need help with->DOS/ALUREON.E

Page 1 of 2 1, 2  Next

View previous topic View next topic Go down

need help with->DOS/ALUREON.E

Post by dannyr on 25th November 2011, 6:56 pm

NEED HELP WITH --> DOS/ALUREON.E
I CAN NOT ACCESS THE INTERNET FROM THE INFECTED COMPUTER TO RUN THE OTL YOU GUYS NEED THIS VIRUS OR WHATEVER IT IS IS PRETTY NASTY

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by Superdave on 26th November 2011, 8:03 pm

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*****************************************************************
Please try this. Boot your computer in Safe Mode with NetWorking. Download, install and run a scan with MBAM. Reboot in Normal mode and try to run the scan again.

[You must be registered and logged in to see this link.]

Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.]
Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 26th November 2011, 10:03 pm

here you go


Malwarebytes' Anti-Malware 1.51.2.1300
[You must be registered and logged in to see this link.]

Database version: 8209

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/25/2011 4:56:26 PM
mbam-log-2011-11-25 (16-56-26).txt

Scan type: Full scan (C:\|)
Objects scanned: 218286
Time elapsed: 45 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 7
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDesktop (PUM.Hidden.Desktop) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by Superdave on 26th November 2011, 11:18 pm

SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!


Download [You must be registered and logged in to see this link.]
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from here
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
************************************************
Download DDS from [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.] and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.
* Save both reports to your desktop.
* The instructions here ask you to attach the Attach.txt.



1) DDS.txt
2) Attach.txt
Instead of attaching, please copy/past both logs into your Thread

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copying and pasting it into the reply.

•Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control [You must be registered and logged in to see this link.].Then post your DDS logs. (DDS.txt and Attach.txt )

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 27th November 2011, 12:00 am

Dave the computer infected can't download from the internet how else can I install sas and dds?


danny r

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by Superdave on 27th November 2011, 1:01 am

[You must be registered and logged in to see this link.] wrote:Dave the computer infected can't download from the internet how else can I install sas and dds?


danny r
If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 27th November 2011, 1:38 am

Dave this virus is has the devices with removable storage hidden or disabled so i can't use CD-RW Do you know any tricks before I use USB?

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by Superdave on 27th November 2011, 2:13 am

[You must be registered and logged in to see this link.] wrote:Dave this virus is has the devices with removable storage hidden or disabled so i can't use CD-RW Do you know any tricks before I use USB?
It will work just the same with the USB.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 27th November 2011, 2:15 am

Yea I know I'm Just Scared of infecting another pc but I will try anyhow, I'm not near the computer now so I will update you monday, Have a good weekend...

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 28th November 2011, 2:49 pm

dave please provide the link to download the updates for sas so i can manually install them to the infected computer


* If you encounter any problems while downloading the updates, manually download and unzip them from here

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 28th November 2011, 4:54 pm

dave the dds freezes the computer any idea why? im running otl now will that help you? and here are the sas logs




SUPERAntiSpyware Scan Log
[You must be registered and logged in to see this link.]

Generated 11/28/2011 at 10:00 AM

Application Version : 5.0.1136

Core Rules Database Version : 7988
Trace Rules Database Version: 5800

Scan type : Quick Scan
Total Scan Time : 00:04:25

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 421
Memory threats detected : 0
Registry items scanned : 31336
Registry threats detected : 9
File items scanned : 6910
File threats detected : 676

PUP.StartNow Toolbar
HKCR\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}
HKCR\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}#ProgID
HKCR\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}#VersionIndependentProgID
HKCR\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}#TypeLib
HKCR\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}\InprocServer32
HKCR\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}\InprocServer32#ThreadingModel
HKCR\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}\Programmable
HKU\S-1-5-21-725345543-682003330-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
HKCR\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}

Adware.Tracking Cookie
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\BH86NJ3O.txt [ Cookie:system@ru4.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\SW72XHBJ.txt [ Cookie:system@imrworldwide.com/cgi-bin ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\BJLC7VH3.txt [ Cookie:system@ads.gamersmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\NQTFHUSD.txt [ Cookie:system@[You must be registered and logged in to see this link.] ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\I1SFHTVW.txt [ Cookie:system@dc.tremormedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\KLQL8R9O.txt [ Cookie:system@geltmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\804HLYPR.txt [ Cookie:system@p354t1s3578352.kronos.bravenetmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\OO8I1LL8.txt [ Cookie:system@tacoda.at.atwola.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\2XI8OUKQ.txt [ Cookie:system@stat.onestat.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\1ZB88W1H.txt [ Cookie:system@ox-d.enveromedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\0EDPAE8G.txt [ Cookie:system@pointroll.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\N0HFP5PF.txt [ Cookie:system@media6degrees.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\2XC1YU0Z.txt [ Cookie:system@ar.atwola.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\YI2MHXW0.txt [ Cookie:system@revsci.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\O6I2BCWP.txt [ Cookie:system@a1.interclick.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\8M3SILKM.txt [ Cookie:system@akamai.interclickproxy.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\V42A5WCU.txt [ Cookie:system@marchex.bafind.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\T4OO1JXR.txt [ Cookie:system@solvemedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\X32CT1EE.txt [ Cookie:system@atdmt.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\TT8VSW3M.txt [ Cookie:system@rotator.adjuggler.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\55R0F82L.txt [ Cookie:system@beacon.dmsinsights.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\ASJSHN13.txt [ Cookie:system@trafficno.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\PP2A1DRJ.txt [ Cookie:system@doubleclick.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\K4AFDR1X.txt [ Cookie:system@pfatracking.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\YCZLP9O4.txt [ Cookie:system@ads.react2media.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\QG1CRMWC.txt [ Cookie:system@marriner.rotator.hadj7.adjuggler.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\8Z6VROLE.txt [ Cookie:system@eyewonder.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\QWTRG5BB.txt [ Cookie:system@lucidmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\L3DWLI55.txt [ Cookie:system@clicks.thespecialsearch.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\CCE6RF4A.txt [ Cookie:system@goodcholesterolcount.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\LJSG0HFE.txt [ Cookie:system@getclicky.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\E71RKDW3.txt [ Cookie:system@kitaramedia.122.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\FCA40R5C.txt [ Cookie:system@trafficmp.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\VEB4RMXF.txt [ Cookie:system@collective-media.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\MUG2CU31.txt [ Cookie:system@c.gigcount.com/ ]
.adinterax.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\JLM1AGS8.txt [ Cookie:system@ads.pointroll.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\7MPZC2TR.txt [ Cookie:system@amazon-adsystem.com/ ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\HN8883Z3.txt [ Cookie:system@realmedia.com/ ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\ZT5LE6NM.txt [ Cookie:system@mediatraffic.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\YVNMO6GY.txt [ Cookie:system@trackalyzer.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\MI6YVXEF.txt [ Cookie:system@burstnet.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\GUEFND44.txt [ Cookie:system@ghmedia.com/ ]
.statcounter.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.mediabrandsww.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\JO2UMAN3.txt [ Cookie:system@adjuggler.net/ ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\03PDL3OV.txt [ Cookie:system@adbrite.com/ ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\HCAEFWRU.txt [ Cookie:system@fidelity.rotator.hadj7.adjuggler.net/servlet/ajrotator/146993/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\6UU7K94I.txt [ Cookie:system@yieldmanager.net/ ]
in.getclicky.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\Z9WHGAQV.txt [ Cookie:system@apmebf.com/ ]
dc.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\HPTTZ2IJ.txt [ Cookie:system@adxpose.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\8A88ZGJ8.txt [ Cookie:system@adup.rotator.hadj7.adjuggler.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\G8GNNFKW.txt [ Cookie:system@advertise.com/ ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\BU8A0HNA.txt [ Cookie:system@hhm.rotator.hadj7.adjuggler.net/ ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\XM29FK13.txt [ Cookie:system@realmedianetwork.net/ ]
wstat.wibiya.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.thefind.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.thefind.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.thefind.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.thefind.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\0YH3EBZT.txt [ Cookie:system@pro-market.net/ ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\BOQUBNGK.txt [ Cookie:system@entrepreneur.com/ ]
.adlegend.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adlegend.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\HW37FRX7.txt [ Cookie:system@xm.xtendmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\803XXCRX.txt [ Cookie:system@bizzclick.com/ ]
.getclicky.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\O0GW1NKI.txt [ Cookie:system@casalemedia.com/ ]
.c.gigcount.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.network.realmedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.draftfcb.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.mm.chitika.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adservices.picadmedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adservices.picadmedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.picadmedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\QVZNZM7Z.txt [ Cookie:system@adserver.adtechus.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\KL69BL7T.txt [ Cookie:system@filter.plusfind.net/ ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\6EFI3R42.txt [ Cookie:system@r1-ads.ace.advertising.com/ ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.traffichaus.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\2AYO0YEX.txt [ Cookie:system@madethecut.112.2o7.net/ ]
xxxbunker.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
xxxbunker.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
xxxbunker.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.cofidis2.solution.weborama.fr [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\592OOLY7.txt [ Cookie:system@server.cpmstar.com/ ]
.cofidis2.solution.weborama.fr [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.cofidis2.solution.weborama.fr [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.cofidis2.solution.weborama.fr [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
sftrack.searchforce.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\TGDK2TOA.txt [ Cookie:system@tracking.awesomedailywinner.com/ ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\E7KZ37QP.txt [ Cookie:system@statcounter.com/ ]
.eyewonder.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\EOPQGNXH.txt [ Cookie:system@tribalfusion.com/ ]
imagevenue.advertserve.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
imagevenue.advertserve.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\J6YA3HGF.txt [ Cookie:system@247realmedia.com/ ]
track.effiliation.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.bubblestat.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.bubblestat.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.bubblestat.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.bubblestat.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\OGYLWGC1.txt [ Cookie:system@p179t1s7070017.kronos.bravenetmedia.com/ ]
.histats.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\KL4973RG.txt [ Cookie:system@smartadserver.com/ ]
.hardsextube.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.hardsextube.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.hardsextube.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.hardsextube.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.hardsextube.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
ads.zeusclicks.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
ads2.zeusclicks.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\VHTGAXXN.txt [ Cookie:system@xml.trafficengine.net/ ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\6QDACNE7.txt [ Cookie:system@adtech.de/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\VPA05QQF.txt [ Cookie:system@clicksor.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\3JDRHLBJ.txt [ Cookie:system@mm.chitika.net/ ]
.xiti.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\D00FLTQN.txt [ Cookie:system@web-traffic-analysis.net/ ]
.bzresults.122.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\TENG7SF6.txt [ Cookie:system@advertising.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\B3C90DLW.txt [ Cookie:system@content.yieldmanager.com/ ]
adserving.autotrader.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.zgstats.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjk4wkdzwlq.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfkykjdpsdp.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\JCV20MTD.txt [ Cookie:system@c.atdmt.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\8UVBIGXQ.txt [ Cookie:system@findology.com/ ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\HSW2NXCI.txt [ Cookie:system@p220t1s5853762.kronos.bravenetmedia.com/ ]
.discounttire.122.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.discounttiredirect.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.discounttiredirect.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.discounttiredirect.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\7P80P85I.txt [ Cookie:system@indieclick.com/ ]
ads.ventivmedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.girlsteachsex.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\BB1KNIDH.txt [ Cookie:system@[You must be registered and logged in to see this link.] ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\SYOD0ER1.txt [ Cookie:system@myroitracking.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\MU7R1THJ.txt [ Cookie:system@[You must be registered and logged in to see this link.] ]
.e-2dj6wjnyohazgfp.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\LBGB51W1.txt [ Cookie:system@google.com/support/accounts/ ]
clicktrace.info [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.clicktrace.info [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.clicktrace.info [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.dexporn.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.dexporn.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\PJQ13SB2.txt [ Cookie:system@jobsfinderpro.jobamatic.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\AK99G2LK.txt [ Cookie:system@eas.apm.emediate.eu/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\ODKSNXJ2.txt [ Cookie:system@optimize.indieclick.com/ ]
.emediatrack.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aekoqpd5cgo.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\HTHGJKO9.txt [ Cookie:system@adsonar.com/adserving ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\S1BW4VQY.txt [ Cookie:system@bridge1.admarketplace.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\CWHG2I5M.txt [ Cookie:system@[You must be registered and logged in to see this link.] ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\E3OH8IRT.txt [ Cookie:system@warnerbros.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\U2J3OM0B.txt [ Cookie:system@chimeraadvertising.com/ ]
.dexporn.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\PXZ8424L.txt [ Cookie:system@adinterax.com/ ]
.e-2dj6wjmykldjmcq.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.freecamsexposed.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.freecamsexposed.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.freecamsexposed.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.freecamsexposed.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
ads.crakmedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\Y6OK6SNX.txt [ Cookie:system@adserver.leanmarket.com/ ]
.e-2dj6wjk4ooczwgp.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\CF0NSXXF.txt [ Cookie:system@p304t1s7136489.kronos.bravenetmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\1OXRU3H9.txt [ Cookie:system@burstbeacon.com/ ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\IQMX3MOU.txt [ Cookie:system@findgreatwindows.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\28GQQR8T.txt [ Cookie:system@xml.prostreammedia.com/ ]
us.sitestat.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
us.sitestat.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\27FAO45T.txt [ Cookie:system@lfstmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\08FWAD9A.txt [ Cookie:system@[You must be registered and logged in to see this link.] ]
.amazon-adsystem.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\CKFG26AG.txt [ Cookie:system@ads.bridgetrack.com/ ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
d.gravityadnetwork.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\JWMFCKU4.txt [ Cookie:system@uiadserver.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\PSPNS9DT.txt [ Cookie:system@martiniadnetwork.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\N7ENM2GV.txt [ Cookie:system@tradedoubler.com/ ]
.epicporntube.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.epicporntube.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\GZFR0ZL7.txt [ Cookie:system@static.getclicky.com/ ]
.www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.nakedbigbootymodels.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.nakedbigbootymodels.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
s05.flagcounter.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 28th November 2011, 4:55 pm

