Thread: Help!! CPU running slow, yellow triangle w/ exclamation pt and constant pop-ups
View Single Post
Old 05-01-2007, 06:30 PM   #10 (permalink)
angelgirl30
Registered User
 
Join Date: Apr 2007
Posts: 17
OS: windows xp


Re: Help!! CPU running slow, yellow triangle w/ exclamation pt and constant pop-ups
Hi again,

I carefully followed all of your instructions. I really appreciate all of your help.
The only step I was unable to follow is that I could not post the Suspicious File Packer CAB archive to the bleepingcomputer.com site because when I clicked on the link, the page came up as 401 error (page not found). Also the Panda scan did not detect any viruses/spyware.

Here are the requested logs:

C:\Combofix.txt Log:

"Carla" - 07-05-01 15:52:09 Service Pack 2
ComboFix 07-04-25.4V - Running from: "C:\Documents and Settings\Carla\Desktop\"
Command switches used :: "/v pmkjj ddcyy jwrvpfsk uxeynipk jkhhg user_32 WER8274 MSIXU"


(((((((((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\uxeynipk.dll
C:\WINDOWS\system32\jkhhg.dll
C:\WINDOWS\system32\user_32.dll
C:\WINDOWS\system32\WER8274.dll
C:\WINDOWS\system32\MSIXU.dll
C:\WINDOWS\system32\yycdd.bak1
C:\WINDOWS\system32\yycdd.bak2
C:\WINDOWS\system32\yycdd.ini
C:\WINDOWS\system32\kpinyexu.ini
C:\WINDOWS\system32\ghhkj.ini
C:\WINDOWS\system32\ddcyy.dll


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



((((((((((((((((((((((((((((((( Files Created from 2007-04-01 to 2007-05-01 ))))))))))))))))))))))))))))))))))


2007-05-01 15:49 2,232 --a------ C:\WINDOWS\system32\tmp.reg
2007-05-01 15:48 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-05-01 15:48 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-05-01 15:48 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-05-01 15:41 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-04-28 19:44 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-04-25 15:22 <DIR> d-------- C:\Deckard
2007-04-25 15:02 <DIR> d-------- C:\Program Files\SpywareBlaster
2007-04-24 22:29 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-04-24 21:28 208,998 --a------ C:\WINDOWS\system32\rsnujvrb.exe
2007-04-24 21:28 2,068 --a------ C:\WINDOWS\system32\glcpyjca.exe
2007-04-23 21:28 208,998 --a------ C:\WINDOWS\system32\jbwwgvfq.exe
2007-04-23 21:28 2,068 --a------ C:\WINDOWS\system32\iwkhtqfn.exe
2007-04-23 17:29 45,056 -ra------ C:\WINDOWS\retadpu2000340.exe
2007-04-22 15:13 208,998 --a------ C:\WINDOWS\system32\nfwjbqfj.exe
2007-04-22 15:13 2,068 --a------ C:\WINDOWS\system32\gdgawoss.exe
2007-04-22 15:13 2,068 --a------ C:\WINDOWS\system32\ctgidxii.exe
2007-04-21 15:13 208,998 --a------ C:\WINDOWS\system32\vgqvkxjj.exe
2007-04-21 15:13 2,068 --a------ C:\WINDOWS\system32\jwrvpfsk.exe
2007-04-20 15:24 18,432 --a------ C:\WINDOWS\sysrlb32.exe
2007-04-20 15:13 208,998 --a------ C:\WINDOWS\system32\ceofmyyt.exe
2007-04-20 15:13 2,068 --a------ C:\WINDOWS\system32\mmhgssdc.exe
2007-04-20 15:06 4 --a------ C:\WINDOWS\system32\stfv.bin
2007-04-20 15:06 12 --a------ C:\WINDOWS\system32\sl.bin
2007-04-20 15:05 9,984 --a------ C:\WINDOWS\saiemod.dll
2007-04-20 15:05 9,472 --a------ C:\WINDOWS\salm.exe
2007-04-20 15:05 8,960 --a------ C:\WINDOWS\voiceip.dll
2007-04-20 15:05 31,232 --a------ C:\WINDOWS\180ax.exe
2007-04-20 15:05 25,856 --a------ C:\WINDOWS\vxddsk.exe
2007-04-20 15:05 25,344 --a------ C:\WINDOWS\updatetc.exe
2007-04-20 15:05 24,320 --a------ C:\WINDOWS\bjam.dll
2007-04-20 15:05 23,296 --a------ C:\WINDOWS\7search.dll
2007-04-20 15:05 22,528 --a------ C:\WINDOWS\mspphe.dll
2007-04-20 15:05 22,016 --a------ C:\WINDOWS\flt.dll
2007-04-20 15:05 21,760 --a------ C:\WINDOWS\stcloader.exe
2007-04-20 15:05 21,504 --a------ C:\WINDOWS\system32\msnhlp32.dll
2007-04-20 15:05 20,992 --a------ C:\WINDOWS\satmat.exe
2007-04-20 15:05 19,456 --a------ C:\WINDOWS\system32\wml.exe
2007-04-20 15:05 19,456 --a------ C:\WINDOWS\pbar.dll
2007-04-20 15:05 17,408 --a------ C:\WINDOWS\system32\tmrsrv32.exe
2007-04-20 15:05 17,152 --a------ C:\WINDOWS\swin32.dll
2007-04-20 15:05 16,896 --a------ C:\WINDOWS\wml.exe
2007-04-20 15:05 16,128 --a------ C:\WINDOWS\cdsm32.dll
2007-04-20 15:05 14,848 --a------ C:\WINDOWS\system32\vxddsk.exe
2007-04-20 15:05 14,848 --a------ C:\WINDOWS\SUSP.exe
2007-04-20 15:05 12 --a------ C:\WINDOWS\system32\gtv_sd.bin
2007-04-20 15:05 11,008 --a------ C:\WINDOWS\bokja.exe
2007-04-20 15:04 81,412 --a------ C:\WINDOWS\system32\idleserv.exe
2007-04-12 20:31 1,141 --a------ C:\WINDOWS\checkip.dat


