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\red.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\redrollover.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\wild.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\wildrollover.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\yellow.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\triangles\yellowrollover.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\upsell\image0.jpg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\upsell\image1.jpg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\upsell\image2.jpg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\upsell\image3.jpg
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\urns\bluebucket.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\urns\buckettriangle.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\urns\chainlink.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\urns\chaintip.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\urns\genericbucket.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\urns\greenbucket.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\urns\redbucket.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\urns\smallblue.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\urns\smallgreen.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\urns\smallred.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\urns\smallyellow.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\urns\urnglow.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\urns\urnplatform.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\urns\yellowbucket.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\assets\warning.png
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\error.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\game.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\gameover.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\hiscore.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\hiscoreinfo.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\hiscoresubmit.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\instructions.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\leveldesign.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\levelover.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\mainarcade.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\mainconfirm.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\maincontinue.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\maingames.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\mainpuzzle.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\maphelptip.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\options.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\pause.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\quitconfirm.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\start.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\storyplayer.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\style.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\screens\upsell.lua
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\strings.xml
C:\WINDOWS\DOWNLO~1.\TriJinx.1.0.0.67\TriJinx.exe
C:\WINDOWS\DOWNLO~1\UDC6_0001_D18M1108NetInstaller.exe
C:\WINDOWS\install.exe
C:\WINDOWS\system32\bszip.dll
C:\WINDOWS\system32\mc-110-12-0000121.exe
C:\WINDOWS\system32\zxdnt3d.cfg
C:\WINDOWS\yoinsi.exe


((((((((((((((((((((((((( Files Created from 2007-06-07 to 2007-07-07 )))))))))))))))))))))))))))))))


2007-07-06 21:04 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-04 22:23 <DIR> d--hs---- C:\Program Files\outlook
2007-07-04 22:23 <DIR> d--hs---- C:\DOCUME~1\VALUED~1\Complete
2007-06-27 02:28 28,672 --a------ C:\WINDOWS\system32\f3PSSavr.scr
2007-06-27 02:28 <DIR> d-------- C:\Program Files\MyWebSearch
2007-06-10 22:16 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SecretsOfOlympus
2007-06-08 22:40 <DIR> d-------- C:\Program Files\Ballistik
2007-06-08 21:04 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TERMINAL Studio


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-07 02:24:57 -------- d-----w C:\Program Files\FunWebProducts
2007-07-06 02:23:22 -------- d-----w C:\DOCUME~1\VALUED~1\APPLIC~1\Comcast
2007-07-06 01:59:55 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-07-05 15:24:02 -------- d-----w C:\Program Files\LimeWire
2007-06-27 07:28:29 -------- d-----w C:\Program Files\MSN Messenger
2007-06-11 02:58:11 -------- d-----w C:\Program Files\bfgclient
2007-05-20 20:05:36 -------- d-----w C:\Program Files\Oberon Media
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-05-09 08:03:53 -------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-17 03:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-17 03:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-17 03:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-17 03:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-17 03:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-17 03:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-17 03:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-17 03:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-04-17 03:44:20 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
2007-04-17 03:44:18 208,248 ----a-w C:\WINDOWS\system32\muweb.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
2006-04-17 19:37 438848 --a------ C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
2006-01-06 12:52 181752 --a------ C:\Program Files\Yahoo!\Common\yiesrvc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe" [2002-10-18 14:07 C:\WINDOWS\AGRSMMSG.exe]
"@"="" []
"QuickFinder Scheduler"="C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE" [2002-08-15 07:54]
"StorageGuard"="C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" [2002-06-18 04:01]
"McAgentexe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 19:29]
"McUpdateexe"="c:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2006-01-11 13:05]
"VirusScan Online"="c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" [2003-08-17 22:50]
"SAClient"="C:\Program Files\Comcast\BBClient\Programs\RegCon.exe" [2002-12-20 16:43]
"VSOCheckTask"="c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" [2003-08-08 19:02]
"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-09-13 21:36]
"SetDefPrt"="C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe" [2004-05-25 09:16]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2004-07-20 09:34]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-09-19 16:13]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-04-03 18:12]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" [2006-12-15 04:23]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 23:32]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2007-03-01 20:55]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24]
"PhotoShow Deluxe Media Manager"="C:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.exe" [2005-05-09 18:16]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell ExecuteHooks]
"{54D9498B-CF93-414F-8984-8CE7FDE0D391}"="C:\Program Files\ewido\security suite\shellhook.dll" [2005-12-04 15:56]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\Webroo tSpySweeperService]