[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.microsoftwlcashback.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
gs.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\FK7CVI2Z.txt [ Cookie:system@crackle.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\73712FHV.txt [ Cookie:system@ehg-wss.hitbox.com/ ]
.e-2dj6wnkoqkdpcgq.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wmlicjczmdo.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wnmykjdpccp.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\PKQMDS9U.txt [ Cookie:system@statse.webtrendslive.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\UWWT9D6R.txt [ Cookie:system@track.dimestore.com/ ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\H5IQUYZ8.txt [ Cookie:system@kontera.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\3EONQ16L.txt [ Cookie:system@tracking.roxburycloud.com/ ]
optimize.indieclick.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
gotacha.rotator.hadj7.adjuggler.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
optimize.indieclick.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
optimize.indieclick.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.indieclick.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\66QV8ALO.txt [ Cookie:system@tag.2bluemedia.hiro.tv/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\NC7KK5K2.txt [ Cookie:system@search.hot-find.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\LLJQ0UGP.txt [ Cookie:system@p216t1s4838190.kronos.bravenetmedia.com/ ]
.e-2dj6wmmykpcpwlp.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\XGEBN4R8.txt [ Cookie:system@google.com/accounts/ ]
.clickaider.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\I6N51RDK.txt [ Cookie:system@azjmp.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\1NWF6B2W.txt [ Cookie:system@adlegend.com/ ]
.mtvn.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.viacom.adbureau.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.viacom.adbureau.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\NDX7I8PK.txt [ Cookie:system@beta-ads.ace.advertising.com/ ]
.daywithapornstar.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.daywithapornstar.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.daywithapornstar.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.daywithapornstar.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.banners.blacksexmatch.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\9OK1FB0M.txt [ Cookie:system@content.yieldmanager.com/ak/ ]
.banners.blacksexmatch.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.banners.blacksexmatch.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.banners.blacksexmatch.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.banners.blacksexmatch.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.banners.blacksexmatch.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.bdsm.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.bdsm.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.bdsm.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\GESTJ1UM.txt [ Cookie:system@js.pixelrevenue.com/ ]
.bdsm.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.bdsm.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.bdsm.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfl4agd5ggp.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\KJ6X90HZ.txt [ Cookie:system@histats.com/ ]
s06.flagcounter.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\WT2H2H58.txt [ Cookie:system@p170t1s6919435.kronos.bravenetmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\LPZHTN36.txt [ Cookie:system@yadro.ru/ ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\XTVZ0HZE.txt [ Cookie:system@clickbooth.com/ ]
.e-2dj6wfmisndpcdq.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\3S70A2AM.txt [ Cookie:system@adserving.ezanga.com/ ]
.e-2dj6aekyoodjaao.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\AVK98K0P.txt [ Cookie:system@adultfriendfinder.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\KQ6RADN9.txt [ Cookie:system@ad.looktraffic.com/ ]
.nextag.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\B71PY2YW.txt [ Cookie:system@aimfar.solution.weborama.fr/ ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjny-1ndpah.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjlywicjgdp.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\VHZLZV7G.txt [ Cookie:system@flatwatermedia.com/ ]
.e-2dj6wgkikgcpakq.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\RY3G2UA1.txt [ Cookie:system@associatedcontent.112.2o7.net/ ]
adserve.nicoclub.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\KU6QHHI4.txt [ Cookie:system@2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\J8160XHD.txt [ Cookie:system@click.jve.net/ ]
.andomedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
cn.clickable.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\NXKO5X9V.txt [ Cookie:system@[You must be registered and logged in to see this link.] ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\7WX8N6NL.txt [ Cookie:system@p365t1s3581544.kronos.bravenetmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\PG9HHBEN.txt [ Cookie:system@admin.valueclickmedia.com/ ]
.burstnet.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.discountedwheelwarehouse.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.discountedwheelwarehouse.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\VH8527B3.txt [ Cookie:system@valueclickmedia.com/ ]
.roiservice.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.myxer.adbureau.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.myxer.adbureau.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.myxer.adbureau.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.myxer.adbureau.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\7MBGTWLD.txt [ Cookie:system@googleads.g.doubleclick.net/ ]
.myxer.adbureau.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.myxer.adbureau.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adbureau.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\YSKGOGYE.txt [ Cookie:system@liveperson.net/hc/7046965 ]
clickclickandgo.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\32R91QCU.txt [ Cookie:system@clicks.geltmedia.com/ ]
.clickfuse.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\YMSV1R6Q.txt [ Cookie:system@goclicker.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\TAKXIKZJ.txt [ Cookie:system@bizrate.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\TCPSYSBP.txt [ Cookie:system@vanityfair.com/etc/designs/foundation/ads/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\6LB9UP7Z.txt [ Cookie:system@ads.bloggingclicks.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\OA1CB2HJ.txt [ Cookie:system@p142t1s7070018.kronos.bravenetmedia.com/ ]
.warnerbros.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\1Z8YASUM.txt [ Cookie:system@fondnessmedia.com/ ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.web-stat.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\D6LRBJVV.txt [ Cookie:system@linksynergy.com/ ]
.web-stat.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.web-stat.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\LMAQD7OZ.txt [ Cookie:system@ads.adultswim.com/ ]
.eaeacom.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\YKSICNP8.txt [ Cookie:system@paypal.112.2o7.net/ ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\EJXIPVA3.txt [ Cookie:system@nandomedia.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\M3RVVMAN.txt [ Cookie:system@[You must be registered and logged in to see this link.] ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\YNEH2QWE.txt [ Cookie:system@travel.aol.com/discount-travel/ ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\UXB9X2GS.txt [ Cookie:system@infrastrategy.122.2o7.net/ ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\RZSFRM2K.txt [ Cookie:system@directtrack.com/ ]
.media.adfrontiers.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.media.adfrontiers.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.clickboothlnk.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
publishers.clickbooth.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\YH3V5OHU.txt [ Cookie:system@trackstatsnow.com/ ]
.gumaxxx.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.gumaxxx.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.toplist.eu [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.toplist.cz [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.toplist.sk [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\8P7RF12X.txt [ Cookie:system@ero-advertising.com/ ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\M0ZG9B92.txt [ Cookie:system@mifind.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\YXKF1VUD.txt [ Cookie:system@vanityfair.com/Stats/ ]
.interflora2.solution.weborama.fr [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.interflora2.solution.weborama.fr [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.interflora2.solution.weborama.fr [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\CBFZEEIN.txt [ Cookie:system@gsimedia.net/ ]
.interflora2.solution.weborama.fr [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\VDSU7SRK.txt [ Cookie:system@accounts.google.com/intl/en/ ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.hotfiremedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\DWLUJH1T.txt [ Cookie:system@histats.com/stats/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\RDJXET7W.txt [ Cookie:system@hitbox.com/ ]
.adxpansion.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.dexporn.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\0ZYEJAUL.txt [ Cookie:system@click.payperclick.co.il/ ]
.akamai.interclickproxy.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\Q0SWEBBM.txt [ Cookie:system@servedby.adxserve.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\0G7ZX4E6.txt [ Cookie:system@rackspace.112.2o7.net/ ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
tracking.publicidees.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.avgtechnologies.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\ZLH7CUQX.txt [ Cookie:system@[You must be registered and logged in to see this link.] ]
.bs.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\XO12KSO4.txt [ Cookie:system@mtvn.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\KH0T8XPM.txt [ Cookie:system@cdn.fondnessmedia.com/css/fondnessmedia/images/ ]
.e-2dj6wjmyakc5ico.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aelywpcpifo.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\FWJISMOT.txt [ Cookie:system@brandspotmedia.com/ ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.tracking.dsmmadvantage.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\708DYZL9.txt [ Cookie:system@lokyfind.com/ ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\T7ZV8X9G.txt [ Cookie:system@cdn.jemamedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\NGXZTR04.txt [ Cookie:system@p312t1s7070619.kronos.bravenetmedia.com/ ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\SA2CPAI1.txt [ Cookie:system@overture.com/ ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.xxxmatch.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\LNJTYBTS.txt [ Cookie:system@cpmserver.com/ad/view/ ]
.ads.crakmedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.ads.crakmedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.ads.crakmedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
ads.crakmedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\E5O3B3ME.txt [ Cookie:system@adform.net/ ]
.adultfriendfinder.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adnetxchange.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adnetxchange.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\G4I8PS54.txt [ Cookie:system@fastclick.net/ ]
xxx-tube69.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.xxx-tube69.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.xxx-tube69.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.xxx-tube69.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\Z2NSH4EE.txt [ Cookie:system@dlxclick.com/ ]
xxx-tube69.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.myroitracking.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\CL868L73.txt [ Cookie:system@pluckit.demandmedia.com/ ]
.clicksor.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
xxx-tube69.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
xxx-tube69.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
xxx-tube69.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
xxx-tube69.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
xxx-tube69.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
xxx-tube69.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
xxx-tube69.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
xxx-tube69.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
xxx-tube69.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\7QW0G0PA.txt [ Cookie:system@tracking.google-placement.com.re.getclicky.com/ ]
.adultadworld.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
jinamedia.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
xxx-tube69.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
xxx-tube69.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.exoclick.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
delivery.trafficbroker.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\GV5LVWXZ.txt [ Cookie:system@dmtracker.com/ ]
.adxpansion.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.trafficholder.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.enoratraffic.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\I82GZSJP.txt [ Cookie:system@bloggingclicks.com/ ]
.advertise.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\2UBP1LO3.txt [ Cookie:system@discountssoftware.com/ ]
.accounts.google.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\WMPE7UBQ.txt [ Cookie:system@pubads.g.doubleclick.net/ ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\6R01JMHB.txt [ Cookie:system@ubermedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\YUEQUBD2.txt [ Cookie:system@asseenonpc.directtrack.com/ ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\8480PWA0.txt [ Cookie:system@tlvmedia.com/ ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\UQHRBWUS.txt [ Cookie:system@hotlog.ru/ ]
.yieldmanager.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\EPQN48Q3.txt [ Cookie:system@tracking1.aleadpay.com/ ]
.adinterax.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.clickintext.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.clickintext.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.clickintext.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.clickintext.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.clickintext.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.clickintext.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.clickintext.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.clickintext.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.clickintext.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.clickintext.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.clickintext.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.exoclick.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\OMLOAYF9.txt [ Cookie:system@youngentrepreneur.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\2UROXIL7.txt [ Cookie:system@acewebtraffic.com/ ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\3KJV08Q7.txt [ Cookie:system@stats.ilivid.com/ ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\AL0DBF15.txt [ Cookie:system@vanityfair.com/apps/foundation/components/cn_ad_init/ ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\ROT1BRB3.txt [ Cookie:system@mlbam.112.2o7.net/ ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\1KQY7XGT.txt [ Cookie:system@educationcom.112.2o7.net/ ]
.ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\FQIONQOU.txt [ Cookie:system@micklemedia.com/ ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\YX9EELKN.txt [ Cookie:system@discountinsurers.com/ ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\6TIJKDHI.txt [ Cookie:system@mediaforge.com/ ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\PBPA3FXB.txt [ Cookie:system@p413t1s6586928.kronos.bravenetmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\RWN12ABI.txt [ Cookie:system@5minmedia.com/ ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\59D7I19D.txt [ Cookie:system@liveperson.net/hc/10599399 ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\7DSU8TY0.txt [ Cookie:system@[You must be registered and logged in to see this link.] ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\874MMKIA.txt [ Cookie:system@video.adultswim.com/ ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\E1760V7Z.txt [ Cookie:system@view.atdmt.com/AVE/iview/353966750/direct;wi.728;hi.90/01/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\DWZJEPGZ.txt [ Cookie:system@peer1.122.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\0UM7TSUT.txt [ Cookie:system@s.clickability.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\GXXVGGUG.txt [ Cookie:system@liveperson.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\99ERTPDJ.txt [ Cookie:system@[You must be registered and logged in to see this link.] ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\X9YVNW18.txt [ Cookie:system@vanityfair.com/hollywood/features/2011/11/naked-hollywood-slideshow-201111/_jcr_content/cn_page_metadata/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\Z26UR7LQ.txt [ Cookie:system@network.realmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\UUZF4MGN.txt [ Cookie:system@servedby.adxpower.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\1Q7W9OGJ.txt [ Cookie:system@affiliate.tpptracker.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\1PBRSMTM.txt [ Cookie:system@openstat.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\RZ0MEGIK.txt [ Cookie:system@citi.bridgetrack.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\GHZD21SW.txt [ Cookie:system@youngbucks.rotator.hadj7.adjuggler.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\5KXBQ2E5.txt [ Cookie:system@search.seek-media.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\SI4WC9PU.txt [ Cookie:system@search.goinggreenfind.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\0H21SPMP.txt [ Cookie:system@gettyimages.122.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\1GWRGIID.txt [ Cookie:system@my.enveromedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\QB4973CI.txt [ Cookie:system@[You must be registered and logged in to see this link.] ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\S3FTR6Q6.txt [ Cookie:system@liveperson.net/hc/65985954 ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\SSWQDKFZ.txt [ Cookie:system@asrvstatsmanager.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\D8GOIPHE.txt [ Cookie:system@unrealshoppingdiscounts.pgpartner.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\14XWY8LA.txt [ Cookie:system@[You must be registered and logged in to see this link.] ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\FPDLYU3R.txt [ Cookie:system@nhl.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\MG60BLWQ.txt [ Cookie:system@p304t1s7126949.kronos.bravenetmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\VTGCML0G.txt [ Cookie:system@search.clicksare.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\MQUMM2D8.txt [ Cookie:system@lifestyle.gourmandia.com/advertisement/includes/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\6O3E3L2W.txt [ Cookie:system@servedby.adxpower.com/servlet/ajrotator/278895/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\016E533N.txt [ Cookie:system@kanoodle.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\H36GPI3P.txt [ Cookie:system@p413t1s7119594.kronos.bravenetmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\GRULSMMO.txt [ Cookie:system@findyourdegree.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\XA0DRLZW.txt [ Cookie:system@aim4media.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\RUNP3TMG.txt [ Cookie:system@da-tracking.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\5YCM38RX.txt [ Cookie:system@[You must be registered and logged in to see this link.] ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\P7MR1NP1.txt [ Cookie:system@cn.clickable.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\8GT251K0.txt [ Cookie:system@media2.legacy.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\K4FP09NA.txt [ Cookie:system@qistmedia.com/ad/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\CNHIQKI0.txt [ Cookie:system@p413t1s4342884.kronos.bravenetmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\LIEUYU1D.txt [ Cookie:system@cmp.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\RFSXP3CS.txt [ Cookie:system@citygridmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\JQOV1529.txt [ Cookie:system@carnivaldiscountcruises.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\QNOJA6XZ.txt [ Cookie:system@server.iad.liveperson.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\M28ME5KZ.txt [ Cookie:system@[You must be registered and logged in to see this link.] ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\E59R5JET.txt [ Cookie:system@ckmtracker.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\LE9F1OHO.txt [ Cookie:system@msnbc.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\4SGMSYHL.txt [ Cookie:system@admin.fastclick.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\66XE590B.txt [ Cookie:system@traveladvertising.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\XXG35CYV.txt [ Cookie:system@banners.trafficengine.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\EEDOJYP1.txt [ Cookie:system@xml.titusmedia.com/ ]

Trojan.Agent/Gen-FraudScan[Comp]
C:\DOCUMENTS AND SETTINGS\BRIDGE\DESKTOP\ENVA4UBHA3KVTK.EXE
C:\DOCUMENTS AND SETTINGS\BRIDGE\DESKTOP\YHPFHLUDYLBSNDD.EXE

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 28th November 2011, 4:57 pm

here is another log



SUPERAntiSpyware Scan Log
[You must be registered and logged in to see this link.]

Generated 11/28/2011 at 10:48 AM

Application Version : 5.0.1136

Core Rules Database Version : 7988
Trace Rules Database Version: 5800

Scan type : Complete Scan
Total Scan Time : 00:35:23

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 395
Memory threats detected : 0
Registry items scanned : 35354
Registry threats detected : 10
File items scanned : 90155
File threats detected : 0

PUP.StartNow Toolbar
HKCR\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}
HKCR\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}#ProgID
HKCR\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}#VersionIndependentProgID
HKCR\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}#TypeLib
HKCR\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}\InprocServer32
HKCR\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}\InprocServer32#ThreadingModel
HKCR\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}\Programmable
HKLM\Software\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}
HKCR\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}
HKU\S-1-5-21-725345543-682003330-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 28th November 2011, 4:59 pm

Here is OTL Log


OTL logfile created on: 11/28/2011 11:46:53 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\bridge\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.66 Gb Available Physical Memory | 85.53% Memory free
2.45 Gb Paging File | 2.30 Gb Available in Paging File | 93.90% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.46 Gb Total Space | 57.22 Gb Free Space | 80.08% Space Free | Partition Type: NTFS

Computer Name: BYPC3 | User Name: bridge | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/28 11:33:04 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\bridge\Desktop\OTL.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | -H-- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Updater Service for StartNow Toolbar)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- -- (Application Updater)
SRV - [2011/04/27 15:39:26 | 000,011,736 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2008/11/05 10:59:38 | 000,875,288 | -H-- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2008/11/05 10:59:38 | 000,231,704 | -H-- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)


========== Driver Services (SafeList) ==========

DRV - [2011/07/22 11:27:04 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Documents and Settings\bridge\Desktop\freespywareremoval\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:24 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Documents and Settings\bridge\Desktop\freespywareremoval\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008/11/05 10:59:54 | 000,076,040 | -H-- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008/11/05 10:59:50 | 000,097,928 | -H-- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2008/11/05 10:59:48 | 000,026,824 | -H-- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2006/07/27 17:24:28 | 001,171,464 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/05/17 14:03:24 | 000,044,544 | RH-- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005/10/20 10:59:26 | 000,048,640 | -H-- | M] (Ranioshack Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2003/11/17 18:59:20 | 000,212,224 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 18:58:02 | 000,680,704 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 18:56:26 | 001,042,432 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-725345543-682003330-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]
IE - HKU\S-1-5-21-725345543-682003330-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKU\S-1-5-21-725345543-682003330-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-725345543-682003330-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKU\S-1-5-21-725345543-682003330-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [You must be registered and logged in to see this link.]
IE - HKU\S-1-5-21-725345543-682003330-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-725345543-682003330-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
IE - HKU\S-1-5-21-725345543-682003330-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "ZoneAlarm Security Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2645238&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749"
FF - prefs.js..browser.search.selectedEngine: "ZoneAlarm Security Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: {91da5e8a-3318-4f8c-b67e-5964de3ab546}:3.7.0.6
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.265.2
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=685749&p="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "chrome://browser-region/locale/region.properties"
FF - prefs.js..browser.startup.homepage: "resource:/browserconfig.properties"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2011/09/03 16:30:28 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\Program Files\AVG\AVG8\ToolbarFF [2011/09/03 16:30:28 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/11 08:00:41 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/11 08:00:37 | 000,000,000 | -H-D | M]