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-04-30 22:35 -------- d-------- C:\Program Files\ewido anti-spyware 4.0
2007-04-24 23:17 -------- d-------- C:\Program Files\msn messenger
2007-04-24 23:12 -------- d-------- C:\Program Files\free sticky notes
2007-04-23 21:26 -------- d-------- C:\Program Files\lx_cats
2007-04-15 12:43 -------- d-------- C:\Program Files\tclockex
2007-03-17 09:43 292864 --a------ C:\WINDOWS\system32\winsrv.dll
2007-03-15 10:08 101438 --a------ C:\WINDOWS\b122.exe
2007-03-08 11:36 577536 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 11:36 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 11:36 281600 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 09:47 1843584 --a------ C:\WINDOWS\system32\win32k.sys
2007-02-05 16:17 185344 --a------ C:\WINDOWS\system32\upnphost.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
{125399A6-E13D-42CE-A021-7F9069A79440} c:\windows\fonts\pcreg.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{9394EDE7-C8B5-483E-8773-474BF36AF6E4} C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-ca\msntb.dll
{c2dace2d-f27f-4591-97be-10c379cef2e6} C:\WINDOWS\system32\lprcmd.dll [x]
{C3F16958-9601-43E3-AC3C-6E89762079Ec} C:\WINDOWS\system32\lbymhjxa.dll [x]
{D651AFF4-9590-424d-BD1E-8E33E090DFB3} C:\WINDOWS\system32\qbyprbfn.dll [x]
{EEFBE5D6-FEFF-4CB4-AA26-6A464090CB89} C:\WINDOWS\system32\msnhlp32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SoundMan"="SOUNDMAN.EXE"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"LXBSCATS"="rundll32 C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\LXBStime.dll,_RunDLLEntry@16"
"Logitech Utility"="Logi_MwX.Exe"
"RoxioDragToDisc"="\"C:\\Program Files\\Roxio\\Easy Media Creator 7\\Drag to Disc\\DrgToDsc.exe\""
"InfoData"="rundll32.exe \"C:\\WINDOWS\\system32\\uxeynipk.dll\",realset"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"DS Clock"="\"C:\\Program Files\\DS Clock\\dsclock.exe\""
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"ares"="\"C:\\Program Files\\Ares\\bak\\Ares.exe\" -h"
"Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\lprcmd
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pcreg