Contents of the 'Scheduled Tasks' folder
2007-07-05 06:38:04 C:\WINDOWS\tasks\MP Scheduled Scan.job
2007-07-07 05:00:06 C:\WINDOWS\tasks\User_Feed_Synchronization-{619EF4B0-C52B-4CFE-B755-1EFF20C56A18}.job
2007-06-30 08:00:02 C:\WINDOWS\tasks\wrSpySweeper20060707223425.job

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-07 02:35:16
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-07-07 2:36:06
C:\ComboFix-quarantined-files.txt ... 2007-07-07 02:35

--- E O F ---
Englishem's Avatar
Member with 46 posts.
  
Join Date: Nov 2005
Experience: Beginner
07-Jul-2007, 03:41 PM #7
And here is the Hijack log:

Logfile of HijackThis v1.99.1
Scan saved at 2:38:48 AM, on 7/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.net/toolbar2.0/search/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/comcast.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [McAgentexe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [McUpdateexe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [SAClient] "C:\Program Files\Comcast\BBClient\Programs\RegCon.exe" /admincheck
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe"
O4 - HKLM\..\Run: [SetDefPrt] "C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe"
O4 - HKLM\..\Run: [ControlCenter2.0] "C:\Program Files\Brother\ControlCenter2\brctrcen.exe" /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [REGSHAVE] "C:\Program Files\REGSHAVE\REGSHAVE.EXE" /AUTORUN
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Billminder.lnk = C:\Program Files\Quicken\billmind.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\Quicken\QWDLLS.EXE
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyfios.verizon.net/s...ad/tgctlcm.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/k...an_unicode.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/noc...up1.0.0.15.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com...45/yacscom.cab
O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/do...e_Inst_Win.cab
O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) - http://zone.msn.com/bingame/trix/def...x.1.0.0.67.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...6/mcinsctl.cab
O16 - DPF: {596AF4AC-40A0-474A-9F86-33F0A90F0FD6} (PictureItLauncher Class) - http://photos.msn.com/resources/neut...s/DigWebX2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1148136023750
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/14...2/cpbrkpie.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - c:\program files\yahoo!\installs\ymmapi.dll
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramewor...o.cab34246.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/sh...16/mcgdmgr.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O16 - DPF: {EE8B6D5F-FEF2-11D0-B13F-00A024798EF3} (Microsoft Search Settings Control) - http://lg.home.microsoft.com/search/...chsettings.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (Application) (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (Application) (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
MFDnNC's Avatar
Distinguished Member with 49,029 posts.
  
Join Date: Sep 2004
07-Jul-2007, 03:57 PM #8
Go ahead with SAS
Englishem's Avatar
Member with 46 posts.
  
Join Date: Nov 2005
Experience: Beginner
07-Jul-2007, 06:03 PM #9
Here is half of the SAS log:

SUPERAntiSpyware Scan Log
Application Version : 3.9.1008

Core Rules Database Version : 3266
Trace Rules Database Version: 1277

Scan type : Complete Scan
Total Scan Time : 01:21:45

Memory items scanned : 422
Memory threats detected : 0
Registry items scanned : 5648
Registry threats detected : 33
File items scanned : 87935
File threats detected : 645

Browser Hijacker.Internet Explorer Zone Hijack
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\getmirar.com
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\getmirar.com\click
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\getmirar.com\click#https
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mirarsearch.com
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mirarsearch.com\click
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mirarsearch.com\click#https
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mirarsearch.com\redirect
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mirarsearch.com\redirect#https