[2008/10/30 13:09:32 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\bridge\Application Data\Mozilla\Extensions
[2011/11/21 12:42:33 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\bridge\Application Data\Mozilla\Firefox\Profiles\ns7v42j8.default\extensions
[2011/04/17 11:13:52 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\bridge\Application Data\Mozilla\Firefox\Profiles\ns7v42j8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/11/21 14:46:25 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\bridge\Application Data\Mozilla\Firefox\Profiles\ns7v42j8.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010/11/27 18:18:05 | 000,001,490 | -H-- | M] () -- C:\Documents and Settings\bridge\Application Data\Mozilla\Firefox\Profiles\ns7v42j8.default\searchplugins\AOL Search.xml
[2011/09/30 14:13:44 | 000,001,945 | -H-- | M] () -- C:\Documents and Settings\bridge\Application Data\Mozilla\Firefox\Profiles\ns7v42j8.default\searchplugins\bing-zugo.xml
[2011/09/27 13:10:50 | 000,000,939 | -H-- | M] () -- C:\Documents and Settings\bridge\Application Data\Mozilla\Firefox\Profiles\ns7v42j8.default\searchplugins\conduit.xml
[2011/11/11 08:00:41 | 000,000,000 | -H-D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
[2011/11/05 01:53:18 | 000,134,104 | -H-- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/10/01 11:27:14 | 000,411,368 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/11/27 18:18:05 | 000,001,490 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\AOL Search.xml
[2011/11/04 22:21:03 | 000,002,252 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/04 22:21:03 | 000,002,040 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2011/11/25 15:43:53 | 000,438,612 | RH-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15088 more lines...
O2 - BHO: (Bridge Auto Parts Toolbar) - {37d0e5c3-24d6-46bc-86db-72cdb80b13de} - C:\Program Files\Bridge_Auto_Parts\prxtbBrid.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.6\iobitToolbarIE.dll File not found
O3 - HKLM\..\Toolbar: (Bridge Auto Parts Toolbar) - {37d0e5c3-24d6-46bc-86db-72cdb80b13de} - C:\Program Files\Bridge_Auto_Parts\prxtbBrid.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG, Technologies CZ, s.r.o )
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-725345543-682003330-839522115-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-725345543-682003330-839522115-1004\..\Toolbar\WebBrowser: (Bridge Auto Parts Toolbar) - {37D0E5C3-24D6-46BC-86DB-72CDB80B13DE} - C:\Program Files\Bridge_Auto_Parts\prxtbBrid.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-725345543-682003330-839522115-1004\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG, Technologies CZ, s.r.o )
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe" File not found
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [yhpfHLuDYLbSnDD.exe] C:\Documents and Settings\All Users\Application Data\yhpfHLuDYLbSnDD.exe File not found
O4 - HKU\S-1-5-21-725345543-682003330-839522115-1004..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-725345543-682003330-839522115-1004..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-725345543-682003330-839522115-1004..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.22) Gecko/20110902 Firefox/3.6.22 ( .NET CLR 3.5.30729)" -"http://www8.agame.com/games/flash/l/lose_the_heat_2/lose_the_heat_2_agame_com.html" File not found
O4 - Startup: C:\Documents and Settings\bridge\Start Menu\Programs\Startup\autoease.lnk = C:\Program Files\FacetCorp\FacetWin\FacetWin Terminal Configurations\autoease.fwt ()
O4 - Startup: C:\Documents and Settings\bridge\Start Menu\Programs\Startup\OfficePopup.lnk = C:\Program Files\OfficePopup\OfficePopup.exe ()
O4 - Startup: C:\Documents and Settings\bridge\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\bridge\Start Menu\Programs\Startup\QuickButtons General.lnk = C:\Program Files\QuickButtons\QuickButtons.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-725345543-682003330-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-725345543-682003330-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: Web-Based Email Tools [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Documents and Settings\bridge\Desktop\freespywareremoval\SASWINLO.DLL) - C:\Documents and Settings\bridge\Desktop\freespywareremoval\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\bridge\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\bridge\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Documents and Settings\bridge\Desktop\freespywareremoval\SASSEH.DLL (SuperAdBlocker.com)
O32 - Unable to open key or key not present!
O32 - AutoRun File - [2008/10/27 22:55:53 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.iyuv - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\WINDOWS\System32\
[2011/11/28 11:42:35 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\bridge\Desktop\OTL.exe
[2011/11/28 11:23:59 | 000,607,017 | R--- | C] (Swearware) -- C:\Documents and Settings\bridge\Desktop\dds.pif
[2011/11/28 09:50:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2011/11/28 09:45:32 | 004,617,600 | ---- | C] (SUPERAntiSpyware.com) -- C:\Documents and Settings\bridge\Desktop\SUPERAntiSpyware.exe
[2011/11/28 09:27:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\bridge\Application Data\SUPERAntiSpyware.com
[2011/11/28 09:27:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/11/28 09:19:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\bridge\Desktop\freespywareremoval
[2011/11/28 09:19:34 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\bridge\Desktop\dds.scr
[2011/11/25 16:57:13 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\bridge\Recent
[2011/11/25 09:19:11 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\bridge\Local Settings\Application Data\PCHealth
[2011/11/25 08:15:33 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\bridge\Start Menu\Programs\System Fix
[2011/11/22 09:09:12 | 000,000,000 | -H-D | C] -- C:\Program Files\Conduit
[2011/11/22 09:09:11 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\bridge\Local Settings\Application Data\Bridge_Auto_Parts
[2011/11/22 09:08:59 | 000,000,000 | -H-D | C] -- C:\Program Files\Bridge_Auto_Parts
[2011/11/21 13:51:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/11/21 13:51:22 | 000,000,000 | -H-D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/11/21 13:51:22 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/11/21 13:43:53 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\bridge\Desktop\MASTER
[2011/11/21 13:43:27 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\bridge\Desktop\ALL INTERNET PROTECTION
[2011/11/21 13:42:15 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\bridge\My Documents\New Folder
[2011/11/21 12:36:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Internet Logs
[2011/11/21 11:57:40 | 000,000,000 | -H-D | C] -- C:\Program Files\Microsoft Security Client
[2011/11/21 11:57:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011/11/16 10:34:56 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Apple Computer
[2011/11/15 13:35:45 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/11/12 19:36:35 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\bridge\Local Settings\Application Data\4b14f1b1
[2011/11/06 17:54:17 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\bridge\My Documents\My Games
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\WINDOWS\System32\
[2011/11/28 11:43:19 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/11/28 11:38:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/28 11:33:04 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\bridge\Desktop\OTL.exe
[2011/11/28 11:19:39 | 000,000,882 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc7a2da685e8d4.job
[2011/11/28 11:13:40 | 000,607,017 | R--- | M] (Swearware) -- C:\Documents and Settings\bridge\Desktop\dds.pif
[2011/11/28 11:04:02 | 000,000,886 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/28 09:42:53 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{79623B3E-72FC-401C-834F-64236350CB33}.job
[2011/11/28 09:11:38 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\bridge\Desktop\dds.scr
[2011/11/25 15:43:53 | 000,438,612 | RH-- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/11/25 09:14:54 | 000,000,849 | -H-- | M] () -- C:\Documents and Settings\bridge\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/11/25 08:15:36 | 000,000,312 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~eNvA4Ubha3KVTk
[2011/11/25 08:15:35 | 000,000,216 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~eNvA4Ubha3KVTkr
[2011/11/25 08:15:34 | 000,000,831 | -H-- | M] () -- C:\Documents and Settings\bridge\Desktop\System Fix.lnk
[2011/11/25 08:15:26 | 000,000,344 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\eNvA4Ubha3KVTk
[2011/11/25 08:13:26 | 000,081,191 | -H-- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/11/23 19:32:00 | 000,000,284 | -H-- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/11/21 14:52:29 | 000,484,640 | -H-- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/21 14:52:29 | 000,087,542 | -H-- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/21 13:41:41 | 000,000,104 | -H-- | M] () -- C:\Documents and Settings\bridge\Desktop\Shortcut to Internet.lnk
[2011/11/21 13:16:49 | 000,000,111 | -H-- | M] () -- C:\Documents and Settings\All Users\Documents\sys28076.bin
[2011/11/21 13:14:20 | 000,000,803 | RH-- | M] () -- C:\Documents and Settings\bridge\Desktop\Internet Explorer.lnk
[2011/11/21 13:01:29 | 000,001,393 | -H-- | M] () -- C:\WINDOWS\imsins.BAK
[2011/11/21 12:46:41 | 000,000,784 | -H-- | M] () -- C:\Documents and Settings\bridge\My Documents\Malwarebytes' Anti-Malware.lnk
[2011/11/21 12:17:52 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\2985366603
[2011/11/21 12:02:27 | 000,001,945 | -H-- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/11/21 11:57:32 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/21 11:24:56 | 000,000,005 | -H-- | M] () -- C:\Documents and Settings\bridge\hjhjhj.html
[2011/11/20 13:27:44 | 000,000,664 | -H-- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/11/07 13:04:38 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Documents and Settings\bridge\Desktop\SUPERAntiSpyware.exe
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/25 09:14:53 | 000,000,849 | -H-- | C] () -- C:\Documents and Settings\bridge\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/11/25 08:15:35 | 000,000,312 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~eNvA4Ubha3KVTk
[2011/11/25 08:15:35 | 000,000,216 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~eNvA4Ubha3KVTkr
[2011/11/25 08:15:34 | 000,000,831 | -H-- | C] () -- C:\Documents and Settings\bridge\Desktop\System Fix.lnk
[2011/11/25 08:15:26 | 000,000,344 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\eNvA4Ubha3KVTk
[2011/11/21 13:41:41 | 000,000,104 | -H-- | C] () -- C:\Documents and Settings\bridge\Desktop\Shortcut to Internet.lnk
[2011/11/21 13:14:20 | 000,000,803 | RH-- | C] () -- C:\Documents and Settings\bridge\Desktop\Internet Explorer.lnk
[2011/11/21 13:01:27 | 000,001,393 | -H-- | C] () -- C:\WINDOWS\imsins.BAK
[2011/11/21 12:46:41 | 000,000,784 | -H-- | C] () -- C:\Documents and Settings\bridge\My Documents\Malwarebytes' Anti-Malware.lnk
[2011/11/21 12:07:08 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/11/21 12:02:27 | 000,001,945 | -H-- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/11/21 11:24:56 | 000,000,005 | -H-- | C] () -- C:\Documents and Settings\bridge\hjhjhj.html
[2011/11/15 11:59:42 | 000,000,664 | -H-- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/09/30 13:21:11 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2010/06/29 11:03:22 | 000,000,341 | -H-- | C] () -- C:\WINDOWS\dellstat.ini
[2010/06/29 11:02:53 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\dlbcvs.dll
[2010/06/29 11:02:53 | 000,000,373 | -H-- | C] () -- C:\WINDOWS\System32\dlbccoin.ini
[2008/12/08 14:47:47 | 000,027,019 | -H-- | C] () -- C:\WINDOWS\maxlink.ini
[2008/11/18 10:27:33 | 000,000,776 | -H-- | C] () -- C:\Documents and Settings\bridge\Application Data\wklnhst.dat
[2008/10/30 13:09:34 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2008/10/28 11:03:14 | 001,617,920 | -H-- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008/10/28 11:03:14 | 001,019,904 | -H-- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/10/28 11:03:13 | 001,662,976 | -H-- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/10/28 11:03:13 | 000,466,944 | -H-- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/10/28 11:03:11 | 001,470,464 | -H-- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/10/28 11:03:11 | 001,339,392 | -H-- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008/10/28 11:03:11 | 000,581,632 | -H-- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2008/10/28 11:03:11 | 000,286,720 | -H-- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/10/28 11:03:08 | 000,442,368 | -H-- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008/10/28 11:03:08 | 000,425,984 | -H-- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008/10/28 11:03:08 | 000,196,608 | -H-- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2008/10/27 22:58:05 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/10/27 22:53:21 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/10/27 14:47:18 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/10/27 14:46:16 | 000,173,872 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/05/26 23:59:42 | 000,018,904 | -H-- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 23:59:40 | 000,106,605 | -H-- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 12:51:02 | 000,020,698 | -H-- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 12:48:48 | 000,030,628 | -H-- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 12:48:28 | 000,031,698 | -H-- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2005/03/22 13:48:43 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/22 13:48:43 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 05:00:00 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 05:00:00 | 000,484,640 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 05:00:00 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 05:00:00 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 05:00:00 | 000,087,542 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 05:00:00 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 05:00:00 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 05:00:00 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 05:00:00 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 05:00:00 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/03/04 10:16:34 | 000,110,592 | RH-- | C] () -- C:\WINDOWS\System32\Jpeg32.dll

========== LOP Check ==========

[2010/11/27 18:18:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2011/09/04 09:14:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/09/03 17:20:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2011/11/21 11:44:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/12/08 14:46:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2011/08/16 09:27:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/11/27 18:19:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\acccore
[2011/09/03 16:30:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\AVGTOOLBAR
[2011/09/30 13:21:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\CheckPoint
[2008/11/14 14:21:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/10/05 12:14:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\Fomine Software
[2011/09/06 14:18:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\GetRightToGo
[2011/10/21 10:03:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\IObit
[2010/10/01 12:31:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\OpenOffice.org
[2008/12/08 15:00:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\ScanSoft
[2008/11/18 10:27:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\Template
[2008/10/30 12:06:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\Windows Desktop Search
[2008/11/05 10:40:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\Windows Search
[2011/11/28 11:43:19 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011/11/28 09:42:53 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{79623B3E-72FC-401C-834F-64236350CB33}.job

========== Purity Check ==========



========== Custom Scans ==========


< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.sys /90 >
[2011/09/06 08:20:51 | 001,858,944 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/10/27 14:45:36 | 000,094,208 | -H-- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008/10/27 14:45:36 | 000,634,880 | -H-- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008/10/27 14:45:36 | 000,905,216 | -H-- | M] () -- C:\WINDOWS\System32\config\system.sav

< %SYSTEMDRIVE%\*.* >
[2008/10/27 22:55:53 | 000,000,000 | -H-- | M] () -- C:\AUTOEXEC.BAT
[2008/10/27 22:51:13 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2008/10/27 22:55:53 | 000,000,000 | -H-- | M] () -- C:\CONFIG.SYS
[2008/10/27 22:55:53 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/11/27 18:18:13 | 000,000,470 | -H-- | M] () -- C:\IPH.PH
[2008/10/27 22:55:53 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/10/31 14:15:11 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/11/28 11:38:00 | 704,643,072 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2003/07/29 08:27:40 | 000,078,336 | -H-- | M] () -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\DLBCPP5C.DLL
[2008/07/06 07:06:10 | 000,089,088 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2001/11/20 14:37:28 | 000,047,616 | RH-- | M] (Black Ice Software) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\ppbiPr.dll

< %systemroot%\*. /mp /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< >

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\$NtUninstallKB17754$] -> Error: Cannot create file handle -> Unknown point type

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 28th November 2011, 5:01 pm

otl Extra log


OTL Extras logfile created on: 11/28/2011 11:46:53 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\bridge\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.66 Gb Available Physical Memory | 85.53% Memory free
2.45 Gb Paging File | 2.30 Gb Available in Paging File | 93.90% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.46 Gb Total Space | 57.22 Gb Free Space | 80.08% Space Free | Partition Type: NTFS

Computer Name: BYPC3 | User Name: bridge | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FacetCorp\FacetWin\fwagent.exe" = C:\Program Files\FacetCorp\FacetWin\fwagent.exe:*:Enabled:FacetWin Agent -- (FacetCorp)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\xdeep32_40\usr\X11R6\bin\xdeep32.exe" = C:\xdeep32_40\usr\X11R6\bin\xdeep32.exe:*:Enabled:xdeep32 -- ()
"C:\Program Files\OfficePopup\OfficePopup.exe" = C:\Program Files\OfficePopup\OfficePopup.exe:*:Enabled:OfficePopup -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{1C6BB780-7F9E-11D6-86C3-00104B700971}" = Monroe ERIS
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{266C7330-C0F4-49E5-8F20-A56F9F822875}" = SweetIM Toolbar for Internet Explorer 3.3
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{29D4D03C-F70B-43d9-82E4-6E5696FB0D1D}" = IObit Toolbar v4.6
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{5549C19D-46FE-4975-AD54-5B37E87FF6E2}" = SweetIM for Messenger 2.6
"{56839333-0802-40D6-9A50-EBB9EB2BF541}" = AVG 2012
"{5A13987D-55F4-4271-A40E-76AC9B1B38FD}" = OpenOffice.org 3.2
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9D0F85-5658-4A5E-95A9-65F7DB2916EE}" = Broadcom 440x 10/100 Integrated Controller
"{9ED71778-0E56-4760-9FC6-2C29D75100C5}" = Radioshack USB-to-Serial Cable Driver Installer
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{AF499E52-3F6F-420F-A4E9-6341B4246E4B}" = ADP CollectAll Manager
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C252EB7B-7AE0-46DE-9BEE-DF681B885F13}" = Modem Diagnostic Tool
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EBAE7044-5EB0-4220-AC83-F4743F1DF775}" = ADP File Upload
"{FCD9CD52-7222-4672-94A0-A722BA702FD0}" = Dell Resource CD
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AVG8Uninstall" = AVG Free 8.0
"Bridge_Auto_Parts Toolbar" = Bridge Auto Parts Toolbar
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dell Photo Printer 720" = Dell Photo Printer 720
"FacetWinV1" = FacetWin
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox (3.6.23)" = Mozilla Firefox (3.6.23)
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OfficePopup_is1" = OfficePopup 2.44
"QuickButtons_1.0" = QuickButtons 1.61
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"StartNow Toolbar" = StartNow Toolbar
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows XP Service Pack" = Windows XP Service Pack 3
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-725345543-682003330-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/27/2011 1:34:20 PM | Computer Name = BYPC3 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8007043c, P2 beginsearch, P3 search, P4
3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.

Error - 11/27/2011 2:11:42 PM | Computer Name = BYPC3 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8007043c, P2 beginsearch, P3 search, P4
3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.

Error - 11/27/2011 5:56:02 PM | Computer Name = BYPC3 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8007043c, P2 beginsearch, P3 search, P4
3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.

Error - 11/27/2011 6:01:03 PM | Computer Name = BYPC3 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8007043c, P2 beginsearch, P3 search, P4
3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.

Error - 11/28/2011 10:41:55 AM | Computer Name = BYPC3 | Source = MsiInstaller | ID = 11706
Description = Product: Dell Resource CD -- Error 1706.No valid source could be found
for product Dell Resource CD. The Windows Installer cannot continue.

Error - 11/28/2011 10:44:01 AM | Computer Name = BYPC3 | Source = MsiInstaller | ID = 11706
Description = Product: Dell Resource CD -- Error 1706.No valid source could be found
for product Dell Resource CD. The Windows Installer cannot continue.

Error - 11/28/2011 10:44:20 AM | Computer Name = BYPC3 | Source = MsiInstaller | ID = 11706
Description = Product: Dell Resource CD -- Error 1706.No valid source could be found
for product Dell Resource CD. The Windows Installer cannot continue.

Error - 11/28/2011 10:50:25 AM | Computer Name = BYPC3 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0,
P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.

Error - 11/28/2011 11:18:36 AM | Computer Name = BYPC3 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0,
P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.

Error - 11/28/2011 12:48:25 PM | Computer Name = BYPC3 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8007043c, P2 beginsearch, P3 search, P4
3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.

[ System Events ]
Error - 11/28/2011 12:25:08 PM | Computer Name = BYPC3 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AvgLdx86 AvgMfx86 Fips MpFilter Processor SASDIFSV SASKUTIL

Error - 11/28/2011 12:39:54 PM | Computer Name = BYPC3 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AvgLdx86 AvgMfx86 Fips MpFilter Processor SASDIFSV SASKUTIL

Error - 11/28/2011 12:42:31 PM | Computer Name = BYPC3 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 11/28/2011 12:42:37 PM | Computer Name = BYPC3 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/28/2011 12:46:16 PM | Computer Name = BYPC3 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 11/28/2011 12:46:19 PM | Computer Name = BYPC3 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 11/28/2011 12:48:23 PM | Computer Name = BYPC3 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 11/28/2011 12:48:23 PM | Computer Name = BYPC3 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 11/28/2011 12:48:23 PM | Computer Name = BYPC3 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.115.2549.0 Update Source: %%859 Update Stage:
%%852 Source Path: Default URL Signature Type: %%800 Update Type: %%803 User: NT AUTHORITY\SYSTEM

Current
Engine Version: Previous Engine Version: 1.1.7801.0 Error code: 0x8007043c Error
description: This service cannot be started in Safe Mode

Error - 11/28/2011 12:48:32 PM | Computer Name = BYPC3 | Source = Microsoft Antimalware | ID = 1119
Description = %%860 has encountered a critical error when taking action on malware
or other potentially unwanted software. For more information please see the following:
[You must be registered and logged in to see this link.]