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0


[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0

*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_AVGASCLN

********************************************************************

catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-05-01 1645
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


********************************************************************

Completion time: 07-05-01 16:08:04 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 07-05-01 16:08
C:\ComboFix2.txt ... 07-04-28 19:44

------------------------------------------------------------


C:\Rapport.txt log:

SmitFraudFix v2.171

Scan done at 15:49:10.29, 01/05/2007
Run from C:\Documents and Settings\Carla\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ares\bak\Ares.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Corel\Suite8\Programs\DAD8.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Free Sticky Notes\freenote.exe
C:\VSTASCAN\vsaccess.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Samsung ML-2010 Series\CommonSM\ssmsrvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\susp.exe FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Carla


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Carla\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Carla\FAVORI~1


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: SiS 900-Based PCI Fast Ethernet Adapter - Packet Scheduler Miniport
DNS Server Search Order: 24.222.0.94
DNS Server Search Order: 24.222.0.95

HKLM\SYSTEM\CCS\Services\Tcpip\..\{9A8263D9-14C4-47C3-85CB-BB6E08033BE1}: DhcpNameServer=85.255.114.27,85.255.112.89
HKLM\SYSTEM\CCS\Services\Tcpip\..\{B62F5280-93C3-49B9-B79E-8533122DAC8C}: DhcpNameServer=85.255.114.27,85.255.112.89
HKLM\SYSTEM\CCS\Services\Tcpip\..\{F191F77D-DE21-46B2-8C44-C9B6A0810F41}: DhcpNameServer=24.222.0.94 24.222.0.95
HKLM\SYSTEM\CS2\Services\Tcpip\..\{9A8263D9-14C4-47C3-85CB-BB6E08033BE1}: DhcpNameServer=85.255.114.27,85.255.112.89
HKLM\SYSTEM\CS2\Services\Tcpip\..\{B62F5280-93C3-49B9-B79E-8533122DAC8C}: DhcpNameServer=85.255.114.27,85.255.112.89
HKLM\SYSTEM\CS2\Services\Tcpip\..\{F191F77D-DE21-46B2-8C44-C9B6A0810F41}: DhcpNameServer=24.222.0.94 24.222.0.95
HKLM\SYSTEM\CS3\Services\Tcpip\..\{F191F77D-DE21-46B2-8C44-C9B6A0810F41}: DhcpNameServer=24.222.0.91 24.222.0.75
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=24.222.0.94 24.222.0.95
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=24.222.0.94 24.222.0.95
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=24.222.0.91 24.222.0.75


»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End


-------------------------------------------------------------

AVG Scan Report:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 7:13:30 PM 01/05/2007

+ Scan result:



C:\WINDOWS\system32\netut80ex.vxd/C:/WINDOWS/System32/bbchk.exe -> Adware.BargainBuddy : Cleaned with backup (quarantined).
C:\WINDOWS\ddfonf.exe -> Adware.BetterInternet : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\lbymhjxa.dll.vir -> Adware.BHO : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2067\A1448482.dll -> Adware.BHO : Cleaned with backup (quarantined).
C:\WINDOWS\system32\netut80ex.vxd/C:/WINDOWS/System32/exclean.exe -> Adware.Exact : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{Y479C6D0-OTRW-U5GH-S1EE-E0AC10B4E666} -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-515967899-527237240-839522115-1003\Software\Microsoft\Active Setup\Installed Components\{Y479C6D0-OTRW-U5GH-S1EE-E0AC10B4E666} -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-515967899-527237240-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5929CD6E-2062-44A4-B2C5-2C7E78FBAB38} -> Adware.Generic : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443016.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443017.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443018.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443019.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443020.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443021.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443022.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443023.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443024.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443025.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443026.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443027.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443028.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443029.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443030.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443031.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443032.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443033.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443034.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443035.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443036.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443037.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443038.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443039.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443040.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443041.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443042.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443043.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443044.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443045.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443046.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443047.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443048.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443049.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443050.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443051.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443052.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443053.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443054.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443055.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443056.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443057.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443058.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443059.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443060.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443061.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443062.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443185.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2059\A1446153.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2069\A1448689.exe -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Deckard\System Scanner\20070428184651\backup\DOCUME~1\Carla\LOCALS~1\Temp\tmp8.tmp.exe -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\Deckard\System Scanner\20070428184651\backup\DOCUME~1\Carla\LOCALS~1\Temp\tmpF.tmp.exe -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\rqrsspp.dll.vir -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2067\A1448488.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\Documents and Settings\Carla\Desktop\requested-files[2007-04-30_21_33].cab/C:\WINDOWS\retadpu2000340.exe -> Downloader.Agent.bls : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\updater.exe.vir -> Downloader.Agent.bls : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443184.exe -> Downloader.Agent.bls : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2059\A1446170.exe -> Downloader.Agent.bls : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2067\A1448469.exe -> Downloader.Agent.bls : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2069\A1448668.exe -> Downloader.Agent.bls : Cleaned with backup (quarantined).
C:\WINDOWS\updater.exe.tmp -> Downloader.Agent.bls : Cleaned with backup (quarantined).
C:\Deckard\System Scanner\20070428184651\backup\DOCUME~1\Carla\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\HIR9HA46\QRhrTRWtr[1].exe -> Downloader.Small.bve : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\1.exe.vir -> Downloader.Small.bve : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\1.exe.vir -> Downloader.Small.bve : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2067\A1448463.exe -> Downloader.Small.bve : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2067\A1448464.exe -> Downloader.Small.bve : Cleaned with backup (quarantined).
C:\Deckard\System Scanner\20070428184651\backup\DOCUME~1\Carla\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\HIR9HA46\3[1].exe -> Downloader.Small.dxm : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\svhost.exe.vir -> Downloader.Small.dxm : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2067\A1448481.exe -> Downloader.Small.dxm : Cleaned with backup (quarantined).
C:\Program Files\HijackThis\backups\backup-20070501-162047-828.dll -> Downloader.VB.apq : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2069\A1448660.dll -> Downloader.VB.apq : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\user_32.dll.vir -> Downloader.VB.asx : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2069\A1448597.dll -> Downloader.VB.asx : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2069\A1448669.exe -> Downloader.VB.avl : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\Program Files\ipwins\Uninst.exe.vir -> Dropper.DollarR.b : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2067\A1448477.exe -> Dropper.DollarR.b : Cleaned with backup (quarantined).
C:\Deckard\System Scanner\20070428184651\backup\DOCUME~1\Carla\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\HIR9HA46\installdrivecleanerstart[1].cab/UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Cleaned with backup (quarantined).
C:\Deckard\System Scanner\20070428184651\backup\WINDOWS\Downloaded Program Files\UERS_9999_N91S2507NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Cleaned with backup (quarantined).
C:\Documents and Settings\Carla\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-33d0253e-17fea530.zip/Dummy.class -> Not-A-Virus.Exploit.ByteVerify : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2069\A1448680.exe -> Not-A-Virus.Hoax.Win32.Renos.fn : Cleaned with backup (quarantined).