Adware.Tracking Cookie
C:\Documents and Settings\Valued Customer\Cookies\valued customer@limbourgondier1.pornzonehost[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-zoomerang.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.revsci[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@jacquieetmichel.sexy.carasexe[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@statse.webtrendslive[3].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@hardcoreslutadventures.allaxxxess[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ehg-findlaw.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ehg-verizon.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@advertisersclearinghouse.aavalue[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www6.addfreestats[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@mediaplex[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@audit.median[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@adlegend[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@atdmt[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@media.licenseacquisition[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@intermediairfw[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@statcounter[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@cgi-bin[4].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@edge.ru4[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@precisionclick[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@entrepreneur[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@carasexe[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@roiservice[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@e-2dj6wfloald5slo.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@checkstat[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@aria[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@cs.sexcounter[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjkycjd5wbo.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@engine.letsstat[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-publiciswest.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@tribalfusion[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ehg-interlifeform.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ehg-movielink.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.belstat[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@limbourgondier.pornzonehost[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@txt.medialand[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@icc.intellisrv[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@e-2dj6wfkialczceo.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@list[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@citi.bridgetrack[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@adbrite[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@medianewsgroup[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@pornenmeer[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@indiads[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@www2.liveadulthost[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@pornfreakzzz[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@offers.intermediainteractive[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.belstat[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@revsci[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.sextekort[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www7.addfreestats[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@stats.drivecleaner[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@webstats4u[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@popular[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-comcast.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@nl.sitestat[3].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@advertising[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@amateurs[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@image.masterstats[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@interclick[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@partner2profit[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@video.pornhost[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-globalgamingleague.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-ifilm.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@images.crossmediaservices[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ad.uk.tangozebra[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@casalemedia[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@sun[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@stat.onestat[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@sales.liveperson[4].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@e-2dj6wgkiakcpoeq.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@adbrite[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@eztracks.aavalue[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@fastclick[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@24296[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ad[3].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@adserver2.teracent[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@48770159[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@adserver.adremedy[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.pointroll[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@mediaplayer.xmissy[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@drivecleaner[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ad.zanox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www3.addfreestats[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@kanoodle[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjliaicjslp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@69553378[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@sextracker[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@www.xxxmsncam[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@clicktorrent[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@e-2dj6wjl4kiczedo.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ads.addesktop[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ehg-mindshare.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@banners.plattformad[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@44153975[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ehg-ignitemedia.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@counter13.sextracker[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@1306385[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@tripod.lycos[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ehg-verizoncommunications.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@questionmarket[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@www.xxxloading[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@men4sexnow[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@serving-sys[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.monster[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@yourporntube[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@adserv.muchosucko[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@admarketplace[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@focalex[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@www.bigpornforum[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@babesonly.pornzonehost[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@maxxx-videos[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@faelinho04.pornwebring[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@bluestreak[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ehg-verizonwireless.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@adserver1.teracent[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ehg-revlon.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ehg-nestleusainc.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@www.entrepreneur[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@pornwebring[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@www.teens-photos[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@likecrack[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ads.bridgetrack[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@server.iad.liveperson[7].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@e-2dj6wgkychajmap.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@www.maxxx-videos[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@indextools[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@www.sexmaxx[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@megaporndump[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@counter1.supercounter[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.pornoamateurs[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@adultadworld[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www5.addfreestats[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@bigpornforum[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@estat[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@www.xxx-amateurs[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@justelite[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ehg-inforspaceinc.