Name:
Trojan:DOS/Alureon.E ID: 2147650952 Severity: Severe Category: Trojan Path: boot:_\\.\PHYSICALDRIVE0\Partition3
(Type 17) Detection Origin: %%845 Detection Type: %%822 Detection Source: %%820 User:
NT AUTHORITY\SYSTEM Process Name: Unknown Action: %%808 Action Status: To finish
removing malware and other potentially unwanted software, restart the computer.
To see how to finish removing malware and other potentially unwanted software, see
the support article on the Microsoft Security website. Error Code: 0x800704ec Error
description: Windows cannot open this program because it has been prevented by
a software restriction policy. For more information, open Event Viewer or contact
your system administrator. Signature Version: AV: 1.115.2549.0, AS: 1.115.2549.0,
NIS: 0.0.0.0 Engine Version: AM: 1.1.7801.0, NIS: 0.0.0.0


< End of report >

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by Superdave on 28th November 2011, 8:11 pm

dave please provide the link to download the updates for sas so i can manually install them to the infected computer
Sorry. You can try this link.

* If you encounter any problems while downloading the updates, manually download and unzip them from [You must be registered and logged in to see this link.]

* Open OTL
* Copy and Paste the following text in the codebox into the Custom

Scans/Fixes
window.

Code:
:OTL

O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.6\iobitToolbarIE.dll File not found
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found
O3 - HKU\S-1-5-21-725345543-682003330-839522115-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-725345543-682003330-839522115-1004\..\Toolbar\WebBrowser:
O4 - HKLM..\Run: [yhpfHLuDYLbSnDD.exe] C:\Documents and Settings\All Users\Application Data\yhpfHLuDYLbSnDD.exe File not found

:folders

C:\Documents and Settings\All Users\Application Data\~eNvA4Ubha3KVTk
C:\Documents and Settings\All Users\Application Data\~eNvA4Ubha3KVTkr
C:\Documents and Settings\All Users\Application Data\eNvA4Ubha3KVTk

:COMMANDS
[resethosts]
[purity]
[start explorer]

* Click Run Fix
* OTLI2 may ask to reboot the machine. Please do so if asked.
* Click OK
* A report will open. Copy and Paste that report in your next reply.
******************************************************
Download Security Check by screen317 from one of the following links and save it to your desktop.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
**********************************************************
Please download ComboFix from [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

and save it to your Desktop.
It would be easiest to download using Internet Explorer.
If you want to use Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found [You must be registered and logged in to see this link.]
Double click ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console

Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

If you have problems with ComboFix usage, see [You must be registered and logged in to see this link.]

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 29th November 2011, 3:22 pm

..


Last edited by dannyr on 29th November 2011, 3:53 pm; edited 2 times in total

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 29th November 2011, 3:23 pm

screen317's security check:

Results of screen317's Security Check version 0.99.28
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
AVG Free 8.0
AVG 2012
Microsoft Security Essentials
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
Java(TM) 6 Update 20
Java version out of date!
Adobe Flash Player ( 10.1.85.3) Flash Player out of Date!
Adobe Reader X (10.1.1)
Mozilla Firefox ((3.6.23)) Firefox out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Microsoft Security Client Antimalware MsMpEng.exe
``````````End of Log````````````

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 29th November 2011, 3:25 pm


Update on sas logs 2 attached below

#1:

SUPERAntiSpyware Scan Log
[You must be registered and logged in to see this link.]

Generated 11/28/2011 at 05:15 PM

Application Version : 5.0.1136

Core Rules Database Version : 7988
Trace Rules Database Version: 5800

Scan type : Quick Scan
Total Scan Time : 00:03:40

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 276
Memory threats detected : 0
Registry items scanned : 31329
Registry threats detected : 0
File items scanned : 6968
File threats detected : 0


#2:


SUPERAntiSpyware Scan Log
[You must be registered and logged in to see this link.]

Generated 11/28/2011 at 05:48 PM

Application Version : 5.0.1136

Core Rules Database Version : 7988
Trace Rules Database Version: 5800

Scan type : Complete Scan
Total Scan Time : 00:23:28

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 283
Memory threats detected : 0
Registry items scanned : 35340
Registry threats detected : 0
File items scanned : 90266
File threats detected : 0

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

OTL LOG

Post by dannyr on 29th November 2011, 3:53 pm

HERE IS OTL LOG

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5911488E-9D1E-40ec-8CBB-06B231CC153F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-725345543-682003330-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-725345543-682003330-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\ not found.
File 1-5-21-725345543-682003330-839522115-1004\..\Toolbar\WebBrowser: not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\yhpfHLuDYLbSnDD.exe deleted successfully.
Error: Unable to interpret <:folders> in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 11282011_171750



....


Last edited by dannyr on 29th November 2011, 3:55 pm; edited 1 time in total

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

otl

Post by dannyr on 29th November 2011, 3:54 pm

[You must be registered and logged in to see this link.] wrote:superdave combo fix freezes don't know why

HERE IS OTL LOG ANYWAY:

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5911488E-9D1E-40ec-8CBB-06B231CC153F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-725345543-682003330-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-725345543-682003330-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\ not found.
File 1-5-21-725345543-682003330-839522115-1004\..\Toolbar\WebBrowser: not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\yhpfHLuDYLbSnDD.exe deleted successfully.
Error: Unable to interpret <:folders> in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 11282011_171750



....

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 29th November 2011, 4:49 pm

Dave Combo Fix Freezes

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by Superdave on 29th November 2011, 11:16 pm

please try this.

Let's run a few more scans to see what turns up.

Please download [You must be registered and logged in to see this link.] ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it



Click the "Scan" button to start scan

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives



On completion of the scan click save log, save it to your desktop and post in your next reply

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 30th November 2011, 6:02 pm

Dave:



aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-30 12:56:27
-----------------------------
12:56:27.578 OS Version: Windows 5.1.2600 Service Pack 3
12:56:27.578 Number of processors: 1 586 0x5F02
12:56:27.578 ComputerName: BYPC3 UserName:
12:56:27.968 Initialize success
12:56:38.843 AVAST engine download error: 0
12:56:48.546 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
12:56:48.562 Disk 0 Vendor: WDC_WD800JD-75MSA3 10.01E04 Size: 76293MB BusType: 3
12:56:50.593 Disk 0 MBR read successfully
12:56:50.609 Disk 0 MBR scan
12:56:50.625 Disk 0 Windows XP default MBR code
12:56:50.656 Disk 0 scanning sectors +156249984
12:56:50.718 Disk 0 scanning C:\WINDOWS\system32\drivers
12:56:58.125 Service scanning
12:57:01.171 Modules scanning
12:57:03.750 Disk 0 trace - called modules:
12:57:03.812 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
12:57:03.828 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a4cdab8]
12:57:03.859 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\0000005b[0x8a4fbe98]
12:57:07.140 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a4e5d98]
12:57:07.328 Scan finished successfully
12:57:45.125 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\bridge\Desktop\MBR.dat"
12:57:45.171 The log file has been saved successfully to "C:\Documents and Settings\bridge\Desktop\aswMBRlog.txt"

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 30th November 2011, 7:11 pm

computer still has no internet access

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by Superdave on 30th November 2011, 7:31 pm

Please download [You must be registered and logged in to see this link.] to Desktop and run it.



Checkmark the following boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • List content of Hosts
  • List IP Configuration
  • Lst Last 10 Event Viewer Errors
  • List Users, Partitions and Memory Size

Click Go and copy/paste the log (Result.txt) into your next post. .

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 30th November 2011, 7:46 pm

MiniToolBox by Farbar
Ran by bridge (administrator) on 30-11-2011 at 14:43:19
Microsoft Windows XP Service Pack 3 (X86)

***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=static addr=192.168.40.128 mask=255.255.255.0
set address name="Local Area Connection" gateway=192.168.40.1 gwmetric=0
set dns name="Local Area Connection" source=static addr=none register=PRIMARY
set wins name="Local Area Connection" source=static addr=none


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : BYPC3

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

Physical Address. . . . . . . . . : 00-18-8B-5A-5E-54

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : 192.168.40.128

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.40.1

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 18 8b 5a 5e 54 ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.40.1 192.168.40.128 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.40.0 255.255.255.0 192.168.40.128 192.168.40.128 20
192.168.40.128 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.40.255 255.255.255.255 192.168.40.128 192.168.40.128 20
224.0.0.0 240.0.0.0 192.168.40.128 192.168.40.128 20
255.255.255.255 255.255.255.255 192.168.40.128 192.168.40.128 1
Default Gateway: 192.168.40.1
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/30/2011 01:11:42 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist.

Error: (11/30/2011 01:11:42 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: with error: The server name or address could not be resolved

Error: (11/30/2011 01:10:40 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8007043c, P2 beginsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (11/30/2011 00:57:49 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8007043c, P2 beginsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (11/29/2011 01:42:23 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (11/29/2011 01:33:18 PM) (Source: Windows Search Service) (User: )
Description: The entry in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (11/29/2011 01:33:18 PM) (Source: Windows Search Service) (User: )
Description: The entry in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (11/29/2011 01:33:18 PM) (Source: Windows Search Service) (User: )
Description: The entry in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (11/29/2011 01:33:18 PM) (Source: Windows Search Service) (User: )
Description: The entry in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (11/29/2011 01:33:17 PM) (Source: Windows Search Service) (User: )
Description: The entry in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


System errors:
=============
Error: (11/30/2011 02:42:17 PM) (Source: DCOM) (User: bridge)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (11/30/2011 02:26:37 PM) (Source: DCOM) (User: bridge)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (11/30/2011 02:25:35 PM) (Source: DCOM) (User: bridge)
Description: DCOM got error "%%1084" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (11/30/2011 01:26:24 PM) (Source: Microsoft Antimalware) (User: )
Description: %Trojan:DOS/Alureon.E60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%Trojan:DOS/Alureon.E603

Name: Trojan:DOS/Alureon.E

ID: 2147650952

Severity: %Trojan:DOS/Alureon.E600

Category: %Trojan:DOS/Alureon.E602

Path: 3.0.8402.02

Detection Origin: 3.0.8402.04

Detection Type: 3.0.8402.08

Detection Source: %Trojan:DOS/Alureon.E608

User: {1F753945-F1F5-49E0-9B2F-B629FC26E54C}9

Process Name: %Trojan:DOS/Alureon.E609

Action: {1F753945-F1F5-49E0-9B2F-B629FC26E54C}1

Action Status: {1F753945-F1F5-49E0-9B2F-B629FC26E54C}8

Error Code: {1F753945-F1F5-49E0-9B2F-B629FC26E54C}3

Error description: {1F753945-F1F5-49E0-9B2F-B629FC26E54C}4

Signature Version: 2011-11-30T18:16:21.390Z1

Engine Version: 2011-11-30T18:16:21.390Z2

Error: (11/30/2011 01:10:40 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.115.2549.0

Update Source: %NT AUTHORITY59

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (11/30/2011 01:10:40 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service wuauserv with arguments ""
in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (11/30/2011 01:10:40 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service wuauserv with arguments ""
in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (11/30/2011 01:01:32 PM) (Source: DCOM) (User: bridge)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (11/30/2011 00:58:03 PM) (Source: Microsoft Antimalware) (User: )
Description: %Trojan:DOS/Alureon.E60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%Trojan:DOS/Alureon.E603

Name: Trojan:DOS/Alureon.E

ID: 2147650952

Severity: %Trojan:DOS/Alureon.E600

Category: %Trojan:DOS/Alureon.E602

Path: 3.0.8402.02

Detection Origin: 3.0.8402.04

Detection Type: 3.0.8402.08

Detection Source: %Trojan:DOS/Alureon.E608

User: {44D08B14-2D47-4A83-A9F4-FCF1714FB4EA}9

Process Name: %Trojan:DOS/Alureon.E609

Action: {44D08B14-2D47-4A83-A9F4-FCF1714FB4EA}1

Action Status: {44D08B14-2D47-4A83-A9F4-FCF1714FB4EA}8

Error Code: {44D08B14-2D47-4A83-A9F4-FCF1714FB4EA}3

Error description: {44D08B14-2D47-4A83-A9F4-FCF1714FB4EA}4

Signature Version: 2011-11-30T17:47:59.703Z1

Engine Version: 2011-11-30T17:47:59.703Z2

Error: (11/30/2011 00:57:49 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.115.2549.0

Update Source: %NT AUTHORITY59

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================
Error: (11/30/2011 01:11:42 PM) (Source: crypt32)(User: )
Description: [You must be registered and logged in to see this link.] network connection does not exist.

Error: (11/30/2011 01:11:42 PM) (Source: crypt32)(User: )
Description: [You must be registered and logged in to see this link.] server name or address could not be resolved

Error: (11/30/2011 01:10:40 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8007043cbeginsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (11/30/2011 00:57:49 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8007043cbeginsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (11/29/2011 01:42:23 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (11/29/2011 01:33:18 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\BRIDGE\DESKTOP\REGHRBGRS\PROCESSLISTRELATED.DB

Error: (11/29/2011 01:33:18 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\BRIDGE\DESKTOP\REGHRBGRS\PROCESSLISTRELATED.DB

Error: (11/29/2011 01:33:18 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\BRIDGE\DESKTOP\REGHRBGRS\PROCESSLIST.DB

Error: (11/29/2011 01:33:18 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\BRIDGE\DESKTOP\REGHRBGRS\PROCESSLIST.DB

Error: (11/29/2011 01:33:17 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\BRIDGE\DESKTOP\REGHRBGRS\DETECT.WAV


========================= Memory info: ===================================

Percentage of memory in use: 16%
Total physical RAM: 1982.42 MB
Available physical RAM: 1647.05 MB
Total Pagefile: 2505.46 MB
Available Pagefile: 2327.74 MB
Total Virtual: 2047.88 MB
Available Virtual: 1975.53 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:71.46 GB) (Free:57 GB) NTFS

========================= Users: ========================================

User accounts for \\BYPC3

Administrator bridge Guest
HelpAssistant SUPPORT_388945a0


**** End of log ****

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by Superdave on 30th November 2011, 11:21 pm

This is not the full log. Please run it again and post the complete log.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 2nd December 2011, 2:15 pm

MiniToolBox by Farbar
Ran by bridge (administrator) on 30-11-2011 at 14:43:19
Microsoft Windows XP Service Pack 3 (X86)

***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=static addr=192.168.40.128 mask=255.255.255.0
set address name="Local Area Connection" gateway=192.168.40.1 gwmetric=0
set dns name="Local Area Connection" source=static addr=none register=PRIMARY
set wins name="Local Area Connection" source=static addr=none


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : BYPC3

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

Physical Address. . . . . . . . . : 00-18-8B-5A-5E-54

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : 192.168.40.128

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.40.1

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 18 8b 5a 5e 54 ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.40.1 192.168.40.128 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.40.0 255.255.255.0 192.168.40.128 192.168.40.128 20
192.168.40.128 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.40.255 255.255.255.255 192.168.40.128 192.168.40.128 20
224.0.0.0 240.0.0.0 192.168.40.128 192.168.40.128 20
255.255.255.255 255.255.255.255 192.168.40.128 192.168.40.128 1
Default Gateway: 192.168.40.1
===========================================================================
Persistent Routes:
None

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 2nd December 2011, 2:16 pm


========================= Event log errors: ===============================

Application errors:
==================
Error: (11/30/2011 01:11:42 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist.

Error: (11/30/2011 01:11:42 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: with error: The server name or address could not be resolved

Error: (11/30/2011 01:10:40 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8007043c, P2 beginsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (11/30/2011 00:57:49 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8007043c, P2 beginsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (11/29/2011 01:42:23 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (11/29/2011 01:33:18 PM) (Source: Windows Search Service) (User: )
Description: The entry in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (11/29/2011 01:33:18 PM) (Source: Windows Search Service) (User: )
Description: The entry in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (11/29/2011 01:33:18 PM) (Source: Windows Search Service) (User: )
Description: The entry in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (11/29/2011 01:33:18 PM) (Source: Windows Search Service) (User: )
Description: The entry in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (11/29/2011 01:33:17 PM) (Source: Windows Search Service) (User: )
Description: The entry in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


System errors:
=============
Error: (11/30/2011 02:42:17 PM) (Source: DCOM) (User: bridge)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (11/30/2011 02:26:37 PM) (Source: DCOM) (User: bridge)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (11/30/2011 02:25:35 PM) (Source: DCOM) (User: bridge)
Description: DCOM got error "%%1084" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (11/30/2011 01:26:24 PM) (Source: Microsoft Antimalware) (User: )
Description: %Trojan:DOS/Alureon.E60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%Trojan:DOS/Alureon.E603

Name: Trojan:DOS/Alureon.E

ID: 2147650952

Severity: %Trojan:DOS/Alureon.E600

Category: %Trojan:DOS/Alureon.E602

Path: 3.0.8402.02

Detection Origin: 3.0.8402.04

Detection Type: 3.0.8402.08

Detection Source: %Trojan:DOS/Alureon.E608

User: {1F753945-F1F5-49E0-9B2F-B629FC26E54C}9

Process Name: %Trojan:DOS/Alureon.E609

Action: {1F753945-F1F5-49E0-9B2F-B629FC26E54C}1

Action Status: {1F753945-F1F5-49E0-9B2F-B629FC26E54C}8

Error Code: {1F753945-F1F5-49E0-9B2F-B629FC26E54C}3

Error description: {1F753945-F1F5-49E0-9B2F-B629FC26E54C}4

Signature Version: 2011-11-30T18:16:21.390Z1

Engine Version: 2011-11-30T18:16:21.390Z2

Error: (11/30/2011 01:10:40 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.115.2549.0

Update Source: %NT AUTHORITY59

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (11/30/2011 01:10:40 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service wuauserv with arguments ""
in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (11/30/2011 01:10:40 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service wuauserv with arguments ""
in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (11/30/2011 01:01:32 PM) (Source: DCOM) (User: bridge)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (11/30/2011 00:58:03 PM) (Source: Microsoft Antimalware) (User: )
Description: %Trojan:DOS/Alureon.E60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%Trojan:DOS/Alureon.E603

Name: Trojan:DOS/Alureon.E

ID: 2147650952

Severity: %Trojan:DOS/Alureon.E600

Category: %Trojan:DOS/Alureon.E602

Path: 3.0.8402.02

Detection Origin: 3.0.8402.04

Detection Type: 3.0.8402.08

Detection Source: %Trojan:DOS/Alureon.E608

User: {44D08B14-2D47-4A83-A9F4-FCF1714FB4EA}9

Process Name: %Trojan:DOS/Alureon.E609

Action: {44D08B14-2D47-4A83-A9F4-FCF1714FB4EA}1

Action Status: {44D08B14-2D47-4A83-A9F4-FCF1714FB4EA}8

Error Code: {44D08B14-2D47-4A83-A9F4-FCF1714FB4EA}3

Error description: {44D08B14-2D47-4A83-A9F4-FCF1714FB4EA}4

Signature Version: 2011-11-30T17:47:59.703Z1

Engine Version: 2011-11-30T17:47:59.703Z2

Error: (11/30/2011 00:57:49 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.115.2549.0

Update Source: %NT AUTHORITY59

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================
Error: (11/30/2011 01:11:42 PM) (Source: crypt32)(User: )
Description: [You must be registered and logged in to see this link.] network connection does not exist.

Error: (11/30/2011 01:11:42 PM) (Source: crypt32)(User: )
Description: [You must be registered and logged in to see this link.] server name or address could not be resolved

Error: (11/30/2011 01:10:40 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8007043cbeginsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (11/30/2011 00:57:49 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8007043cbeginsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (11/29/2011 01:42:23 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (11/29/2011 01:33:18 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\BRIDGE\DESKTOP\REGHRBGRS\PROCESSLISTRELATED.DB

Error: (11/29/2011 01:33:18 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\BRIDGE\DESKTOP\REGHRBGRS\PROCESSLISTRELATED.DB

Error: (11/29/2011 01:33:18 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\BRIDGE\DESKTOP\REGHRBGRS\PROCESSLIST.DB

Error: (11/29/2011 01:33:18 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\BRIDGE\DESKTOP\REGHRBGRS\PROCESSLIST.DB

Error: (11/29/2011 01:33:17 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\BRIDGE\DESKTOP\REGHRBGRS\DETECT.WAV


========================= Memory info: ===================================

Percentage of memory in use: 16%
Total physical RAM: 1982.42 MB
Available physical RAM: 1647.05 MB
Total Pagefile: 2505.46 MB
Available Pagefile: 2327.74 MB
Total Virtual: 2047.88 MB
Available Virtual: 1975.53 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:71.46 GB) (Free:57 GB) NTFS

========================= Users: ========================================

User accounts for \\BYPC3

Administrator bridge Guest
HelpAssistant SUPPORT_388945a0


**** End of log ****

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by Superdave on 2nd December 2011, 6:57 pm

Please delete your current version of ComboFix.

Download ComboFix by sUBs from one of the below links. You must rename it before saving it!

Important! You MUST save ComboFix to your desktop

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

Rename ComboFix to Combo-Fix before saving it to the desktop.





Temporarily disable your Anti-virus and any Antispyware real time protection before performing a scan. Click [You must be registered and logged in to see this link.] to see a list of security programs that should be disabled and how to disable them.

Double click on Combo-Fix.exe & follow the prompts.

Vista users Right-Click on Combo-Fix.exe and select Run as administrator (you will receive a UAC prompt, please allow it)

Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

When the scan completes it will open a text window.

Post the contents of that log in your next reply.

Remember to re-enable your Anti-virus and Antispyware protection when ComboFix is complete.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 3rd December 2011, 3:42 pm

superdave i can not get combo fix to work it just hangs, never finishes screen stays blue with blinking underscore What's next?

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by Superdave on 3rd December 2011, 7:27 pm

One more try.

Delete your copy of ComboFix; download a fresh copy, except before you download it, rename it to blackpudding.bat

Navigate to Start --> Run, and enter the following command exactly as shown:

"%userprofile%\desktop\blackpudding.bat" /killall

See if ComboFix will run now.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 3rd December 2011, 9:11 pm

Dave No good it Just "freezes/hangs"

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by Superdave on 4th December 2011, 1:56 am

Ok. Please try to run it in Safe Mode.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 4th December 2011, 7:53 pm

Did Try same Thing Hangs

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by Superdave on 5th December 2011, 2:00 am

Let's see if it will run this one.