:mozilla.387:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@oasc04.247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.272:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.276:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.277:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.278:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.279:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.280:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.281:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.282:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.283:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.347:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.365:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.410:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.419:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@buzznet.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.167:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.168:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.169:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@admarketplace[2].txt -> TrackingCookie.Admarketplace : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@www.adobe[2].txt -> TrackingCookie.Adobe : Cleaned.
C:\Deckard\System Scanner\20070428184651\backup\DOCUME~1\Carla\LOCALS~1\Temp\Cookies\carla@track.adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@track.adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.420:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.421:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.257:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.258:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.259:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.260:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.261:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.179:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@www.belstat[3].txt -> TrackingCookie.Belstat : Cleaned.
:mozilla.358:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.181:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.15:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.16:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.17:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.18:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.19:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.20:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.21:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.303:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Centrport : Cleaned.
:mozilla.406:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@ad1.clickhype[2].txt -> TrackingCookie.Clickhype : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@cz11.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@vip.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@ads.cnn[1].txt -> TrackingCookie.Cnn : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@counter.cnw[2].txt -> TrackingCookie.Cnw : Cleaned.
:mozilla.445:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Co : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@cnn-cnet.com[2].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@com[1].txt -> TrackingCookie.Com : Cleaned.
:mozilla.422:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\31v4001i.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@connextra[1].txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.374:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
C:\Deckard\System Scanner\20070428184651\backup\DOCUME~1\Carla\LOCALS~1\Temp\Cookies\carla@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.548:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Dealtime : Cleaned.
:mozilla.549:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Dealtime : Cleaned.
:mozilla.550:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Dealtime : Cleaned.
:mozilla.551:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Dealtime : Cleaned.
:mozilla.552:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Dealtime : Cleaned.
:mozilla.553:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Dealtime : Cleaned.
:mozilla.856:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\31v4001i.default\cookies.txt -> TrackingCookie.Dealtime : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@www.dealtime[1].txt -> TrackingCookie.Dealtime : Cleaned.
:mozilla.236:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@www.epilot[1].txt -> TrackingCookie.Epilot : Cleaned.
:mozilla.472:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.495:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.273:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.274:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.275:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.263:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.264:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.265:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.266:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.267:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.452:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.453:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@ehg-pcsecurityshield.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.345:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.102:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.103:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.42:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\31v4001i.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.43:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\31v4001i.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.501:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\31v4001i.default\cookies.txt -> TrackingCookie.Information : Cleaned.
:mozilla.849:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Information : Cleaned.
:mozilla.460:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\31v4001i.default\cookies.txt -> TrackingCookie.Intelli-direct : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@intelli-direct[1].txt -> TrackingCookie.Intelli-direct : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@sales.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.262:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.834:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\31v4001i.default\cookies.txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@search.msn[1].txt -> TrackingCookie.Msn : Cleaned.
C:\Deckard\System Scanner\20070428184651\backup\DOCUME~1\Carla\LOCALS~1\Temp\Cookies\carla@www.myaffiliateprogram[2].txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@www.myaffiliateprogram[2].txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@navrcholu[2].txt -> TrackingCookie.Navrcholu : Cleaned.
:mozilla.133:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.298:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\31v4001i.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
C:\Deckard\System Scanner\20070428184651\backup\DOCUME~1\Carla\LOCALS~1\Temp\Cookies\carla@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.330:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@data1.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
:mozilla.34:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.47:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\31v4001i.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.