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@tracker.esecure-transaction[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@pornminded[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@banner.prestigecasino[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ez-tracks[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@pt.crossmediaservices[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@tijd[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@cpvfeed[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ads4.blastro[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@phg.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@teencumshots.blogspot[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@adserve.webtoolcafe[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ad.eclickdirect.com[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@S005-01-5-9-246403-73932[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@countercentral[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@msnportal.112.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ad.yieldmanager[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@www.intermediairfw[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@hentaicounter[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.addfreestats[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www4.addfreestats[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@bb1[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@clicks.emarketmakers[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@e-2dj6wjkoumcjegq.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@www.zanox-affiliate[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@e-2dj6wfkyogazaeo.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@trafficmp[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@realmedia[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@valueclick[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@www.fatpenguinmedia[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@tripod.lycos[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@www.topsexfilms[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ehg-gameshownet.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@azoogleads[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ads2.blastro[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@55114292[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.realtechnetwork[3].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-traderpublishing.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@www.nudeteenphoto[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@msnprod.oberon-media[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@metacafe.122.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@qnsr[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ads.planetactive[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@www.statsync[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@statse.webtrendslive[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@www.sexyavenue[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-hancockfabricsinc.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@3.adbrite[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ehg-adidas.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@www.onetwoporn[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.as4x.tmcs[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.ez-tracks[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@a-stat[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@tradetracker[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@43075689[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@clickauditor[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@babesex[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@hotnsexy[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@banner.flamingoclub[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@mystat.synch[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@38278[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@tacoda[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjkooid5wbo.stats.esomniture[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wfk4sod5oco.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@eighthstreet.pornzonehost[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@sextv1[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@smileycentral[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@66702201[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@click.payserve[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-maniatv.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@server.iad.liveperson[6].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@atwola[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@wt.sexsearch[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@www.sex19[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@da-tracking[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@38262[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@adserving.autotrader[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ads.cnn[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ehg-knightridder.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@banners.nbcupromotes[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@gallery.lost-media[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@2.adbrite[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-randomhouse.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ads3.blastro[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@statsync[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@server.iad.liveperson[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@pornspinner[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@24218[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@sales.liveperson[5].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@e-2dj6whkiopdpgko.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-youtube.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@bs.serving-sys[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-thomsonhealthcareinc.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@stats.ilsemedia[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@stats.manticoretechnology[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@xiti[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@adopt.specificclick[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@anad.tacoda[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@as-eu.falkag[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@bannerlandia.com[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ehg-attworldnet.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-dig.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@justelite.blogspot[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@videoegg.adbureau[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@stat.dealtime[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@38274[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.googleadservices[10].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@38302[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@specificclick[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@mediabrains[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@dirtypornzone[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@homepornmovies[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads2.nooja[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@server.lon.liveperson[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@e-2dj6whmiuld5ggo.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.cluster02.oasis.zmh.zope[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@xxxporn[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@tremor.adbureau[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@e-2dj6wjnysmd5cgo.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6walikpczeko.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@paypal.112.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@eroticlick[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@e-2dj6whloandpibo.stats.esomniture[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@www.nudefreexxx[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-jobster.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@be.sitestat[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@e-2dj6wjny-1gd5kb.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@sitestat.kpn-is[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ehg-overseenet.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@e-2dj6wjkykjcpsbp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@e-2dj6wjlyejcjcbo.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@amateur-sexygirls[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@clickbank[2].txt
Englishem's Avatar
Member with 46 posts.
  
Join Date: Nov 2005
Experience: Beginner
07-Jul-2007, 06:04 PM #10
and the rest of it:

C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.mediamayhemcorp[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@xxxmofo[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.xmissyporn[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-aaa.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ad1.clickhype[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.3pintracking[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.evtv1[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@warlog[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.adultswim[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.xxxmofo[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@statse.webtrendslive[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@exit.adult[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@be.sitestat[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@24291[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@e-2dj6wjlyukcpmdo.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@indexstats[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@sales.liveperson[3].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.addynamix[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@adserver.weakgame[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@e-2dj6wjk4unazwfp.stats.esomniture[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-playboy.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.pornbilly[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@counter.surfcounters[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@superstats[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@38291[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@uk.sitestat[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.best-free-sex[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@hollandxxx[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@e-2dj6wfmighd5akp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@adopt.euroclick[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@e-2dj6wjkyohd5mlq.stats.esomniture[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@girlsaddict.porn-host[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.adultgirls.****s[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.goyk[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-traderelectronicmedia.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjlyekd5wgq.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@popularscreensavers[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-digg.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@tctubantiaadverteren[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@click.email-publisher[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ad.uk.tangozebra[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@tracker.myspacemaps[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@e-2dj6whl4aiajshq.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjnysocpmfp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.traderonline[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.planetofsex[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@bbs.porncity[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@www.pornsmurf[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@meetupcom.122.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@tradedoubler[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@dealtime[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wfk4amcjaap.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.clicksex.com[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.amateursex[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@rotator.adjuggler[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.adult-mpg[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@38295[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjl4gkczcgp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-simplyaudiobooksinc.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@2.marketbanker[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@stats2.clicktracks[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@sexsearchcom[3].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wfmismd5cbp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@pornoamateurs[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@nl.sitestat[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@counter.rewardsnetwork[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@hit.stat[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.sextv1[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@adultswim[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.onetwosoftporn[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-looksmart.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@nursexybabes[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@tienerkutjes.jouwporno[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-viacom.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@galerias.sexole[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@besthomesex[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-rodale.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@sexlog[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.drivecleaner[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@perf.overture[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@stats.privacyprotector[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wakywlcjafp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ad.text.tbn[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@thebestporn[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@38275[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjnywoczifp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-reebok.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@media.adrevolver[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@blockbuster.112.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.macromedia[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-helio.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www2.addfreestats[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@usenext[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@counter.mtree[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjnysjcpklp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.homesweethomesex[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-lowermybills.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@s.clickability[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.best-free-sex[3].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@ads.mouseplanet[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@cnn.122.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-pizzahut.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@alyssa_doll_loves_john[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.3dstats[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@stat-counter.fabrica.net[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@onetwoporn[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@cc.bridgetrack[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@imc2.122.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjny-1ic5ob.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wfliogcjkfq.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6whk4ciazwaq.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.sexlog[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@clickstream.stylehive[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@counter7.sextracker[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@track.sendtraffic[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@enterprise.clickdefense[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-taubman.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@adrevolver[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@inthecrack[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@774.stats.misstrends[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.pornaddicted[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@jones99.freestats[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjnyegczmgp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.k8l[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.inthecrack[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.rowise[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjkykhdjakp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-jag.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@pixel.ilsemedia[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@sexsearchcom[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@thebossxxx[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@tracking.foxnews[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@m1.webstats4u[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@tracker.mediatracker.co[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.potracksgalore[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.jamster[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-bizjournals.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-space.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@hotlog[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@realsexcash[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wfkiopazcfo.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wfkiqld5weo.stats.esomniture[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@clicktracks.aristotle[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wfk4skdjgkp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.webstat[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@mediabom[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@comcast.112.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@xmissyporn[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.onetwopornlinks[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@sales.liveperson[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ad2.adnetinteractive[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@adserving.cpxinteractive[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ecnext.advertserve[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www8.addfreestats[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjkyelcpaep.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjlyaod5cbo.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@e-2dj6wjnywiajecp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-stacksandstacks.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.eroticlick[3].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@sex-photo[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wgkyancpoeq.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wfmicpdpcgp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.getporny[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@nl.sitestat[4].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-warnerbrothers.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.burstbeacon[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@burstnet[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.adultdreamhost[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@allpotracks[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.megaporndump[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.telegraph.co[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@secure.budgettracker[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wfmiegcpekp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@nl.sitestat[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@peliculas.sexole[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.twsexporn[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@web4.realtracker[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6whkyagdjikp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wglykmcjwbp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wgl4wmdjaaq.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@optimost[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.free-sex-sexy-gallery[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjlosjdjglq.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-financialaid.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wfmigodzmho.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.guardian.co[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.pornminded[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@wt.sexsearchcom[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@vhost.oddcast[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@sexyvideos.smartvideochannel[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@amateurgalore.pornzonehost[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@webstat[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@onetwosoftporn[1].txt
Englishem's Avatar
Member with 46 posts.
  
Join Date: Nov 2005
Experience: Beginner
07-Jul-2007, 06:05 PM #11
and the last part that wouldn't fit....

C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.first****teens[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@jamster[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wgkyelazkbo.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@nl.sitestat[6].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjliglc5cdp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wfk4qmazefo.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.belstat[3].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-futuredontics.hitbox[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@4.adbrite[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@analytics.clickpathmedia[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@amlocalhost.trymedia[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjlighc5weo.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.ppctracking[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@adprofile[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjnycodjcep.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@toplist[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjlykgc5cgq.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjloujajmgq.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@educationmanagementllc.112.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@realhomesex[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.xxxmovieforum[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjkoekdzihp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjnysgajiho.stats.esomniture[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@expired.revenuedirect[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@justsexyvideos[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@nakedteenpics.blogspot[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.hollandxxx[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjlocncjsbp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@realhomesex[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.dirtypornzone[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ameriprisestats[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@euros4click[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.freeporndumpster[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@kidsource.advertserve[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.intentmediaworks[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@bizrate[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@media3.sitebrand[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.adbrite[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjl4ckd5wbo.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ad.xplusone[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@freecodesource.advertserve[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@track.searchignite[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.gmbtrack[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6walieocpahp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@gostats[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.googleadservices[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@teengirlz[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@vip2.clickzs[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-adteractive.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.belointeractive[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.pointroll[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.us.e-planning[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ad.bannerconnect[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.sex18young[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@nl.sitestat[5].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@m1.webstats.motigo[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@getporny[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ero-advertising[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@jazzdump.juicypornhost[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@microsoftwlsearchcrm.112.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@sevenloadgmbh.112.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@keywordmax[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@adv.webmd[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ad.greenmarquee[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.googleadservices[8].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-aha.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@er4ddrtv.122.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.tcmdb[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@anat.tacoda[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@apmebf[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.realtechnetwork[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@server.iad.liveperson[5].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@cz6.clickzs[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.teengirlz[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.googleadservices[3].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@buycom.122.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-suite101.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@2.adbrite[3].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.pornaddicted[3].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.googleadservices[4].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@care2.112.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@azjmp[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjnyepd5gko.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.googleadservices[6].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@partners.webmasterplan[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@viamtvcom.112.2o7[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.googleadservices[9].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjk4gmcpcfq.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@data2.perf.overture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wfkoqocjkcp.stats.esomniture[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wflocndjobp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@pornbilly[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@stats.canalblog[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@twelvefifteen[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wfkoeod5efp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.townhall[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@yadro[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wfkyujcjobq.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.sexsearchcom[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@bizjournals.112.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@pornaddicted[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@a.websponsors[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.clickmanage[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.potrackdirectory[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@roskatrack.roskadirect[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjnycmc5mdp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wfmyeocjabp.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@popunderadvertise[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.oberon-media[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.advertyz[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@clicksor[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wfkiagcjabp.stats.esomniture[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ad.thewheelof[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@starz.122.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@counter2.hitslink[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@heavycom.122.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.dealtime[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@cz5.clickzs[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@richmedia.yahoo[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@emimusic.122.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@server.iad.liveperson[3].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@server.iad.liveperson[4].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.newgrounds[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.zango[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@spamblockerutility[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@data4.perf.overture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@altastat[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@linksynergy[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-ioffer.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@eyeblast.adbureau[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.sexmummy[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ad.adnetinteractive[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@reunioncom.112.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@newmotioninc.112.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@247realmedia[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.burstnet[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ezzs.valueclick[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@stats1.clicktracks[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@mediamax[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@counter.hitslink[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ads.expedia[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@pro-market[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@valueclick[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@microsoftwga.112.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@mcclatchy.112.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ehg-darden.hitbox[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.amateurporn4free[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@adtech[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6wjlyapajgeo.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@youngporn[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@counter12.sextracker[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ad.iconadserver[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ad.adtegrity[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.googleadservices[5].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@amateurgalore.pornzonehost[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@nextag[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@cz3.clickzs[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@sexlist[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@server.cpmstar[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@CAJDKFTR.txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@pornaddicted[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@eas.apm.emediate[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@uk.sitestat[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@harpo.122.2o7[1].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@youramateurporn[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@ad.interclick[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@zango[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.googleadservices[11].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@overture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@www.googleadservices[7].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@media.chicagoreader[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued_customer@e-2dj6whkicldjogo.stats.esomniture[2].txt
C:\Documents and Settings\Valued Customer\Cookies\valued customer@partner2profit[1].txt

Adware.180solutions/Search Assistant
HKCR\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}
HKCR\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\ProxyStubClsid
HKCR\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\ProxyStubClsid32
HKCR\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\TypeLib
HKCR\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\TypeLib#Version
HKCR\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}
HKCR\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\ProxyStubClsid
HKCR\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\ProxyStubClsid32
HKCR\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\TypeLib
HKCR\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\TypeLib#Version
HKCR\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}
HKCR\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\ProxyStubClsid
HKCR\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\ProxyStubClsid32
HKCR\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\TypeLib
HKCR\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\TypeLib#Version

Adware.180solutions/ZangoSearch
HKCR\Interface\{DD469A88-316C-441D-B712-783D9B9A6707}
HKCR\Interface\{DD469A88-316C-441D-B712-783D9B9A6707}\ProxyStubClsid
HKCR\Interface\{DD469A88-316C-441D-B712-783D9B9A6707}\ProxyStubClsid32
HKCR\Interface\{DD469A88-316C-441D-B712-783D9B9A6707}\TypeLib
HKCR\Interface\{DD469A88-316C-441D-B712-783D9B9A6707}\TypeLib#Version

Adware.Elite Media
HKLM\Software\elite
HKLM\Software\elite#check
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs#C:\WINDOWS\Downlo aded Program Files\elite.ocx [  ]

Adware.IST/ISTBar (Slotch Bar)
HKU\S-1-5-21-1047054364-3676479340-3288185684-1005\Software\Microsoft\Internet Explorer\Main#BandRest [ Never ]
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main#BandRest [ Never ]

Adware.MovieLand/MediaPipe
C:\PROGRAM FILES\FSUPPORT\NOTIFIER.EXE

Adware.eXact Advertising
C:\PROGRAM FILES\MICROSOFT ANTISPYWARE\QUARANTINE\9B592C75-BFE5-4112-A3BB-A41F8A\BC993CFB-5207-48FA-8236-C417A1

Adware.MyWebSearch
C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN\MWSOEMON.EXE

Malware.DriveCleaner
C:\QOOBOX\QUARANTINE\C\WINDOWS\DOWNLO~1\UDC6_0001_D18M1108NETINSTALLER.EXE. VIR

Trojan.MediaPipe-Variant
C:\WINDOWS\SYSTEM32\ENTRY.DLL

Trojan.Unknown Origin
C:\WINDOWS\TEMPF.TXT
Englishem's Avatar
Member with 46 posts.
  
Join Date: Nov 2005
Experience: Beginner
07-Jul-2007, 06:06 PM #12
And here is the Hijack log:

Logfile of HijackThis v1.99.1
Scan saved at 5:05:56 AM, on 7/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.net/toolbar2.0/search/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/comcast.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [McAgentexe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [McUpdateexe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [SAClient] "C:\Program Files\Comcast\BBClient\Programs\RegCon.exe" /admincheck
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe"
O4 - HKLM\..\Run: [SetDefPrt] "C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe"
O4 - HKLM\..\Run: [ControlCenter2.0] "C:\Program Files\Brother\ControlCenter2\brctrcen.exe" /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [REGSHAVE] "C:\Program Files\REGSHAVE\REGSHAVE.EXE" /AUTORUN
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Billminder.lnk = C:\Program Files\Quicken\billmind.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\Quicken\QWDLLS.EXE
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyfios.verizon.net/s...ad/tgctlcm.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/k...an_unicode.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/noc...up1.0.0.15.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com...45/yacscom.cab
O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/do...e_Inst_Win.cab
O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) - http://zone.msn.com/bingame/trix/def...x.1.0.0.67.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...6/mcinsctl.cab
O16 - DPF: {596AF4AC-40A0-474A-9F86-33F0A90F0FD6} (PictureItLauncher Class) - http://photos.msn.com/resources/neut...s/DigWebX2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1148136023750
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/14...2/cpbrkpie.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - c:\program files\yahoo!\installs\ymmapi.dll
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramewor...o.cab34246.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/sh...16/mcgdmgr.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O16 - DPF: {EE8B6D5F-FEF2-11D0-B13F-00A024798EF3} (Microsoft Search Settings Control) - http://lg.home.microsoft.com/search/...chsettings.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (Application) (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (Application) (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
MFDnNC's Avatar
Distinguished Member with 49,029 posts.
  
Join Date: Sep 2004
07-Jul-2007, 06:19 PM #13
Your Ewido is old and has been replace by AVG AS 7.5 (Not ot be confused with their AV)

http://www.ewido.net/en/download/

Clean
If you feel its is fixed mark it solved via Thread Tools above

Turn off restore points, boot, turn them back on – here’s how

http://service1.symantec.com/SUPPORT...rc=sec_doc_nam

This clears infected restore points and sets a new, clean one.
Englishem's Avatar
Member with 46 posts.
  
Join Date: Nov 2005
Experience: Beginner
08-Jul-2007, 07:11 PM #14
I think everything is good now.
Thank you!!!!!
Closed Thread Bookmark and Share   techguy.org/592663

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Smart Search

Find your solution!


« Previous Thread | Malware Removal & HijackThis Logs | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.

Thread Tools


Twitter Twitter! | Podcast | Mobile | Advertise
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -5. The time now is 04:29 PM.
Copyright © 1996 - 2010 TechGuy, Inc. All rights reserved.
Powered by vBulletin, Copyright © 2000 - 2010, Jelsoft Enterprises Ltd.
 Powered by Cermak Technologies, Inc.