Download [You must be registered and logged in to see this link.] to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %SYSTEMDRIVE%\*.exe
    %systemroot%\*. /mp /s
    c:\$recycle.bin\*.* /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    nvstor32.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    explorer.exe
    svchost.exe
    userinit.exe
    qmgr.dll
    ws2_32.dll
    proquota.exe
    imm32.dll
    kernel32.dll
    ndis.sys
    autochk.exe
    spoolsv.exe
    xmlprov.dll
    ntmssvc.dll
    mswsock.dll
    Beep.SYS
    ntfs.sys
    termsrv.dll
    sfcfiles.dll
    st3shark.sys
    ahcix86.sys
    srsvc.dll
    nvrd32.sys
    /md5stop
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time



Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 5th December 2011, 1:43 pm

Dave only one log opened


OTL logfile created on: 12/5/2011 8:16:44 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\bridge\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.53 Gb Available Physical Memory | 79.08% Memory free
2.44 Gb Paging File | 2.16 Gb Available in Paging File | 88.38% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.46 Gb Total Space | 57.34 Gb Free Space | 80.25% Space Free | Partition Type: NTFS
Drive D: | 1.88 Gb Total Space | 1.69 Gb Free Space | 89.97% Space Free | Partition Type: FAT

Computer Name: BYPC3 | User Name: bridge | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/05 08:09:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\bridge\Desktop\OTL.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/11/05 10:59:38 | 000,231,704 | -H-- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/07/27 17:19:00 | 000,282,624 | -H-- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe


========== Modules (No Company Name) ==========

MOD - [2006/08/23 17:12:38 | 000,196,608 | -H-- | M] () -- C:\WINDOWS\system32\nvapi.dll
MOD - [2003/07/29 08:27:40 | 000,078,336 | -H-- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\DLBCPP5C.DLL


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Updater Service for StartNow Toolbar)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- -- (Application Updater)
SRV - [2011/06/26 01:45:56 | 000,256,000 | R--- | M] () [Auto | Stopped] -- C:\blackpudding\pev.3XE -- (PEVSystemStart)
SRV - [2008/11/05 10:59:38 | 000,875,288 | -H-- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2008/11/05 10:59:38 | 000,231,704 | -H-- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)


========== Driver Services (SafeList) ==========

DRV - [2011/07/22 11:27:04 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Documents and Settings\bridge\Desktop\freespywareremoval\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:24 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Documents and Settings\bridge\Desktop\freespywareremoval\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008/11/05 10:59:54 | 000,076,040 | -H-- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008/11/05 10:59:50 | 000,097,928 | -H-- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2008/11/05 10:59:48 | 000,026,824 | -H-- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2006/07/27 17:24:28 | 001,171,464 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/05/17 14:03:24 | 000,044,544 | RH-- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005/10/20 10:59:26 | 000,048,640 | -H-- | M] (Ranioshack Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2003/11/17 18:59:20 | 000,212,224 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 18:58:02 | 000,680,704 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 18:56:26 | 001,042,432 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "ZoneAlarm Security Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2645238&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749"
FF - prefs.js..browser.search.selectedEngine: "ZoneAlarm Security Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: {91da5e8a-3318-4f8c-b67e-5964de3ab546}:3.7.0.6
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.265.2
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=685749&p="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "chrome://browser-region/locale/region.properties"
FF - prefs.js..browser.startup.homepage: "resource:/browserconfig.properties"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2011/09/03 16:30:28 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\Program Files\AVG\AVG8\ToolbarFF [2011/09/03 16:30:28 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/11 08:00:41 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/11 08:00:37 | 000,000,000 | -H-D | M]

[2008/10/30 13:09:32 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\bridge\Application Data\Mozilla\Extensions
[2011/11/21 12:42:33 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\bridge\Application Data\Mozilla\Firefox\Profiles\ns7v42j8.default\extensions
[2011/04/17 11:13:52 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\bridge\Application Data\Mozilla\Firefox\Profiles\ns7v42j8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/11/21 14:46:25 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\bridge\Application Data\Mozilla\Firefox\Profiles\ns7v42j8.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010/11/27 18:18:05 | 000,001,490 | -H-- | M] () -- C:\Documents and Settings\bridge\Application Data\Mozilla\Firefox\Profiles\ns7v42j8.default\searchplugins\AOL Search.xml
[2011/09/30 14:13:44 | 000,001,945 | -H-- | M] () -- C:\Documents and Settings\bridge\Application Data\Mozilla\Firefox\Profiles\ns7v42j8.default\searchplugins\bing-zugo.xml
[2011/09/27 13:10:50 | 000,000,939 | -H-- | M] () -- C:\Documents and Settings\bridge\Application Data\Mozilla\Firefox\Profiles\ns7v42j8.default\searchplugins\conduit.xml
[2011/11/11 08:00:41 | 000,000,000 | -H-D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\BRIDGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NS7V42J8.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
[2011/11/05 01:53:18 | 000,134,104 | -H-- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/10/01 11:27:14 | 000,411,368 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/11/27 18:18:05 | 000,001,490 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\AOL Search.xml
[2011/11/04 22:21:03 | 000,002,252 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/04 22:21:03 | 000,002,040 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2011/11/29 08:54:30 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Bridge Auto Parts Toolbar) - {37d0e5c3-24d6-46bc-86db-72cdb80b13de} - C:\Program Files\Bridge_Auto_Parts\prxtbBrid.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3 - HKLM\..\Toolbar: (Bridge Auto Parts Toolbar) - {37d0e5c3-24d6-46bc-86db-72cdb80b13de} - C:\Program Files\Bridge_Auto_Parts\prxtbBrid.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG, Technologies CZ, s.r.o )
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Bridge Auto Parts Toolbar) - {37D0E5C3-24D6-46BC-86DB-72CDB80B13DE} - C:\Program Files\Bridge_Auto_Parts\prxtbBrid.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG, Technologies CZ, s.r.o )
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe" File not found
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\bridge\Start Menu\Programs\Startup\autoease.lnk = C:\Program Files\FacetCorp\FacetWin\FacetWin Terminal Configurations\autoease.fwt ()
O4 - Startup: C:\Documents and Settings\bridge\Start Menu\Programs\Startup\OfficePopup.lnk = C:\Program Files\OfficePopup\OfficePopup.exe ()
O4 - Startup: C:\Documents and Settings\bridge\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\bridge\Start Menu\Programs\Startup\QuickButtons General.lnk = C:\Program Files\QuickButtons\QuickButtons.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: Web-Based Email Tools [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Documents and Settings\bridge\Desktop\freespywareremoval\SASWINLO.DLL) - C:\Documents and Settings\bridge\Desktop\freespywareremoval\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\bridge\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\bridge\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Documents and Settings\bridge\Desktop\freespywareremoval\SASSEH.DLL (SuperAdBlocker.com)
O32 - Unable to open key or key not present!
O32 - AutoRun File - [2008/10/27 22:55:53 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - C:\blackpudding\pev.3XE ()
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - C:\blackpudding\pev.3XE ()
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: vsmon - Service
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.4
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
Drivers32: wave2 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\WINDOWS\System32\
[2011/12/03 15:51:34 | 000,000,000 | --SD | C] -- C:\blackpudding
[2011/12/03 15:50:47 | 004,326,308 | R--- | C] (Swearware) -- C:\Documents and Settings\bridge\Desktop\blackpudding.bat
[2011/12/03 10:12:10 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/11/30 12:56:20 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\bridge\Desktop\aswMBR.exe
[2011/11/29 10:03:54 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/11/29 10:03:31 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/11/28 17:56:09 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/11/28 17:56:09 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/11/28 17:56:09 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/11/28 17:56:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/11/28 17:56:00 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/11/28 17:17:50 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/11/28 17:14:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\bridge\Desktop\older
[2011/11/28 17:09:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\bridge\Desktop\freespywareremoval
[2011/11/28 11:42:35 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\bridge\Desktop\OTL.exe
[2011/11/28 11:23:59 | 000,607,017 | R--- | C] (Swearware) -- C:\Documents and Settings\bridge\Desktop\dds.pif
[2011/11/28 09:50:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2011/11/28 09:45:32 | 004,617,600 | ---- | C] (SUPERAntiSpyware.com) -- C:\Documents and Settings\bridge\Desktop\SUPERAntiSpyware.exe
[2011/11/28 09:27:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\bridge\Application Data\SUPERAntiSpyware.com
[2011/11/28 09:27:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/11/28 09:19:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\bridge\Desktop\reghrbgrs
[2011/11/28 09:19:34 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\bridge\Desktop\dds.scr
[2011/11/25 16:57:13 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\bridge\Recent
[2011/11/25 09:19:11 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\bridge\Local Settings\Application Data\PCHealth
[2011/11/25 08:15:33 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\bridge\Start Menu\Programs\System Fix
[2011/11/22 09:09:12 | 000,000,000 | -H-D | C] -- C:\Program Files\Conduit
[2011/11/22 09:09:11 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\bridge\Local Settings\Application Data\Bridge_Auto_Parts
[2011/11/22 09:08:59 | 000,000,000 | -H-D | C] -- C:\Program Files\Bridge_Auto_Parts
[2011/11/21 13:51:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/11/21 13:51:22 | 000,000,000 | -H-D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/11/21 13:51:22 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/11/21 13:43:53 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\bridge\Desktop\MASTER
[2011/11/21 13:43:27 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\bridge\Desktop\ALL INTERNET PROTECTION
[2011/11/21 13:42:15 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\bridge\My Documents\New Folder
[2011/11/21 12:36:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Internet Logs
[2011/11/21 11:57:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011/11/16 10:34:56 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Apple Computer
[2011/11/15 13:35:45 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/11/12 19:36:35 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\bridge\Local Settings\Application Data\4b14f1b1
[2011/11/06 17:54:17 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\bridge\My Documents\My Games
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\WINDOWS\System32\
[2011/12/05 08:14:29 | 000,000,882 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc7a2da685e8d4.job
[2011/12/05 08:14:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/05 08:09:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\bridge\Desktop\OTL.exe
[2011/12/04 12:04:01 | 000,000,886 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/04 12:02:23 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{79623B3E-72FC-401C-834F-64236350CB33}.job
[2011/12/03 15:15:34 | 004,326,308 | R--- | M] (Swearware) -- C:\Documents and Settings\bridge\Desktop\blackpudding.bat
[2011/12/02 08:49:09 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/30 14:38:00 | 000,381,631 | ---- | M] () -- C:\Documents and Settings\bridge\Desktop\MiniToolBox.exe
[2011/11/30 12:57:45 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\bridge\Desktop\MBR.dat
[2011/11/30 12:51:50 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\bridge\Desktop\aswMBR.exe
[2011/11/29 10:03:58 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/11/29 08:54:30 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/11/28 18:01:12 | 007,716,864 | ---- | M] () -- C:\Documents and Settings\bridge\Desktop\rc.iso
[2011/11/28 17:26:56 | 000,879,649 | ---- | M] () -- C:\Documents and Settings\bridge\Desktop\SecurityCheck.exe
[2011/11/28 11:13:40 | 000,607,017 | R--- | M] (Swearware) -- C:\Documents and Settings\bridge\Desktop\dds.pif
[2011/11/28 09:11:38 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\bridge\Desktop\dds.scr
[2011/11/25 09:14:54 | 000,000,849 | -H-- | M] () -- C:\Documents and Settings\bridge\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/11/25 08:15:36 | 000,000,312 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~eNvA4Ubha3KVTk
[2011/11/25 08:15:35 | 000,000,216 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~eNvA4Ubha3KVTkr
[2011/11/25 08:15:34 | 000,000,831 | -H-- | M] () -- C:\Documents and Settings\bridge\Desktop\System Fix.lnk
[2011/11/25 08:15:26 | 000,000,344 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\eNvA4Ubha3KVTk
[2011/11/25 08:13:26 | 000,081,191 | -H-- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/11/23 19:32:00 | 000,000,284 | -H-- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/11/21 14:52:29 | 000,484,640 | -H-- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/21 14:52:29 | 000,087,542 | -H-- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/21 13:41:41 | 000,000,104 | -H-- | M] () -- C:\Documents and Settings\bridge\Desktop\Shortcut to Internet.lnk
[2011/11/21 13:16:49 | 000,000,111 | -H-- | M] () -- C:\Documents and Settings\All Users\Documents\sys28076.bin
[2011/11/21 13:14:20 | 000,000,803 | RH-- | M] () -- C:\Documents and Settings\bridge\Desktop\Internet Explorer.lnk
[2011/11/21 13:01:29 | 000,001,393 | -H-- | M] () -- C:\WINDOWS\imsins.BAK
[2011/11/21 12:46:41 | 000,000,784 | -H-- | M] () -- C:\Documents and Settings\bridge\My Documents\Malwarebytes' Anti-Malware.lnk
[2011/11/21 12:17:52 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\2985366603
[2011/11/21 12:02:27 | 000,001,945 | -H-- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/11/21 11:24:56 | 000,000,005 | -H-- | M] () -- C:\Documents and Settings\bridge\hjhjhj.html
[2011/11/20 13:27:44 | 000,000,664 | -H-- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/11/07 13:04:38 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Documents and Settings\bridge\Desktop\SUPERAntiSpyware.exe
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/30 14:42:30 | 000,381,631 | ---- | C] () -- C:\Documents and Settings\bridge\Desktop\MiniToolBox.exe
[2011/11/30 12:57:45 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\bridge\Desktop\MBR.dat
[2011/11/29 10:03:58 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/11/29 10:03:56 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/11/28 18:09:18 | 007,716,864 | ---- | C] () -- C:\Documents and Settings\bridge\Desktop\rc.iso
[2011/11/28 17:56:09 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/11/28 17:56:09 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/11/28 17:56:09 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/11/28 17:56:09 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/11/28 17:56:09 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/11/28 17:31:43 | 000,879,649 | ---- | C] () -- C:\Documents and Settings\bridge\Desktop\SecurityCheck.exe
[2011/11/25 09:14:53 | 000,000,849 | -H-- | C] () -- C:\Documents and Settings\bridge\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/11/25 08:15:35 | 000,000,312 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~eNvA4Ubha3KVTk
[2011/11/25 08:15:35 | 000,000,216 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~eNvA4Ubha3KVTkr
[2011/11/25 08:15:34 | 000,000,831 | -H-- | C] () -- C:\Documents and Settings\bridge\Desktop\System Fix.lnk
[2011/11/25 08:15:26 | 000,000,344 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\eNvA4Ubha3KVTk
[2011/11/21 13:41:41 | 000,000,104 | -H-- | C] () -- C:\Documents and Settings\bridge\Desktop\Shortcut to Internet.lnk
[2011/11/21 13:14:20 | 000,000,803 | RH-- | C] () -- C:\Documents and Settings\bridge\Desktop\Internet Explorer.lnk
[2011/11/21 13:01:27 | 000,001,393 | -H-- | C] () -- C:\WINDOWS\imsins.BAK
[2011/11/21 12:46:41 | 000,000,784 | -H-- | C] () -- C:\Documents and Settings\bridge\My Documents\Malwarebytes' Anti-Malware.lnk
[2011/11/21 12:02:27 | 000,001,945 | -H-- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/11/21 11:24:56 | 000,000,005 | -H-- | C] () -- C:\Documents and Settings\bridge\hjhjhj.html
[2011/11/15 11:59:42 | 000,000,664 | -H-- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/09/30 13:21:11 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2010/06/29 11:03:22 | 000,000,341 | -H-- | C] () -- C:\WINDOWS\dellstat.ini
[2010/06/29 11:02:53 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\dlbcvs.dll
[2010/06/29 11:02:53 | 000,000,373 | -H-- | C] () -- C:\WINDOWS\System32\dlbccoin.ini
[2008/12/08 14:47:47 | 000,027,019 | -H-- | C] () -- C:\WINDOWS\maxlink.ini
[2008/11/18 10:27:33 | 000,000,776 | -H-- | C] () -- C:\Documents and Settings\bridge\Application Data\wklnhst.dat
[2008/10/30 13:09:34 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2008/10/28 11:03:14 | 001,617,920 | -H-- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008/10/28 11:03:14 | 001,019,904 | -H-- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/10/28 11:03:13 | 001,662,976 | -H-- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/10/28 11:03:13 | 000,466,944 | -H-- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/10/28 11:03:11 | 001,470,464 | -H-- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/10/28 11:03:11 | 001,339,392 | -H-- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008/10/28 11:03:11 | 000,581,632 | -H-- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2008/10/28 11:03:11 | 000,286,720 | -H-- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/10/28 11:03:08 | 000,442,368 | -H-- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008/10/28 11:03:08 | 000,425,984 | -H-- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008/10/28 11:03:08 | 000,196,608 | -H-- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2008/10/27 22:58:05 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/10/27 22:53:21 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/10/27 14:47:18 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/10/27 14:46:16 | 000,173,872 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/05/26 23:59:42 | 000,018,904 | -H-- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 23:59:40 | 000,106,605 | -H-- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 12:51:02 | 000,020,698 | -H-- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 12:48:48 | 000,030,628 | -H-- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 12:48:28 | 000,031,698 | -H-- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2005/03/22 13:48:43 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/22 13:48:43 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 05:00:00 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 05:00:00 | 000,484,640 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 05:00:00 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 05:00:00 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 05:00:00 | 000,087,542 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 05:00:00 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 05:00:00 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 05:00:00 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 05:00:00 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 05:00:00 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/03/04 10:16:34 | 000,110,592 | RH-- | C] () -- C:\WINDOWS\System32\Jpeg32.dll

========== LOP Check ==========

[2010/11/27 18:18:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2011/09/04 09:14:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/09/03 17:20:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2011/11/21 11:44:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/12/08 14:46:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2011/08/16 09:27:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/11/27 18:19:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\acccore
[2011/09/03 16:30:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\AVGTOOLBAR
[2011/09/30 13:21:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\CheckPoint
[2008/11/14 14:21:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/10/05 12:14:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\Fomine Software
[2011/09/06 14:18:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\GetRightToGo
[2011/10/21 10:03:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\IObit
[2010/10/01 12:31:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\OpenOffice.org
[2008/12/08 15:00:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\ScanSoft
[2008/11/18 10:27:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\Template
[2008/10/30 12:06:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\Windows Desktop Search
[2008/11/05 10:40:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\bridge\Application Data\Windows Search
[2011/12/04 12:02:23 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{79623B3E-72FC-401C-834F-64236350CB33}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %systemroot%\*. /mp /s >

< c:\$recycle.bin\*.* /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-23 13:13:52


< MD5 for: AGP440.SYS >