C:\Deckard\System Scanner\20070428184651\backup\DOCUME~1\Carla\LOCALS~1\Temp\Cookies\carla@www.paypal[1].txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.182:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.183:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.184:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.185:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.496:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.497:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.255:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.256:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@games.real[1].txt -> TrackingCookie.Real : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@guide.real[2].txt -> TrackingCookie.Real : Cleaned.
:mozilla.108:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.109:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.110:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.111:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.40:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\31v4001i.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.41:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\31v4001i.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.44:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\31v4001i.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@network.realmedia[2].txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.187:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.188:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.189:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.190:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.191:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.192:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.193:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.194:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Deckard\System Scanner\20070428184651\backup\DOCUME~1\Carla\LOCALS~1\Temp\Cookies\carla@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@stats2.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.225:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.226:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.228:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.229:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.230:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.231:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.232:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.407:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.459:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\31v4001i.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.461:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\31v4001i.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.471:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@skype[1].txt -> TrackingCookie.Skype : Cleaned.
:mozilla.333:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.334:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.335:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.336:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.339:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.340:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.341:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.227:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.233:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.234:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Deckard\System Scanner\20070428184651\backup\DOCUME~1\Carla\LOCALS~1\Temp\Cookies\carla@anad.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@anad.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@ad.text.tbn[2].txt -> TrackingCookie.Texttbnru : Cleaned.
:mozilla.745:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\31v4001i.default\cookies.txt -> TrackingCookie.Toplist : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@toplist[1].txt -> TrackingCookie.Toplist : Cleaned.
C:\Deckard\System Scanner\20070428184651\backup\DOCUME~1\Carla\LOCALS~1\Temp\Cookies\carla@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned.
:mozilla.427:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.408:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.409:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.176:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.180:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.196:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.223:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@yadro[2].txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.10:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.11:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.12:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.13:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.14:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Carla\Cookies\carla@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.235:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.237:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.238:C:\Documents and Settings\Carla\Application Data\Mozilla\Firefox\Profiles\1unqcyev.Default User\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443071.dll -> Trojan.Agent.agv : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443072.dll -> Trojan.Agent.agv : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2060\A1446214.dll -> Trojan.Baws.a : Cleaned with backup (quarantined).
C:\Deckard\System Scanner\20070428184651\backup\DOCUME~1\Carla\LOCALS~1\Temp\tmp13.tmp.exe -> Trojan.BHO.g : Cleaned with backup (quarantined).
C:\Deckard\System Scanner\20070428184651\backup\DOCUME~1\Carla\LOCALS~1\Temp\tmp4.tmp.exe -> Trojan.BHO.g : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\tmp13.tmp.dll.vir -> Trojan.BHO.g : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\tmp4.tmp.dll.vir -> Trojan.BHO.g : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2067\A1448471.dll -> Trojan.BHO.g : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2067\A1448472.dll -> Trojan.BHO.g : Cleaned with backup (quarantined).
C:\Deckard\System Scanner\20070428184651\backup\DOCUME~1\Carla\LOCALS~1\Temp\tmp11.tmp.exe -> Trojan.BHO.o : Cleaned with backup (quarantined).
C:\Deckard\System Scanner\20070428184651\backup\DOCUME~1\Carla\LOCALS~1\Temp\tmp5.tmp.exe -> Trojan.BHO.o : Cleaned with backup (quarantined).
C:\Deckard\System Scanner\20070428184651\backup\DOCUME~1\Carla\LOCALS~1\Temp\tmpA.tmp.exe -> Trojan.BHO.o : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\tmp11.tmp.dll.vir -> Trojan.BHO.o : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\tmp5.tmp.dll.vir -> Trojan.BHO.o : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2067\A1448470.dll -> Trojan.BHO.o : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2067\A1448473.dll -> Trojan.BHO.o : Cleaned with backup (quarantined).
C:\Deckard\System Scanner\20070428184651\backup\DOCUME~1\Carla\LOCALS~1\Temp\temp.frE919\UnInstall.exe -> Trojan.Rond : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\Program Files\Ipwindows\UnInstall.exe.vir -> Trojan.Rond : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443075.exe -> Trojan.Rond : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2059\A1446152.exe -> Trojan.Rond : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2067\A1448476.exe -> Trojan.Rond : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1442980.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1443176.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2056\A1444104.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2057\A1444124.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2057\A1445103.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2058\A1445110.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95884DEE-28B7-4F18-B23B-B2F4EFF098C7}\RP2069\A1448670.exe -> Trojan.Small : Cleaned with backup (quarantined).


::Report end

------------------------------------------------------------------

C:\Deckard\SystemScanner\main.txt:

Deckard's System Scanner v20070423.42
Run by Carla on 2007-05-01 at 21:14:04
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Carla.exe) -----------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 9:14:14 PM, on 01/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ares\bak\Ares.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Corel\Suite8\Programs\DAD8.EXE
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Free Sticky Notes\freenote.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\VSTASCAN\vsaccess.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Carla\Desktop\dss.exe
C:\PROGRA~1\HIJACK~1\Carla.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PsapiAnalyzer Object - {125399A6-E13D-42CE-A021-7F9069A79440} - c:\windows\fonts\pcreg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-ca\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-ca\msntb.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LXBSCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBStime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DS Clock] "C:\Program Files\DS Clock\dsclock.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\bak\Ares.exe" -h
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Shortcut to Free Sticky Notes.LNK = C:\Program Files\Free Sticky Notes\freenote.exe
O4 - Startup: UMAX VistaAccess.lnk = C:\VSTASCAN\vsaccess.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Corel Desktop Application Director 8.LNK = C:\Corel\Suite8\Programs\DAD8.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://angelgirl76.spaces.live.com//...d/MsnPUpld.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photolab.ca/Upload/ImageUploader4.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.photolab.ca/en/Photo/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {D57262F5-9637-4E67-BC59-88C53EA76FC3} (ULcontrol Control) - https://pix.futureshop.ca/en/ulcontrolxp.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by119fd.bay119.hotmail.msn.co...x/HMAtchmt.ocx
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FC} (PCUploader Class) - http://www.walmartphotocentre.ca/activex/PCAXSetup.cab?
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://walmart.pnimedia.com/upload/a...pv2.0.0.9.cab?
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: pcreg - c:\windows\fonts\pcreg.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: lxbs_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbscoms.exe
O23 - Service: ML-2010 Status Monitor Service (SM_ml1600_FUService) - Unknown owner - C:\Program.exe (file missing)


-- Files created between 2007-04-01 and 2007-05-01 -----------------------------

2007-05-01 19:38:23 0 d-------- C:\Program Files\Comodo
2007-05-01 19:33:59 0 d-------- C:\WINDOWS\LastGood
2007-05-01 15:49:37 2232 --a------ C:\WINDOWS\system32\tmp.reg
2007-05-01 15:48:35 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-05-01 15:48:34 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS; ; >
2007-05-01 15:48:34 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility; 2, 0, 0, 0; 2, 0, 0, 0>
2007-05-01 15:41:33 3968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys <Not Verified; GRISOFT, s.r.o.; AVG7 Clean Driver; 1.0.0.14; 1.0.0.14>
2007-04-28 19:44:50 49152 --a------ C:\WINDOWS\nircmd.exe <Not Verified; NirSoft; NirCmd; 1.85; 1.85>
2007-04-25 15:02:52 0 d-------- C:\Program Files\SpywareBlaster
2007-04-24 22:29:18 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-04-20 15:05:44 14848 --a------ C:\WINDOWS\system32\vxddsk.exe
2007-04-20 15:05:43 16896 --a------ C:\WINDOWS\wml.exe


-- Find3M Report ---------------------------------------------------------------

2007-05-01 20:44:17 0 d-------- C:\Program Files\MSN Messenger
2007-05-01 20:42:14 0 d-------- C:\Program Files\Free Sticky Notes
2007-05-01 16:05:54 0 d-------- C:\Documents and Settings\Carla\Application Data\Skype
2007-04-30 22:35:18 0 d-------- C:\Program Files\ewido anti-spyware 4.0
2007-04-23 21:26:10 0 d-------- C:\Program Files\Lx_cats
2007-04-15 16:18:56 0 d-------- C:\Program Files\Ares
2007-04-15 12:43:26 0 d-------- C:\Program Files\TClockEx


-- Registry Dump ---------------------------------------------------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
{125399A6-E13D-42CE-A021-7F9069A79440} c:\windows\fonts\pcreg.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{9394EDE7-C8B5-483E-8773-474BF36AF6E4} C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-ca\msntb.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SoundMan"="SOUNDMAN.EXE"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"LXBSCATS"="rundll32 C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\LXBStime.dll,_RunDLLEntry@16"
"Logitech Utility"="Logi_MwX.Exe"
"RoxioDragToDisc"="\"C:\\Program Files\\Roxio\\Easy Media Creator 7\\Drag to Disc\\DrgToDsc.exe\""
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"COMODO Firewall Pro"="\"C:\\Program Files\\Comodo\\Firewall\\CPF.exe\" /background"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"DS Clock"="\"C:\\Program Files\\DS Clock\\dsclock.exe\""
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"ares"="\"C:\\Program Files\\Ares\\bak\\Ares.exe\" -h"
"Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pcreg

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0


[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0


[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E]
Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL index.htm


-- End of Deckard's System Scanner: finished at 2007-05-01 at 21:14:55 ---------
angelgirl30 is offline