[2004/08/04 05:00:00 | 018,738,937 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/10/31 14:11:08 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/10/31 14:11:08 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 13:36:38 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 05:00:00 | 018,738,937 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/10/31 14:11:08 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/10/31 14:11:08 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 05:00:00 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008/04/13 19:12:12 | 000,588,800 | -H-- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008/04/13 19:12:12 | 000,588,800 | -H-- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2004/08/04 05:00:00 | 000,588,800 | -H-- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: BEEP.SYS >
[2004/08/04 05:00:00 | 000,004,224 | -H-- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2004/08/04 05:00:00 | 000,004,224 | -H-- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 19:11:53 | 000,056,320 | -H-- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 19:11:53 | 000,056,320 | -H-- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 05:00:00 | 000,055,808 | -H-- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | -H-- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | -H-- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 06:26:03 | 001,033,216 | -H-- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 05:23:07 | 001,033,216 | -H-- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/04 05:00:00 | 001,032,192 | -H-- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: IASTOR.SYS >
[2006/05/11 11:30:52 | 000,247,808 | -H-- | M] (Intel Corporation) MD5=294110966CEDD127629C5BE48367C8CF -- C:\WINDOWS\dell\iastor\iastor.sys

< MD5 for: IMM32.DLL >
[2008/04/13 19:11:54 | 000,110,080 | -H-- | M] (Microsoft Corporation) MD5=0DA85218E92526972A821587E6A8BF8F -- C:\WINDOWS\ServicePackFiles\i386\imm32.dll
[2008/04/13 19:11:54 | 000,110,080 | -H-- | M] (Microsoft Corporation) MD5=0DA85218E92526972A821587E6A8BF8F -- C:\WINDOWS\system32\imm32.dll
[2004/08/04 05:00:00 | 000,110,080 | -H-- | M] (Microsoft Corporation) MD5=87CA7CE6469577F059297B9D6556D66D -- C:\WINDOWS\$NtServicePackUninstall$\imm32.dll

< MD5 for: KERNEL32.DLL >
[2007/04/16 11:07:27 | 000,986,112 | -H-- | M] (Microsoft Corporation) MD5=09F7CB3687F86EDAA4CA081F7AB66C03 -- C:\WINDOWS\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[2004/08/04 05:00:00 | 000,983,552 | -H-- | M] (Microsoft Corporation) MD5=888190E31455FAD793312F8D087146EB -- C:\WINDOWS\$NtUninstallKB935839$\kernel32.dll
[2007/04/16 10:52:53 | 000,984,576 | -H-- | M] (Microsoft Corporation) MD5=A01F9CA902A88F7CED06884174D6419D -- C:\WINDOWS\$NtServicePackUninstall$\kernel32.dll
[2009/03/21 09:06:58 | 000,989,696 | -H-- | M] (Microsoft Corporation) MD5=B921FB870C9AC0D509B2CCABBBBE95F3 -- C:\Documents and Settings\bridge\Local Settings\Temp\kernel32.dll
[2009/03/21 09:06:58 | 000,989,696 | -H-- | M] (Microsoft Corporation) MD5=B921FB870C9AC0D509B2CCABBBBE95F3 -- C:\WINDOWS\system32\dllcache\kernel32.dll
[2009/03/21 09:06:58 | 000,989,696 | -H-- | M] (Microsoft Corporation) MD5=B921FB870C9AC0D509B2CCABBBBE95F3 -- C:\WINDOWS\system32\kernel32.dll
[2008/04/13 19:11:56 | 000,989,696 | -H-- | M] (Microsoft Corporation) MD5=C24B983D211C34DA8FCC1AC38477971D -- C:\WINDOWS\$NtUninstallKB959426$\kernel32.dll
[2008/04/13 19:11:56 | 000,989,696 | -H-- | M] (Microsoft Corporation) MD5=C24B983D211C34DA8FCC1AC38477971D -- C:\WINDOWS\ServicePackFiles\i386\kernel32.dll
[2009/03/21 08:59:23 | 000,991,744 | -H-- | M] (Microsoft Corporation) MD5=DA11D9D6ECBDF0F93436A4B7C13F7BEC -- C:\WINDOWS\$hf_mig$\KB959426\SP3QFE\kernel32.dll

< MD5 for: MSWSOCK.DLL >
[2008/06/20 12:41:10 | 000,245,248 | -H-- | M] (Microsoft Corporation) MD5=097722F235A1FB698BF9234E01B52637 -- C:\WINDOWS\$NtServicePackUninstall$\mswsock.dll
[2008/06/20 12:36:11 | 000,245,248 | -H-- | M] (Microsoft Corporation) MD5=1DFCA7713EA5A70D5D93B436AEA0317A -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[2004/08/04 05:00:00 | 000,245,248 | -H-- | M] (Microsoft Corporation) MD5=4E74AF063C3271FBEA20DD940CFD1184 -- C:\WINDOWS\$NtUninstallKB951748_0$\mswsock.dll
[2008/06/20 12:46:57 | 000,245,248 | -H-- | M] (Microsoft Corporation) MD5=832E4DD8964AB7ACC880B2837CB1ED20 -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[2008/06/20 12:46:57 | 000,245,248 | -H-- | M] (Microsoft Corporation) MD5=832E4DD8964AB7ACC880B2837CB1ED20 -- C:\WINDOWS\$NtUninstallKB2509553$\mswsock.dll
[2008/06/20 11:02:47 | 000,245,248 | -H-- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2008/06/20 11:02:47 | 000,245,248 | -H-- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\mswsock.dll
[2008/04/13 19:12:01 | 000,245,248 | -H-- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll
[2008/04/13 19:12:01 | 000,245,248 | -H-- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\ServicePackFiles\i386\mswsock.dll
[2008/06/20 12:43:05 | 000,245,248 | -H-- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[2008/06/20 12:43:05 | 000,245,248 | -H-- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll

< MD5 for: NDIS.SYS >
[2008/04/13 14:20:37 | 000,182,656 | -H-- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008/04/13 14:20:37 | 000,182,656 | -H-- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008/04/13 14:20:37 | 000,182,656 | -H-- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004/08/04 05:00:00 | 000,182,912 | -H-- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:01 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 05:00:00 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NTFS.SYS >
[2007/02/09 06:23:36 | 000,574,976 | -H-- | M] (Microsoft Corporation) MD5=05AB81909514BFD69CBB1F2C147CF6B9 -- C:\WINDOWS\$hf_mig$\KB930916\SP2QFE\ntfs.sys
[2007/02/09 06:10:35 | 000,574,464 | -H-- | M] (Microsoft Corporation) MD5=19A811EF5F1ED5C926A028CE107FF1AF -- C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys
[2008/04/13 14:15:53 | 000,574,976 | -H-- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
[2008/04/13 14:15:53 | 000,574,976 | -H-- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\dllcache\ntfs.sys
[2008/04/13 14:15:53 | 000,574,976 | -H-- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004/08/03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\NTFS.SYS
[2004/08/04 05:00:00 | 000,574,592 | -H-- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\$NtUninstallKB930916$\ntfs.sys

< MD5 for: NTMSSVC.DLL >
[2008/04/13 19:12:02 | 000,435,200 | -H-- | M] (Microsoft Corporation) MD5=156F64A3345BD23C600655FB4D10BC08 -- C:\WINDOWS\ServicePackFiles\i386\ntmssvc.dll
[2008/04/13 19:12:02 | 000,435,200 | -H-- | M] (Microsoft Corporation) MD5=156F64A3345BD23C600655FB4D10BC08 -- C:\WINDOWS\system32\dllcache\ntmssvc.dll
[2008/04/13 19:12:02 | 000,435,200 | -H-- | M] (Microsoft Corporation) MD5=156F64A3345BD23C600655FB4D10BC08 -- C:\WINDOWS\system32\ntmssvc.dll
[2004/08/04 05:00:00 | 000,435,200 | -H-- | M] (Microsoft Corporation) MD5=B62F29C00AC55A761B2E45877D85EA0F -- C:\WINDOWS\$NtServicePackUninstall$\ntmssvc.dll

< MD5 for: NVATABUS.SYS >
[2006/03/16 19:51:32 | 000,099,840 | -H-- | M] (NVIDIA Corporation) MD5=B7FB72492B753930EC70A0F49D04F12F -- C:\WINDOWS\dell\nvraid\NvAtaBus.sys

< MD5 for: PROQUOTA.EXE >
[2004/08/04 05:00:00 | 000,050,176 | -H-- | M] (Microsoft Corporation) MD5=4D9D45A4370E0C2AD00C362B7118E2A4 -- C:\WINDOWS\$NtServicePackUninstall$\proquota.exe
[2008/04/13 19:12:32 | 000,050,176 | -H-- | M] (Microsoft Corporation) MD5=F6465A2EEF75468988A4FCF124148FA8 -- C:\WINDOWS\ServicePackFiles\i386\proquota.exe
[2008/04/13 19:12:32 | 000,050,176 | -H-- | M] (Microsoft Corporation) MD5=F6465A2EEF75468988A4FCF124148FA8 -- C:\WINDOWS\system32\dllcache\proquota.exe
[2008/04/13 19:12:32 | 000,050,176 | -H-- | M] (Microsoft Corporation) MD5=F6465A2EEF75468988A4FCF124148FA8 -- C:\WINDOWS\system32\proquota.exe

< MD5 for: QMGR.DLL >
[2004/08/04 05:00:00 | 000,382,464 | -H-- | M] (Microsoft Corporation) MD5=2C69EC7E5A311334D10DD95F338FCCEA -- C:\WINDOWS\$NtServicePackUninstall$\qmgr.dll
[2008/04/13 19:12:03 | 000,409,088 | -H-- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\ServicePackFiles\i386\qmgr.dll
[2008/04/13 19:12:03 | 000,409,088 | -H-- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\system32\bits\qmgr.dll
[2008/04/13 19:12:03 | 000,409,088 | -H-- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\system32\qmgr.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 05:00:00 | 000,180,224 | -H-- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | -H-- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | -H-- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SFCFILES.DLL >
[2004/08/04 05:00:00 | 001,580,544 | -H-- | M] (Microsoft Corporation) MD5=30A609E00BD1D4FFC49D6B5A432BE7F2 -- C:\WINDOWS\$NtServicePackUninstall$\sfcfiles.dll
[2008/04/13 19:12:05 | 001,614,848 | -H-- | M] (Microsoft Corporation) MD5=9DD07AF82244867CA36681EA2D29CE79 -- C:\WINDOWS\ServicePackFiles\i386\sfcfiles.dll
[2008/04/13 19:12:05 | 001,614,848 | -H-- | M] (Microsoft Corporation) MD5=9DD07AF82244867CA36681EA2D29CE79 -- C:\WINDOWS\system32\sfcfiles.dll

< MD5 for: SPOOLSV.EXE >
[2010/08/17 08:19:36 | 000,058,880 | -H-- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010/08/17 08:17:06 | 000,058,880 | -H-- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010/08/17 08:17:06 | 000,058,880 | -H-- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
[2004/08/04 05:00:00 | 000,057,856 | -H-- | M] (Microsoft Corporation) MD5=7435B108B935E42EA92CA94F59C8E717 -- C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe
[2005/06/10 19:17:13 | 000,057,856 | -H-- | M] (Microsoft Corporation) MD5=AD3D9D191AEA7B5445FE1D82FFBB4788 -- C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[2008/04/13 19:12:36 | 000,057,856 | -H-- | M] (Microsoft Corporation) MD5=D8E14A61ACC1D4A6CD0D38AEBAC7FA3B -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
[2008/04/13 19:12:36 | 000,057,856 | -H-- | M] (Microsoft Corporation) MD5=D8E14A61ACC1D4A6CD0D38AEBAC7FA3B -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
[2005/06/10 18:53:32 | 000,057,856 | -H-- | M] (Microsoft Corporation) MD5=DA81EC57ACD4CDC3D4C51CF3D409AF9F -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe

< MD5 for: SRSVC.DLL >
[2008/04/13 19:12:07 | 000,171,008 | -H-- | M] (Microsoft Corporation) MD5=3805DF0AC4296A34BA4BF93B346CC378 -- C:\WINDOWS\ServicePackFiles\i386\srsvc.dll
[2008/04/13 19:12:07 | 000,171,008 | -H-- | M] (Microsoft Corporation) MD5=3805DF0AC4296A34BA4BF93B346CC378 -- C:\WINDOWS\system32\srsvc.dll
[2004/08/04 05:00:00 | 000,170,496 | -H-- | M] (Microsoft Corporation) MD5=92BDF74F12D6CBEC43C94D4B7F804838 -- C:\WINDOWS\$NtServicePackUninstall$\srsvc.dll

< MD5 for: SVCHOST.EXE >
[2008/04/13 19:12:36 | 000,014,336 | -H-- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | -H-- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 05:00:00 | 000,014,336 | -H-- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TERMSRV.DLL >
[2004/08/04 05:00:00 | 000,295,424 | -H-- | M] (Microsoft Corporation) MD5=B60C877D16D9C880B952FDA04ADF16E6 -- C:\WINDOWS\$NtServicePackUninstall$\termsrv.dll
[2008/04/13 19:12:07 | 000,295,424 | -H-- | M] (Microsoft Corporation) MD5=FF3477C03BE7201C294C35F684B3479F -- C:\WINDOWS\ServicePackFiles\i386\termsrv.dll
[2008/04/13 19:12:07 | 000,295,424 | -H-- | M] (Microsoft Corporation) MD5=FF3477C03BE7201C294C35F684B3479F -- C:\WINDOWS\system32\termsrv.dll

< MD5 for: USERINIT.EXE >
[2004/08/04 05:00:00 | 000,024,576 | -H-- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | -H-- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | -H-- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WS2_32.DLL >
[2008/04/13 19:12:10 | 000,082,432 | -H-- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008/04/13 19:12:10 | 000,082,432 | -H-- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2004/08/04 05:00:00 | 000,082,944 | -H-- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll

< MD5 for: XMLPROV.DLL >
[2008/04/13 19:12:11 | 000,129,024 | -H-- | M] (Microsoft Corporation) MD5=295D21F14C335B53CB8154E5B1F892B9 -- C:\WINDOWS\ServicePackFiles\i386\xmlprov.dll
[2008/04/13 19:12:11 | 000,129,024 | -H-- | M] (Microsoft Corporation) MD5=295D21F14C335B53CB8154E5B1F892B9 -- C:\WINDOWS\system32\dllcache\xmlprov.dll
[2008/04/13 19:12:11 | 000,129,024 | -H-- | M] (Microsoft Corporation) MD5=295D21F14C335B53CB8154E5B1F892B9 -- C:\WINDOWS\system32\xmlprov.dll
[2004/08/04 05:00:00 | 000,129,536 | -H-- | M] (Microsoft Corporation) MD5=EEF46DAB68229A14DA3D8E73C99E2959 -- C:\WINDOWS\$NtServicePackUninstall$\xmlprov.dll

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by Superdave on 5th December 2011, 8:29 pm

I didn't notice this before but you have three AV programs on your computer. Please make sure that only one is active at any time.
Code:
AVG Free 8.0
AVG 2012
Microsoft Security Essentials

Save these instructions so you can have access to them while in Safe Mode.

Please click [You must be registered and logged in to see this link.] to download AVP Tool by Kaspersky.

  • Save it to your desktop.
  • Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
  • Double click the setup file to run it.
  • Click Next to continue.
  • Accept the License agreement and click on next.
  • It will, by default, install it to your desktop folder. Click Next.
  • It will then open a box There will be a tab that says Automatic scan.
  • Under Automatic scan make sure these are checked.

  • Hidden Startup Objects
  • System Memory
  • Disk Boot Sectors.
  • My Computer.
  • Also any other drives (Removable that you may have)

Leave the rest of the settings as they appear as default.
•Then click on Scan at the to right hand Corner.
•It will automatically Neutralize any objects found.
•If some objects are left un-neutralized then click the button that says Neutralize all
•If it says it cannot be neutralized then choose the delete option when prompted.
•After that is done click on the reports button at the bottom and save it to file name it Kas.
•Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.

Note: This tool will self uninstall when you close it so please save the log before closing it.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 6th December 2011, 3:57 pm

Status: Disinfected (events: 2)
12/5/2011 5:01:44 PM Disinfected Trojan program Trojan.Java.Agent.aw C:\Documents and Settings\bridge\Application Data\Sun\Java\Deployment\cache\6.0\39\f0cf627-4d4353d6 High
12/5/2011 5:01:44 PM Disinfected Trojan program Trojan.Java.Agent.aw C:\Documents and Settings\bridge\Application Data\Sun\Java\Deployment\cache\6.0\39\f0cf627-4d4353d6/photo/Zoom.class High
Status: Deleted (events: 15)
12/5/2011 5:02:01 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\bridge\Application Data\Sun\Java\Deployment\cache\6.0\62\5024297e-1ce32825 High
12/5/2011 5:02:00 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\bridge\Application Data\Sun\Java\Deployment\cache\6.0\62\5024297e-340a640c High
12/5/2011 5:02:01 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\bridge\Application Data\Sun\Java\Deployment\cache\6.0\62\5024297e-3a37770b High
12/5/2011 5:02:14 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\bridge\Application Data\Sun\Java\Deployment\cache\6.0\62\5024297e-478853da High
12/5/2011 5:02:14 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\bridge\Application Data\Sun\Java\Deployment\cache\6.0\62\5024297e-615c8bc2 High
12/5/2011 5:02:13 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\bridge\Application Data\Sun\Java\Deployment\cache\6.0\62\5024297e-66e8ac51 High
12/5/2011 5:41:00 PM Deleted Trojan program Trojan-FakeAV.Win32.PrivacyProtection.p C:\System Volume Information\_restore{6E11A063-E14D-47A5-8222-91CFCD97CBD6}\RP738\A0057179.lnk High
12/5/2011 5:41:01 PM Deleted Trojan program Trojan-FakeAV.Win32.PrivacyProtection.p C:\System Volume Information\_restore{6E11A063-E14D-47A5-8222-91CFCD97CBD6}\RP748\A0067196.lnk High
12/5/2011 5:41:15 PM Deleted Trojan program Trojan-FakeAV.Win32.PrivacyProtection.p C:\System Volume Information\_restore{6E11A063-E14D-47A5-8222-91CFCD97CBD6}\RP749\A0068265.lnk High
12/5/2011 5:41:15 PM Deleted Trojan program Trojan-FakeAV.Win32.PrivacyProtection.p C:\System Volume Information\_restore{6E11A063-E14D-47A5-8222-91CFCD97CBD6}\RP749\A0068269.lnk High
12/5/2011 5:49:14 PM Deleted Trojan program Trojan-FakeAV.Win32.FakeRecovery.ag C:\System Volume Information\_restore{6E11A063-E14D-47A5-8222-91CFCD97CBD6}\RP764\A0072479.exe High
12/5/2011 5:49:18 PM Deleted Trojan program Trojan-FakeAV.Win32.FakeRecovery.ag C:\System Volume Information\_restore{6E11A063-E14D-47A5-8222-91CFCD97CBD6}\RP768\A0074588.exe High
12/5/2011 5:49:15 PM Deleted Trojan program Trojan-FakeAV.Win32.FakeRecovery.ag C:\System Volume Information\_restore{6E11A063-E14D-47A5-8222-91CFCD97CBD6}\RP768\A0074589.exe High
12/5/2011 5:50:56 PM Deleted Trojan program Trojan-FakeAV.Win32.FakeRecovery.ag C:\System Volume Information\_restore{6E11A063-E14D-47A5-8222-91CFCD97CBD6}\RP771\A0084712.exe High
12/5/2011 5:50:56 PM Deleted Trojan program Trojan-FakeAV.Win32.FakeRecovery.ag C:\System Volume Information\_restore{6E11A063-E14D-47A5-8222-91CFCD97CBD6}\RP771\A0084712.exe//PE-Crypt.XorPE High

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 6th December 2011, 4:40 pm

Status: Disinfected (events: 1)
12/6/2011 11:38:09 AM Disinfected Trojan program Rootkit.Boot.SST.b \Device\Harddisk0\DR0 High

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 6th December 2011, 6:07 pm

ComboFix 11-12-03.01 - bridge 12/06/2011 12:31:49.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1982.1651 [GMT -5:00]
Running from: c:\documents and settings\bridge\desktop\blackpudding.bat
Command switches used :: /killall
AV: AVG *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Application Data\TEMP\DFC5A2B2.TMP
c:\documents and settings\bridge\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
c:\documents and settings\bridge\Application Data\Mozilla\Firefox\Profiles\ns7v42j8.default\searchplugins\bing-zugo.xml
c:\documents and settings\bridge\Desktop\blackpudding.bat
c:\documents and settings\bridge\Desktop\System Fix.lnk
c:\documents and settings\bridge\Start Menu\Programs\System Fix
c:\documents and settings\bridge\Start Menu\Programs\System Fix\System Fix.lnk
c:\documents and settings\bridge\Start Menu\Programs\System Fix\Uninstall System Fix.lnk
c:\documents and settings\bridge\WINDOWS
c:\windows\iun6002.exe
c:\windows\system32\
c:\windows\system32\usmt\migwiz_a.exe
.
c:\windows\system32\drivers\cdrom.sys was missing
Restored copy from - c:\windows\system32\dllcache\cdrom.sys
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_Updater_Service_for_StartNow_Toolbar
-------\Service_Updater Service for StartNow Toolbar
.
.
((((((((((((((((((((((((( Files Created from 2011-11-06 to 2011-12-06 )))))))))))))))))))))))))))))))
.
.
2011-12-06 17:36 . 2008-04-13 16:40 62976 -c--a-w- c:\windows\system32\dllcache\cdrom.sys
2011-12-06 17:36 . 2008-04-13 16:40 62976 ----a-w- c:\windows\system32\drivers\cdrom.sys
2011-12-05 21:00 . 2011-12-06 03:19 133208 ----a-w- c:\windows\system32\drivers\42227559.sys
2011-11-28 22:17 . 2011-11-28 22:17 -------- d-----w- C:\_OTL
2011-11-28 14:50 . 2011-11-28 14:50 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2011-11-28 14:27 . 2011-11-28 14:27 -------- d-----w- c:\documents and settings\bridge\Application Data\SUPERAntiSpyware.com
2011-11-28 14:27 . 2011-11-28 14:27 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-11-25 14:57 . 2011-11-25 14:57 -------- d--h--w- c:\documents and settings\Administrator
2011-11-25 14:19 . 2011-11-25 14:19 -------- d--h--w- c:\documents and settings\bridge\Local Settings\Application Data\PCHealth
2011-11-22 14:09 . 2011-11-22 14:09 -------- d--h--w- c:\program files\Conduit
2011-11-22 14:09 . 2011-11-22 14:09 -------- d--h--w- c:\documents and settings\bridge\Local Settings\Application Data\Bridge_Auto_Parts
2011-11-22 14:08 . 2011-11-22 14:09 -------- d--h--w- c:\program files\Bridge_Auto_Parts
2011-11-21 18:51 . 2011-11-21 19:56 -------- d--h--w- c:\program files\Spybot - Search & Destroy
2011-11-21 18:51 . 2011-11-21 19:47 -------- d--h--w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2011-11-21 18:25 . 2011-11-21 18:25 -------- d--h--w- c:\windows\AF499E523F6F420FA4E96341B4246E4B.TMP
2011-11-21 17:36 . 2011-11-21 17:36 -------- d--h--w- c:\windows\Internet Logs
2011-11-21 17:03 . 2010-10-19 20:51 222080 ---h--w- c:\windows\system32\MpSigStub.exe
2011-11-21 16:48 . 2011-11-21 16:48 -------- d--h--w- c:\windows\system32\wbem\Repository
2011-11-16 15:34 . 2011-11-16 15:34 -------- d--h--w- c:\documents and settings\LocalService\Local Settings\Application Data\Apple Computer
2011-11-13 00:36 . 2011-11-21 21:52 -------- d-sh--w- c:\documents and settings\bridge\Local Settings\Application Data\4b14f1b1
2011-11-11 13:00 . 2011-11-05 06:53 134104 ---ha-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-11-11 13:00 . 2011-11-05 06:53 89048 ---ha-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-11-11 13:00 . 2011-11-05 06:53 801752 ---ha-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-11-11 13:00 . 2011-11-05 06:53 478168 ---ha-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-11-11 13:00 . 2011-11-05 06:53 1989592 ---ha-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-11-11 13:00 . 2011-11-05 06:53 15832 ---ha-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-11-11 13:00 . 2011-11-05 03:21 2106216 ---ha-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-11-11 13:00 . 2011-11-05 03:21 1998168 ---ha-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-10 14:22 . 2008-10-28 03:53 692736 ---ha-w- c:\windows\system32\inetcomm.dll
2011-09-30 18:21 . 2011-09-30 18:21 0 -c-ha-w- c:\windows\system32\ConduitEngine.tmp
2011-09-28 07:06 . 2004-08-04 10:00 599040 ---ha-w- c:\windows\system32\crypt32.dll
2011-09-26 15:41 . 2008-07-30 00:59 611328 ---ha-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 15:41 . 2004-08-04 10:00 220160 ---ha-w- c:\windows\system32\oleacc.dll
2011-09-26 15:41 . 2004-08-04 10:00 20480 ---ha-w- c:\windows\system32\oleaccrc.dll
2011-11-05 06:53 . 2011-11-11 13:00 134104 ---ha-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{37d0e5c3-24d6-46bc-86db-72cdb80b13de}]
2011-05-09 08:49 176936 ---ha-w- c:\program files\Bridge_Auto_Parts\prxtbBrid.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{37d0e5c3-24d6-46bc-86db-72cdb80b13de}"= "c:\program files\Bridge_Auto_Parts\prxtbBrid.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{37d0e5c3-24d6-46bc-86db-72cdb80b13de}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{37D0E5C3-24D6-46BC-86DB-72CDB80B13DE}"= "c:\program files\Bridge_Auto_Parts\prxtbBrid.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{37d0e5c3-24d6-46bc-86db-72cdb80b13de}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-23 7630848]
"nwiz"="nwiz.exe" [2006-08-23 1617920]
"SigmatelSysTrayApp"="stsystra.exe" [2006-07-27 282624]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-08-23 86016]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-27 1261336]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2004-04-14 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2004-04-14 40960]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
c:\documents and settings\bridge\Start Menu\Programs\Startup\
autoease.lnk - c:\program files\FacetCorp\FacetWin\FacetWin Terminal Configurations\autoease.fwt [2008-10-28 1650]
OfficePopup.lnk - c:\program files\OfficePopup\OfficePopup.exe [2010-10-5 671744]
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
QuickButtons General.lnk - c:\program files\QuickButtons\QuickButtons.exe [2005-12-13 501912]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\documents and settings\bridge\Desktop\freespywareremoval\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\documents and settings\bridge\Desktop\freespywareremoval\SASWINLO.DLL
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\FacetCorp\\FacetWin\\fwagent.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\xdeep32_40\\usr\\X11R6\\bin\\xdeep32.exe"=
"c:\\Program Files\\OfficePopup\\OfficePopup.exe"=
.
R0 42227559;42227559;c:\windows\system32\drivers\42227559.sys [12/5/2011 4:00 PM 133208]
R1 SASDIFSV;SASDIFSV;c:\documents and settings\bridge\Desktop\freespywareremoval\sasdifsv.sys [11/28/2011 5:09 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\documents and settings\bridge\Desktop\freespywareremoval\SASKUTIL.SYS [11/28/2011 5:09 PM 67664]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [11/5/2008 10:59 AM 231704]
R2 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [11/5/2008 10:59 AM 76040]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [11/5/2008 10:59 AM 97928]
S2 Application Updater;Application Updater;"c:\program files\Application Updater\ApplicationUpdater.exe" --> c:\program files\Application Updater\ApplicationUpdater.exe [?]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [11/5/2008 10:59 AM 875288]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/6/2010 3:15 PM 135664]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/6/2010 3:15 PM 135664]
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]
.
2011-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc7a2da685e8d4.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 20:14]
.
2011-12-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 20:14]
.
2011-12-05 c:\windows\Tasks\User_Feed_Synchronization-{79623B3E-72FC-401C-834F-64236350CB33}.job
- c:\windows\system32\msfeedssync.exe [2007-08-14 08:31]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
uSearchAssistant = [You must be registered and logged in to see this link.]
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
DPF: Web-Based Email Tools - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\documents and settings\bridge\Application Data\Mozilla\Firefox\Profiles\ns7v42j8.default\
FF - prefs.js: browser.search.defaulturl - [You must be registered and logged in to see this link.]
FF - prefs.js: browser.search.selectedEngine - ZoneAlarm Security Customized Web Search
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKCU-Run-Messenger (Yahoo!) - ~c:\program files\Yahoo!\Messenger\YahooMessenger.exe
HKLM-Run-SearchSettings - c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe
AddRemove-QuickButtons_1.0 - c:\windows\iun6002.exe
AddRemove-StartNow Toolbar - c:\program files\StartNow Toolbar\StartNowToolbarUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-12-06 12:51
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(620)
c:\documents and settings\bridge\Desktop\freespywareremoval\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
- - - - - - - > 'explorer.exe'(3864)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\windows\stsystra.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2011-12-06 12:57:39 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-06 17:57
.
Pre-Run: 61,111,017,472 bytes free
Post-Run: 61,275,541,504 bytes free
.
- - End Of File - - 886415CE89356F7D9166B27E9D34CE92

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by Superdave on 6th December 2011, 8:12 pm

Please go to [You must be registered and logged in to see this link.]
(If more than one file needs scanned they must be done separately and links posted for each one)

* Copy the file path in the below Code box:

Code:
c:\windows\system32\drivers\42227559.sys
 

* At the upload site, click once inside the window next to Browse.
* Press Ctrl+V on the keyboard (both at the same time) to paste the file path into the window.
* Next click Submit file
* Your file will possibly be entered into a queue which normally takes less than a minute to clear.
* This will perform a scan across multiple different virus scanning engines.
* Important: Wait for all of the scanning engines to complete.
* Once the scan is finished, Copy and then Paste the link in the address bar into your next reply.
*******************************************************

  • Download [You must be registered and logged in to see this link.] and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • Click the Report button and copy/paste the contents of it into your next reply
Note:It will also create a log in the C:\ directory..

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 6th December 2011, 8:28 pm

computer infected still has no access to the internet Jotti's malware scan
dont work control v dont work

I will do the tdsskiller though

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 6th December 2011, 8:34 pm

15:32:03.0343 0108 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
15:32:03.0343 0108 ============================================================
15:32:03.0343 0108 Current date / time: 2011/12/06 15:32:03.0343
15:32:03.0343 0108 SystemInfo:
15:32:03.0343 0108
15:32:03.0343 0108 OS Version: 5.1.2600 ServicePack: 3.0
15:32:03.0343 0108 Product type: Workstation
15:32:03.0343 0108 ComputerName: BYPC3
15:32:03.0359 0108 UserName: bridge
15:32:03.0359 0108 Windows directory: C:\WINDOWS
15:32:03.0359 0108 System windows directory: C:\WINDOWS
15:32:03.0359 0108 Processor architecture: Intel x86
15:32:03.0359 0108 Number of processors: 1
15:32:03.0359 0108 Page size: 0x1000
15:32:03.0359 0108 Boot type: Normal boot
15:32:03.0359 0108 ============================================================
15:32:04.0500 0108 Initialize success
15:32:13.0125 1996 ============================================================
15:32:13.0125 1996 Scan started
15:32:13.0125 1996 Mode: Manual;
15:32:13.0125 1996 ============================================================
15:32:13.0500 1996 42227559 (186b54479d98e48aee0e9ada4b3c4d31) C:\WINDOWS\system32\DRIVERS\42227559.sys
15:32:13.0515 1996 42227559 - ok
15:32:13.0546 1996 Abiosdsk - ok
15:32:13.0562 1996 abp480n5 - ok
15:32:13.0593 1996 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:32:13.0593 1996 ACPI - ok
15:32:13.0640 1996 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
15:32:13.0640 1996 ACPIEC - ok
15:32:13.0656 1996 adpu160m - ok
15:32:13.0687 1996 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:32:13.0687 1996 aec - ok
15:32:13.0750 1996 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:32:13.0750 1996 AFD - ok
15:32:13.0765 1996 Aha154x - ok
15:32:13.0781 1996 aic78u2 - ok
15:32:13.0781 1996 aic78xx - ok
15:32:13.0796 1996 AliIde - ok
15:32:13.0812 1996 amsint - ok
15:32:13.0828 1996 asc - ok
15:32:13.0843 1996 asc3350p - ok
15:32:13.0859 1996 asc3550 - ok
15:32:13.0906 1996 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:32:13.0906 1996 AsyncMac - ok
15:32:13.0921 1996 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:32:13.0921 1996 atapi - ok
15:32:13.0937 1996 Atdisk - ok
15:32:13.0953 1996 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:32:13.0953 1996 Atmarpc - ok
15:32:14.0000 1996 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:32:14.0000 1996 audstub - ok
15:32:14.0062 1996 AvgLdx86 (b02fbfa2ff91e8778a08f9a6053ccbe3) C:\WINDOWS\System32\Drivers\avgldx86.sys
15:32:14.0062 1996 AvgLdx86 - ok
15:32:14.0078 1996 AvgMfx86 (37a7618a843bb15b5430103c9945dc4c) C:\WINDOWS\System32\Drivers\avgmfx86.sys
15:32:14.0078 1996 AvgMfx86 - ok
15:32:14.0140 1996 AvgTdiX (c81db4dd6e6e650bf90bda09a00acc94) C:\WINDOWS\System32\Drivers\avgtdix.sys
15:32:14.0140 1996 AvgTdiX - ok
15:32:14.0187 1996 bcm4sbxp (78e7b52da292fa90bad2f887bbf22159) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
15:32:14.0187 1996 bcm4sbxp - ok
15:32:14.0234 1996 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:32:14.0234 1996 Beep - ok
15:32:14.0250 1996 catchme - ok
15:32:14.0296 1996 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:32:14.0296 1996 cbidf2k - ok
15:32:14.0312 1996 cd20xrnt - ok
15:32:14.0343 1996 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:32:14.0343 1996 Cdaudio - ok
15:32:14.0406 1996 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:32:14.0406 1996 Cdfs - ok
15:32:14.0453 1996 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
15:32:14.0453 1996 cercsr6 - ok
15:32:14.0468 1996 Changer - ok
15:32:14.0484 1996 CmdIde - ok
15:32:14.0515 1996 Cpqarray - ok
15:32:14.0515 1996 dac2w2k - ok
15:32:14.0531 1996 dac960nt - ok
15:32:14.0593 1996 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:32:14.0593 1996 Disk - ok
15:32:14.0640 1996 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
15:32:14.0656 1996 dmboot - ok
15:32:14.0687 1996 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
15:32:14.0687 1996 dmio - ok
15:32:14.0718 1996 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:32:14.0718 1996 dmload - ok
15:32:14.0765 1996 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:32:14.0765 1996 DMusic - ok
15:32:14.0781 1996 dpti2o - ok
15:32:14.0812 1996 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:32:14.0812 1996 drmkaud - ok
15:32:14.0828 1996 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:32:14.0843 1996 Fastfat - ok
15:32:14.0859 1996 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
15:32:14.0859 1996 Fdc - ok
15:32:14.0890 1996 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
15:32:14.0890 1996 Fips - ok
15:32:14.0906 1996 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
15:32:14.0906 1996 Flpydisk - ok
15:32:14.0937 1996 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
15:32:14.0937 1996 FltMgr - ok
15:32:14.0953 1996 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:32:14.0953 1996 Fs_Rec - ok
15:32:14.0984 1996 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:32:15.0000 1996 Ftdisk - ok
15:32:15.0015 1996 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:32:15.0015 1996 Gpc - ok
15:32:15.0078 1996 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:32:15.0078 1996 HDAudBus - ok
15:32:15.0093 1996 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:32:15.0093 1996 hidusb - ok
15:32:15.0125 1996 hpn - ok
15:32:15.0171 1996 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
15:32:15.0187 1996 HSFHWBS2 - ok
15:32:15.0250 1996 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
15:32:15.0281 1996 HSF_DP - ok
15:32:15.0343 1996 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:32:15.0343 1996 HTTP - ok
15:32:15.0359 1996 i2omgmt - ok
15:32:15.0375 1996 i2omp - ok
15:32:15.0406 1996 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
15:32:15.0406 1996 i8042prt - ok
15:32:15.0421 1996 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:32:15.0421 1996 Imapi - ok
15:32:15.0453 1996 ini910u - ok
15:32:15.0453 1996 IntelIde - ok
15:32:15.0500 1996 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
15:32:15.0500 1996 Ip6Fw - ok
15:32:15.0531 1996 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:32:15.0531 1996 IpFilterDriver - ok
15:32:15.0562 1996 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:32:15.0562 1996 IpInIp - ok
15:32:15.0609 1996 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:32:15.0609 1996 IpNat - ok
15:32:15.0625 1996 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:32:15.0625 1996 IPSec - ok
15:32:15.0671 1996 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:32:15.0671 1996 IRENUM - ok
15:32:15.0687 1996 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:32:15.0687 1996 isapnp - ok
15:32:15.0703 1996 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:32:15.0703 1996 Kbdclass - ok
15:32:15.0703 1996 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:32:15.0703 1996 kbdhid - ok
15:32:15.0750 1996 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:32:15.0750 1996 kmixer - ok
15:32:15.0796 1996 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:32:15.0796 1996 KSecDD - ok
15:32:15.0812 1996 lbrtfdc - ok
15:32:15.0843 1996 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
15:32:15.0843 1996 mdmxsdk - ok
15:32:15.0875 1996 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:32:15.0890 1996 mnmdd - ok
15:32:15.0921 1996 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
15:32:15.0921 1996 Modem - ok
15:32:15.0953 1996 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
15:32:15.0968 1996 MODEMCSA - ok
15:32:16.0000 1996 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:32:16.0000 1996 Mouclass - ok
15:32:16.0046 1996 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:32:16.0046 1996 mouhid - ok
15:32:16.0062 1996 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:32:16.0062 1996 MountMgr - ok
15:32:16.0078 1996 mraid35x - ok
15:32:16.0093 1996 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:32:16.0093 1996 MRxDAV - ok
15:32:16.0156 1996 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:32:16.0156 1996 MRxSmb - ok
15:32:16.0171 1996 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:32:16.0171 1996 Msfs - ok
15:32:16.0218 1996 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:32:16.0218 1996 MSKSSRV - ok
15:32:16.0234 1996 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:32:16.0234 1996 MSPCLOCK - ok
15:32:16.0250 1996 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:32:16.0250 1996 MSPQM - ok
15:32:16.0281 1996 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:32:16.0281 1996 mssmbios - ok
15:32:16.0328 1996 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:32:16.0328 1996 Mup - ok
15:32:16.0375 1996 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:32:16.0390 1996 NDIS - ok
15:32:16.0437 1996 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:32:16.0437 1996 NdisTapi - ok
15:32:16.0453 1996 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:32:16.0453 1996 Ndisuio - ok
15:32:16.0468 1996 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:32:16.0468 1996 NdisWan - ok
15:32:16.0484 1996 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:32:16.0484 1996 NDProxy - ok
15:32:16.0500 1996 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:32:16.0500 1996 NetBIOS - ok
15:32:16.0515 1996 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:32:16.0515 1996 NetBT - ok
15:32:16.0578 1996 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:32:16.0578 1996 Npfs - ok
15:32:16.0625 1996 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:32:16.0656 1996 Ntfs - ok
15:32:16.0718 1996 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
15:32:16.0718 1996 NuidFltr - ok
15:32:16.0750 1996 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:32:16.0750 1996 Null - ok
15:32:16.0890 1996 nv (15a6306a0b958bf60f09688d0ee70479) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:32:17.0000 1996 nv - ok
15:32:17.0046 1996 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:32:17.0046 1996 NwlnkFlt - ok
15:32:17.0062 1996 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:32:17.0062 1996 NwlnkFwd - ok
15:32:17.0093 1996 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
15:32:17.0093 1996 Parport - ok
15:32:17.0109 1996 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:32:17.0109 1996 PartMgr - ok
15:32:17.0140 1996 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
15:32:17.0140 1996 ParVdm - ok
15:32:17.0156 1996 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
15:32:17.0156 1996 PCI - ok
15:32:17.0171 1996 PCIDump - ok
15:32:17.0187 1996 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:32:17.0203 1996 PCIIde - ok
15:32:17.0218 1996 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:32:17.0218 1996 Pcmcia - ok
15:32:17.0234 1996 PDCOMP - ok
15:32:17.0250 1996 PDFRAME - ok
15:32:17.0250 1996 PDRELI - ok
15:32:17.0265 1996 PDRFRAME - ok
15:32:17.0281 1996 perc2 - ok
15:32:17.0296 1996 perc2hib - ok
15:32:17.0343 1996 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:32:17.0343 1996 PptpMiniport - ok
15:32:17.0359 1996 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
15:32:17.0359 1996 Processor - ok
15:32:17.0375 1996 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:32:17.0375 1996 PSched - ok
15:32:17.0390 1996 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:32:17.0390 1996 Ptilink - ok
15:32:17.0406 1996 ql1080 - ok
15:32:17.0421 1996 Ql10wnt - ok
15:32:17.0421 1996 ql12160 - ok
15:32:17.0437 1996 ql1240 - ok
15:32:17.0453 1996 ql1280 - ok
15:32:17.0468 1996 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:32:17.0468 1996 RasAcd - ok
15:32:17.0484 1996 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:32:17.0484 1996 Rasl2tp - ok
15:32:17.0500 1996 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:32:17.0500 1996 RasPppoe - ok
15:32:17.0531 1996 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:32:17.0531 1996 Raspti - ok
15:32:17.0562 1996 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:32:17.0578 1996 Rdbss - ok
15:32:17.0578 1996 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:32:17.0578 1996 RDPCDD - ok
15:32:17.0640 1996 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
15:32:17.0640 1996 RDPWD - ok
15:32:17.0687 1996 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:32:17.0687 1996 redbook - ok
15:32:17.0875 1996 SASDIFSV (39763504067962108505bff25f024345) C:\Documents and Settings\bridge\Desktop\freespywareremoval\SASDIFSV.SYS
15:32:17.0875 1996 SASDIFSV - ok
15:32:17.0890 1996 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Documents and Settings\bridge\Desktop\freespywareremoval\SASKUTIL.SYS
15:32:17.0890 1996 SASKUTIL - ok
15:32:17.0968 1996 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:32:17.0968 1996 Secdrv - ok
15:32:18.0046 1996 Ser2pl (bdee4dcb4790f254528f1fd7bad213b3) C:\WINDOWS\system32\DRIVERS\ser2pl.sys
15:32:18.0046 1996 Ser2pl - ok
15:32:18.0093 1996 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
15:32:18.0109 1996 Serenum - ok
15:32:18.0140 1996 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
15:32:18.0140 1996 Serial - ok
15:32:18.0187 1996 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:32:18.0187 1996 Sfloppy - ok
15:32:18.0203 1996 Simbad - ok
15:32:18.0218 1996 Sparrow - ok
15:32:18.0234 1996 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:32:18.0234 1996 splitter - ok
15:32:18.0296 1996 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
15:32:18.0296 1996 sr - ok
15:32:18.0359 1996 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:32:18.0375 1996 Srv - ok
15:32:18.0453 1996 STHDA (8990440e4b2a7ca5a56a1833b03741fd) C:\WINDOWS\system32\drivers\sthda.sys
15:32:18.0468 1996 STHDA - ok
15:32:18.0484 1996 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:32:18.0484 1996 swenum - ok
15:32:18.0531 1996 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:32:18.0531 1996 swmidi - ok
15:32:18.0562 1996 symc810 - ok
15:32:18.0562 1996 symc8xx - ok
15:32:18.0578 1996 sym_hi - ok
15:32:18.0593 1996 sym_u3 - ok
15:32:18.0609 1996 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:32:18.0609 1996 sysaudio - ok
15:32:18.0671 1996 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:32:18.0671 1996 Tcpip - ok
15:32:18.0718 1996 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:32:18.0718 1996 TDPIPE - ok
15:32:18.0734 1996 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:32:18.0734 1996 TDTCP - ok
15:32:18.0781 1996 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:32:18.0781 1996 TermDD - ok
15:32:18.0796 1996 TosIde - ok
15:32:18.0843 1996 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:32:18.0843 1996 Udfs - ok
15:32:18.0859 1996 ultra - ok
15:32:18.0921 1996 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:32:18.0953 1996 Update - ok
15:32:18.0984 1996 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:32:19.0000 1996 usbccgp - ok
15:32:19.0031 1996 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:32:19.0031 1996 usbehci - ok
15:32:19.0046 1996 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:32:19.0046 1996 usbhub - ok
15:32:19.0093 1996 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
15:32:19.0093 1996 usbohci - ok
15:32:19.0125 1996 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:32:19.0125 1996 usbprint - ok
15:32:19.0187 1996 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:32:19.0187 1996 usbscan - ok
15:32:19.0250 1996 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:32:19.0250 1996 usbstor - ok
15:32:19.0265 1996 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:32:19.0265 1996 VgaSave - ok
15:32:19.0281 1996 ViaIde - ok
15:32:19.0281 1996 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
15:32:19.0296 1996 VolSnap - ok
15:32:19.0343 1996 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:32:19.0343 1996 Wanarp - ok
15:32:19.0406 1996 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
15:32:19.0421 1996 Wdf01000 - ok
15:32:19.0421 1996 WDICA - ok
15:32:19.0468 1996 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:32:19.0468 1996 wdmaud - ok
15:32:19.0546 1996 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
15:32:19.0562 1996 winachsf - ok
15:32:19.0640 1996 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
15:32:19.0750 1996 \Device\Harddisk0\DR0 - ok
15:32:19.0765 1996 Boot (0x1200) (4c3f6e8e4bdaddebee4e4974504edfe5) \Device\Harddisk0\DR0\Partition0
15:32:19.0765 1996 \Device\Harddisk0\DR0\Partition0 - ok
15:32:19.0765 1996 ============================================================
15:32:19.0765 1996 Scan finished
15:32:19.0765 1996 ============================================================
15:32:19.0781 0240 Detected object count: 0
15:32:19.0781 0240 Actual detected object count: 0

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by Superdave on 7th December 2011, 2:25 am

Sorry. I didn't know that you still couldn't access the net. Are you using a wireless connection? Did you try resetting your modem?

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 7th December 2011, 6:09 pm

just tried no good

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by Superdave on 7th December 2011, 7:08 pm

[You must be registered and logged in to see this link.] wrote:just tried no good
Is it wireless or wired?

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by dannyr on 7th December 2011, 7:13 pm

wired

dannyr
Novice
Novice

Posts Posts : 39
Joined Joined : 2011-11-25
OS OS : windows xp
Points Points : 18993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: need help with->DOS/ALUREON.E

Post by Superdave on 7th December 2011, 7:48 pm

A device attached to the system is not functioning. (0x8007001f)
This showed up when you ran MiniToolBox. Could you please check your Device Manager to see if there are any yellow question marks there. Yet, it also shows that the signal is getting through.

Download [You must be registered and logged in to see this link.] to fix broken LSP chain for XP (if needed).

  • Double click on WinsockXPFix.
  • Click Fix.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Page 1 of 2 1, 2  Next

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum