DFW:
Everything seems to be running smoother now. Switched to Firefox browser, and seems to work a bit faster in general. Only problem encountered was WinPFind3U didn't ask to reboot, so rebooted manually. Here are new logs.
WinPFind3 logfile created on: 27/11/2007 8:18:55 PM
WinPFind3U by OldTimer - Version 1.0.44 Folder = C:\Users\RHW\Desktop\winPFind\WinPFind3u\
Windows Vista (TM) Home Premium (Version = 6.0.6000)
Internet Explorer (Version = 7.0.6000.16546)
1021.38 Mb Total Physical Memory | 386.96 Mb Available Physical Memory | 37.89% Memory free
2.24 Gb Paging File | 1.39 Gb Available in Paging File | 61.89% Paging File free
Paging file location(s): ?:\pagefile.sys;
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 92.14 Gb Free Space | 61.82% Space Free
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Computer Name: HALF-FAST
Current User Name: RHW
Logged in as Administrator.
Current Boot Mode: Normal
[Processes - Non-Microsoft Only]
agrsmsvc.exe -> %System32%\agrsmsvc.exe -> Agere Systems [Ver = 1.0.0.4 | Size = 9216 bytes | Modified Date = 29/11/2006 8:55:00 PM | Attr = ]
applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 06/09/2007 12:28:18 PM | Attr = ]
avgas.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 11/06/2007 4:25:42 AM | Attr = ]
bttray.exe -> %ProgramFiles%\WIDCOMM\Bluetooth Software\BTTray.exe -> Broadcom Corporation. [Ver = 6.0.1.3400 | Size = 719664 bytes | Modified Date = 21/11/2006 5:12:42 PM | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 30/05/2007 7:31:10 AM | Attr = ]
ifxpsdsv.exe -> %System32%\IfxPsdSv.exe -> Infineon Technologies AG [Ver = 3.00.1135.00 | Size = 136736 bytes | Modified Date = 13/11/2006 5:11:54 PM | Attr = ]
ifxspmgt.exe -> %System32%\IFXSPMGT.exe -> Infineon Technologies AG [Ver = 3.00.1135.00 | Size = 661024 bytes | Modified Date = 13/11/2006 5:23:38 PM | Attr = ]
ifxtcs.exe -> %System32%\IFXTCS.exe -> Infineon Technologies AG [Ver = 3.00.1137.00 | Size = 824864 bytes | Modified Date = 15/11/2006 2:54:50 AM | Attr = ]
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.4.2.4 | Size = 503608 bytes | Modified Date = 14/09/2007 8:59:56 AM | Attr = ]
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.4.2.4 | Size = 267064 bytes | Modified Date = 14/09/2007 9:00:06 AM | Attr = ]
ktp.exe -> %ProgramFiles%\Elantech\Ktp.exe -> ELANTECH Devices Corp. [Ver = 5, 0, 3, 13 | Size = 647168 bytes | Modified Date = 14/02/2007 4:11:48 AM | Attr = ]
mcagent.exe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe -> McAfee, Inc. [Ver = 8,0,237,0 | Size = 582992 bytes | Modified Date = 04/08/2007 1:33:14 AM | Attr = ]
mcmscsvc.exe -> %ProgramFiles%\McAfee\MSC\mcmscsvc.exe -> McAfee, Inc. [Ver = 8,0,238,0 | Size = 749904 bytes | Modified Date = 04/08/2007 6:08:06 AM | Attr = ]
mcnasvc.exe -> %CommonProgramFiles%\McAfee\MNA\McNASvc.exe -> McAfee, Inc. [Ver = 2,0,136,0 | Size = 2376992 bytes | Modified Date = 22/07/2007 7:15:18 PM | Attr = ]
mcproxy.exe -> %CommonProgramFiles%\McAfee\McProxy\McProxy.exe -> McAfee, Inc. [Ver = 2,0,150,0 | Size = 359248 bytes | Modified Date = 15/08/2007 11:36:04 AM | Attr = ]
mcshield.exe -> %ProgramFiles%\McAfee\VirusScan\Mcshield.exe -> McAfee, Inc. [Ver = VSCORE.14.0.0.349.x86 | Size = 144704 bytes | Modified Date = 24/07/2007 11:02:14 AM | Attr = ]
mcsysmon.exe -> %ProgramFiles%\McAfee\VirusScan\mcsysmon.exe -> McAfee, Inc. [Ver = 12,0,188,0 | Size = 695624 bytes | Modified Date = 25/07/2007 12:41:52 AM | Attr = ]
mpfsrv.exe -> %ProgramFiles%\McAfee\MPF\MpfSrv.exe -> McAfee, Inc. [Ver = 9.0.136.0 | Size = 856864 bytes | Modified Date = 18/07/2007 2:54:42 PM | Attr = ]
omniserv.exe -> %ProgramFiles%\Softex\OmniPass\OmniServ.exe -> Softex Inc. [Ver = 5.0.0.1 | Size = 36864 bytes | Modified Date = 28/11/2006 5:41:00 PM | Attr = ]
psdrt.exe -> %ProgramFiles%\Infineon\Security Platform Software\PSDrt.exe -> Infineon Technologies AG [Ver = 3.00.1135.00 | Size = 173600 bytes | Modified Date = 13/11/2006 5:19:20 PM | Attr = ]
rthdvcpl.exe -> %SystemRoot%\RtHDVCpl.exe -> Realtek Semiconductor [Ver = 1, 0, 0, 11 | Size = 4186112 bytes | Modified Date = 01/12/2006 4:37:00 PM | Attr = ]
scureapp.exe -> %ProgramFiles%\Softex\OmniPass\scureapp.exe -> [Ver = 5, 0, 0, 1 | Size = 2174976 bytes | Modified Date = 28/11/2006 5:42:52 PM | Attr = ]
siteadv.exe -> %ProgramFiles%\SiteAdvisor\6066\SiteAdv.exe -> McAfee, Inc. [Ver = 2.3.0 | Size = 36904 bytes | Modified Date = 08/02/2007 9:39:34 PM | Attr = ]
sptna.exe -> %ProgramFiles%\Infineon\Security Platform Software\SpTNA.exe -> Infineon Technologies AG [Ver = 3.00.1135.00 | Size = 656928 bytes | Modified Date = 13/11/2006 5:03:32 PM | Attr = ]
vsnp2std.exe -> %SystemRoot%\vsnp2std.exe -> Sonix [Ver = 1, 1, 7, 0 | Size = 675840 bytes | Modified Date = 15/09/2006 4:21:54 PM | Attr = ]
winpfind3u.exe -> %UserDesktop%\winPFind\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.44.0 | Size = 371200 bytes | Modified Date = 21/11/2007 9:19:46 AM | Attr = ]
wireless select switch.exe -> %ProgramFiles%\Compal Electronics, INC\Wireless Select Switch\Wireless Select Switch.exe -> [Ver = 1, 0, 0, 4 | Size = 184320 bytes | Modified Date = 20/06/2006 3:12:18 PM | Attr = ]
wmiadap.exe -> -> File not found
[Win32 Services - Non-Microsoft Only]
(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> Adobe Systems [Ver = 2.67.010 | Size = 72704 bytes | Modified Date = 10/08/2007 5:47:04 PM | Attr = ]
(AgereModemAudio) Agere Modem Call Progress Audio [Win32_Own | Auto | Running] -> %System32%\agrsmsvc.exe -> Agere Systems [Ver = 1.0.0.4 | Size = 9216 bytes | Modified Date = 29/11/2006 8:55:00 PM | Attr = ]
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 06/09/2007 12:28:18 PM | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 30/05/2007 7:31:10 AM | Attr = ]
(CertPropSvc) Certificate Propagation [Win32_Shared | Unknown | Running] -> -> File not found
(DcomLaunch) DCOM Server Process Launcher [Win32_Shared | Unknown | Running] -> -> File not found
(DPS) Diagnostic Policy Service [Win32_Shared | Unknown | Running] -> -> File not found
(gpsvc) Group Policy Client [Win32_Shared | Unknown | Running] -> -> File not found
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1050\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 10.50.125 | Size = 73728 bytes | Modified Date = 22/10/2004 6:24:18 AM | Attr = ]
(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> -> File not found
(IFXSpMgtSrv) Security Platform Management Service [Win32_Own | Auto | Running] -> %System32%\IFXSPMGT.exe -> Infineon Technologies AG [Ver = 3.00.1135.00 | Size = 661024 bytes | Modified Date = 13/11/2006 5:23:38 PM | Attr = ]
(IFXTCS) Trusted Platform Core Service [Win32_Own | Auto | Running] -> %System32%\IFXTCS.exe -> Infineon Technologies AG [Ver = 3.00.1137.00 | Size = 824864 bytes | Modified Date = 15/11/2006 2:54:50 AM | Attr = ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.4.2.4 | Size = 503608 bytes | Modified Date = 14/09/2007 8:59:56 AM | Attr = ]
(mcmscsvc) McAfee Services [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MSC\mcmscsvc.exe -> McAfee, Inc. [Ver = 8,0,238,0 | Size = 749904 bytes | Modified Date = 04/08/2007 6:08:06 AM | Attr = ]
(McNASvc) McAfee Network Agent [Win32_Own | Auto | Running] -> %CommonProgramFiles%\McAfee\MNA\McNASvc.exe -> McAfee, Inc. [Ver = 2,0,136,0 | Size = 2376992 bytes | Modified Date = 22/07/2007 7:15:18 PM | Attr = ]
(McODS) McAfee Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\McAfee\VirusScan\mcods.exe -> McAfee, Inc. [Ver = 12,0,172,0 | Size = 378184 bytes | Modified Date = 25/07/2007 2:16:16 AM | Attr = ]
(McProxy) McAfee Proxy Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\McAfee\McProxy\McProxy.exe -> McAfee, Inc. [Ver = 2,0,150,0 | Size = 359248 bytes | Modified Date = 15/08/2007 11:36:04 AM | Attr = ]
(McShield) McAfee Real-time Scanner [Win32_Own | Unknown | Running] -> -> File not found
(McSysmon) McAfee SystemGuards [Win32_Own | On_Demand | Running] -> %ProgramFiles%\McAfee\VirusScan\mcsysmon.exe -> McAfee, Inc. [Ver = 12,0,188,0 | Size = 695624 bytes | Modified Date = 25/07/2007 12:41:52 AM | Attr = ]
(MpfService) McAfee Personal Firewall Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MPF\MpfSrv.exe -> McAfee, Inc. [Ver = 9.0.136.0 | Size = 856864 bytes | Modified Date = 18/07/2007 2:54:42 PM | Attr = ]
(MSDTC) Distributed Transaction Coordinator [Win32_Own | Unknown | Stopped] -> -> File not found
(NMIndexingService) NMIndexingService [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Ahead\Lib\NMIndexingService.exe -> File not found
(omniserv) Softex OmniPass Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Softex\OmniPass\OmniServ.exe -> Softex Inc. [Ver = 5.0.0.1 | Size = 36864 bytes | Modified Date = 28/11/2006 5:41:00 PM | Attr = ]
(PersonalSecureDriveService) Personal Secure Drive Service [Win32_Own | Auto | Running] -> %System32%\IfxPsdSv.exe -> Infineon Technologies AG [Ver = 3.00.1135.00 | Size = 136736 bytes | Modified Date = 13/11/2006 5:11:54 PM | Attr = ]
(RpcSs) Remote Procedure Call (RPC) [Win32_Shared | Unknown | Running] -> -> File not found
(SBSDWSCService) SBSD Security Center Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Spybot - Search & Destroy\SDWinSec.exe -> Safer Networking Ltd. [Ver = 1, 0, 0, 8 | Size = 600912 bytes | Modified Date = 31/08/2007 3:46:18 PM | Attr = ]
(SCardSvr) Smart Card [Win32_Shared | Unknown | Stopped] -> -> File not found
(Schedule) Task Scheduler [Win32_Shared | Unknown | Running] -> -> File not found
(SCPolicySvc) Smart Card Removal Policy [Win32_Shared | Unknown | Stopped] -> -> File not found
(TrustedInstaller) Windows Modules Installer [Win32_Own | Unknown | Stopped] -> -> File not found
(WdiServiceHost) Diagnostic Service Host [Win32_Shared | Unknown | Stopped] -> -> File not found
(WdiSystemHost) Diagnostic System Host [Win32_Shared | Unknown | Running] -> -> File not found
[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
!AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 11/06/2007 4:25:42 AM | Attr = ]
CASS -> %ProgramFiles%\Compal Electronics, INC\Wireless Select Switch\Wireless Select Switch.exe -> [Ver = 1, 0, 0, 4 | Size = 184320 bytes | Modified Date = 20/06/2006 3:12:18 PM | Attr = ]
IFXSPMGT -> %System32%\IFXSPMGT.exe -> Infineon Technologies AG [Ver = 3.00.1135.00 | Size = 661024 bytes | Modified Date = 13/11/2006 5:23:38 PM | Attr = ]
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.4.2.4 | Size = 267064 bytes | Modified Date = 14/09/2007 9:00:06 AM | Attr = ]
KTPWare -> %ProgramFiles%\Elantech\Ktp.exe -> ELANTECH Devices Corp. [Ver = 5, 0, 3, 13 | Size = 647168 bytes | Modified Date = 14/02/2007 4:11:48 AM | Attr = ]
mcagent_exe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe -> McAfee, Inc. [Ver = 8,0,237,0 | Size = 582992 bytes | Modified Date = 04/08/2007 1:33:14 AM | Attr = ]
NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 7.15.10.9754 | Size = 7766016 bytes | Modified Date = 19/12/2006 4:38:00 PM | Attr = ]
NvMediaCenter -> %System32%\nvmctray.dll [RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 7.15.10.9754 | Size = 81920 bytes | Modified Date = 19/12/2006 4:38:00 PM | Attr = ]
NvSvc -> %System32%\nvsvc.dll [RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart] -> NVIDIA Corporation [Ver = 7.15.10.9754 | Size = 90191 bytes | Modified Date = 19/12/2006 4:38:00 PM | Attr = ]
NWEReboot -> -> File not found
OmniPass -> %ProgramFiles%\Softex\OmniPass\scureapp.exe -> [Ver = 5, 0, 0, 1 | Size = 2174976 bytes | Modified Date = 28/11/2006 5:42:52 PM | Attr = ]
RtHDVCpl -> %SystemRoot%\RtHDVCpl.exe -> Realtek Semiconductor [Ver = 1, 0, 0, 11 | Size = 4186112 bytes | Modified Date = 01/12/2006 4:37:00 PM | Attr = ]
SiteAdvisor -> %ProgramFiles%\SiteAdvisor\6066\SiteAdv.exe -> McAfee, Inc. [Ver = 2.3.0 | Size = 36904 bytes | Modified Date = 08/02/2007 9:39:34 PM | Attr = ]
snp2std -> %SystemRoot%\vsnp2std.exe -> Sonix [Ver = 1, 1, 7, 0 | Size = 675840 bytes | Modified Date = 15/09/2006 4:21:54 PM | Attr = ]
Windows Defender -> MSASCui.exe -> File not found
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} -> %CommonProgramFiles%\Ahead\Lib\NMBgMonitor.exe -> File not found
updateMgr -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe -> Adobe Systems Incorporated [Ver = 3.1.0.10 | Size = 313472 bytes | Modified Date = 30/03/2006 3:45:08 PM | Attr = R ]
< Common Startup > -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup ->
%AllUsersAppData%\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 29696 bytes | Modified Date = 23/09/2005 9:05:26 PM | Attr = ]
%AllUsersAppData%\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk -> %ProgramFiles%\WIDCOMM\Bluetooth Software\BTTray.exe -> Broadcom Corporation. [Ver = 6.0.1.3400 | Size = 719664 bytes | Modified Date = 21/11/2006 5:12:42 PM | Attr = ]
< User Startup > -> C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup ->
%UserAppData%\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 113664 bytes | Modified Date = 16/03/2005 6:16:50 PM | Attr = ]
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 30/05/2007 7:29:58 AM | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\\ScanWithAntiVirus -> 3 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 67108863 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin -> 2 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableInstallerDetection -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableSecureUIAPaths -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableVirtualization -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ValidateAdminCodeSignatures -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\scforceoption -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\undockwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\FilterAdministratorToken -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_TEXT -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_BITMAP -> 2 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_OEMTEXT -> 7 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_DIB -> 8 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_PALETTE -> 9 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_UNICODETEXT -> 13 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_DIBV5 -> 17 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
< HOSTS File > (27 bytes) -> C:\Windows\System32\drivers\etc\Hosts ->
127.0.0.1 localhost -> ->
< Internet Explorer Settings > -> ->
HKLM: Default_Page_URL ->
http://www.mdg.ca ->
HKLM: Main\\Default_Search_URL ->
http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page ->
http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Start Page ->
http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: CustomizeSearch ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant ->
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Local Page -> C:\Windows\system32\blank.htm ->
HKCU: Search Page ->
http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKCU: Start Page ->
http://sympatico.my.msn.com/ ->
HKCU: ProxyEnable -> 0 ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.9.2006121800 | Size = 59032 bytes | Modified Date = 18/12/2006 3:16:42 AM | Attr = ]
{089FD14D-132B-48FC-8861-0048AE113215} [HKLM] -> %ProgramFiles%\SiteAdvisor\6066\SiteAdv.dll [Reg Data - Value does not exist] -> McAfee, Inc. [Ver = 2.4.0 | Size = 1099304 bytes | Modified Date = 30/03/2007 10:41:24 AM | Attr = ]
{2330BF12-9FBF-4EE9-A84E-65107F7B5FF8} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> Safer Networking Limited [Ver = 1, 5, 0, 8 | Size = 1122128 bytes | Modified Date = 31/08/2007 3:46:14 PM | Attr = ]
{73E30260-CABD-4260-9133-39B24F34A9B9} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 12/07/2007 3:00:36 AM | Attr = ]
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> %ProgramFiles%\McAfee\VirusScan\scriptsn.dll [scriptproxy] -> McAfee, Inc. [Ver = VSCORE.14.0.0.349.x86 | Size = 66880 bytes | Modified Date = 24/07/2007 11:02:40 AM | Attr = ]
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{0BF43445-2F28-4351-9252-17FE6E806AA0} [HKLM] -> %ProgramFiles%\SiteAdvisor\6066\SiteAdv.dll [McAfee SiteAdvisor] -> McAfee, Inc. [Ver = 2.4.0 | Size = 1099304 bytes | Modified Date = 30/03/2007 10:41:24 AM | Attr = ]
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 12/07/2007 3:00:36 AM | Attr = ]
{B205A35E-1FC4-4CE3-818B-899DBBB3388C} [HKLM] -> Reg Data - Key not found [MenuText: Reg Data - Value does not exist] -> File not found
{CCA281CA-C863-46ef-9331-5C8D4460577F} -> %ProgramFiles%\WIDCOMM\Bluetooth Software\btsendto_ie.htm [ButtonText: @btrez.dll,-4015] -> [Ver = | Size = 5601 bytes | Modified Date = 26/10/2006 10:28:50 PM | Attr = ]
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [MenuText: Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 5, 0, 8 | Size = 1122128 bytes | Modified Date = 31/08/2007 3:46:14 PM | Attr = ]
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
E&xport to Microsoft Excel -> -> File not found
Send image to &Bluetooth Device... -> %ProgramFiles%\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm -> [Ver = | Size = 2773 bytes | Modified Date = 29/08/2006 6:12:28 PM | Attr = ]
Send page to &Bluetooth Device... -> %ProgramFiles%\WIDCOMM\Bluetooth Software\btsendto_ie.htm -> [Ver = | Size = 5601 bytes | Modified Date = 26/10/2006 10:28:50 PM | Attr = ]
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{144AAE16-8B7F-4B11-9A0F-58C20FACFDE4} -> (Intel(R) PRO/Wireless 3945ABG Network Connection) ->
{1AD799CF-CB7E-40D3-A7EC-2362464A8B24} -> () ->
{579BF180-7F95-4B80-A216-3B5BAD8461C8} -> (Realtek RTL8168B/8111B Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)) ->
{9AB61100-357B-40A8-91C9-0764C63731BE} -> () ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
about -> Reg Data - Key not found -> File not found
dvd -> Reg Data - Key not found -> File not found
its -> Reg Data - Key not found -> File not found
mhtml -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
ms-its -> Reg Data - Key not found -> File not found
siteadvisor -> %ProgramFiles%\SiteAdvisor\6066\SiteAdv.dll -> McAfee, Inc. [Ver = 2.4.0 | Size = 1099304 bytes | Modified Date = 30/03/2007 10:41:24 AM | Attr = ]
skype4com -> %CommonProgramFiles%\Skype\Skype4COM.dll -> Skype Technologies [Ver = 1, 0, 27, 2 | Size = 1828176 bytes | Modified Date = 06/08/2007 11:43:20 AM | Attr = R ]
tv -> Reg Data - Key not found -> File not found
vbscript -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{02BCC737-B171-4746-94C9-0D8A0B2C0089} -> Microsoft Office Template and Media Control - CodeBase =
http://office.microsoft.com/templates/ieawsdc.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.6.0_02 - CodeBase =
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab ->
{8FD07749-EFFA-48C6-947C-45A8D7BF422F} -> CLVistaGenie Control - CodeBase =
http://www.cyberlink.com/vista/prog/CLVistaGenie.cab ->
{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_03 - CodeBase =
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab ->
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase =
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab ->
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_01 - CodeBase =
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab ->
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_02 - CodeBase =
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_02 - CodeBase =
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase =
http://fpdownload2.macromedia.com/get/s ... wflash.cab ->
[Files/Folders - Created Within 90 days]
ComboFix -> %SystemDrive%\ComboFix -> [Folder | Created Date = 23/11/2007 5:44:42 PM | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1071636480 bytes | Created Date = 01/01/1601 5:00:00 AM | Attr = HS]
ntuser.dat -> %SystemDrive%\ntuser.dat -> [Ver = | Size = 0 bytes | Created Date = 19/11/2007 7:35:35 PM | Attr = ]
ntuser.dat.LOG1 -> %SystemDrive%\ntuser.dat.LOG1 -> [Ver = | Size = 0 bytes | Created Date = 19/11/2007 7:35:35 PM | Attr = H ]
ntuser.dat.LOG2 -> %SystemDrive%\ntuser.dat.LOG2 -> [Ver = | Size = 0 bytes | Created Date = 19/11/2007 7:35:35 PM | Attr = H ]
qoobox -> %SystemDrive%\qoobox -> [Folder | Created Date = 22/11/2007 11:25:57 PM | Attr = ]
catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 136704 bytes | Created Date = 22/11/2007 11:21:11 PM | Attr = ]
erdnt -> %SystemRoot%\erdnt -> [Folder | Created Date = 22/11/2007 11:35:55 PM | Attr = ]
NirCmd.exe -> %SystemRoot%\NirCmd.exe -> NirSoft [Ver = 2.00 | Size = 51200 bytes | Created Date = 22/11/2007 11:21:12 PM | Attr = ]
nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Created Date = 26/11/2007 5:28:57 PM | Attr = ]
SA210D6F8.tmp -> %SystemRoot%\SA210D6F8.tmp -> [Ver = | Size = 24 bytes | Created Date = 11/11/2007 8:59:09 AM | Attr = HS]
wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 95 bytes | Created Date = 18/11/2007 10:18:22 AM | Attr = ]
NETw4c32.dll -> %System32%\NETw4c32.dll -> Intel Corporation [Ver = 11. 1. 0. 0 | Size = 679936 bytes | Created Date = 18/10/2007 4:26:31 PM | Attr = ]
@Alternate Data Stream - 26 bytes -> %System32%\NETw4c32.dll:Zone.Identifier ->
NETw4r32.dll -> %System32%\NETw4r32.dll -> Intel Corporation [Ver = 11. 1. 0. 0 | Size = 2756608 bytes | Created Date = 18/10/2007 4:26:31 PM | Attr = ]
@Alternate Data Stream - 26 bytes -> %System32%\NETw4r32.dll:Zone.Identifier ->
PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 729436 bytes | Created Date = 11/11/2007 9:08:08 AM | Attr = ]
swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.8 | Size = 279552 bytes | Created Date = 22/11/2007 11:21:10 PM | Attr = ]
swsc.exe -> %System32%\swsc.exe -> SteelWerX [Ver = 2.0.0.0 | Size = 370688 bytes | Created Date = 22/11/2007 11:21:09 PM | Attr = ]
swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 22/11/2007 11:21:09 PM | Attr = ]
VFind.exe -> %System32%\VFind.exe -> [Ver = | Size = 49152 bytes | Created Date = 22/11/2007 11:21:10 PM | Attr = ]
wlan.tmf -> %System32%\wlan.tmf -> [Ver = | Size = 1655289 bytes | Created Date = 14/11/2007 5:49:01 PM | Attr = ]
AnyDVD.sys -> %System32%\drivers\AnyDVD.sys -> SlySoft, Inc. [Ver = 6.1.9.6 | Size = 96832 bytes | Created Date = 07/11/2007 10:26:08 AM | Attr = ]
AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Created Date = 27/11/2007 7:24:15 PM | Attr = ]
Msft_Kernel_SynTP_01000.Wdf -> %System32%\drivers\Msft_Kernel_SynTP_01000.Wdf -> [Ver = | Size = 0 bytes | Created Date = 25/11/2007 6:57:21 PM | Attr = H ]
NETw4v32.sys -> %System32%\drivers\NETw4v32.sys -> Intel Corporation [Ver = 11.1.0.100 | Size = 2216448 bytes | Created Date = 18/10/2007 4:26:32 PM | Attr = ]
@Alternate Data Stream - 26 bytes -> %System32%\drivers\NETw4v32.sys:Zone.Identifier ->
Rtlh86.sys -> %System32%\drivers\Rtlh86.sys -> Realtek Corporation [Ver = 6.198.1003.2007 built by: WinDDK | Size = 99840 bytes | Created Date = 03/10/2007 8:18:12 AM | Attr = ]
hosts.20070913-184002.backup -> %System32%\drivers\etc\hosts.20070913-184002.backup -> [Ver = | Size = 761 bytes | Created Date = 13/09/2007 5:40:02 PM | Attr = ]
hosts.20071030-144155.backup -> %System32%\drivers\etc\hosts.20071030-144155.backup -> [Ver = | Size = 178754 bytes | Created Date = 30/10/2007 1:41:55 PM | Attr = R ]
hosts.20071118-103140.backup -> %System32%\drivers\etc\hosts.20071118-103140.backup -> [Ver = | Size = 206961 bytes | Created Date = 18/11/2007 10:31:40 AM | Attr = R ]
[Files/Folders - Modified Within 90 days]
$Recycle.Bin -> %SystemDrive%\$Recycle.Bin -> [Folder | Modified Date = 01/09/2007 8:40:54 PM | Attr = HS]
ComboFix -> %SystemDrive%\ComboFix -> [Folder | Modified Date = 23/11/2007 5:50:02 PM | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1071636480 bytes | Modified Date = 27/11/2007 8:13:30 PM | Attr = HS]
Intel -> %SystemDrive%\Intel -> [Folder | Modified Date = 18/10/2007 4:19:52 PM | Attr = ]
ntuser.dat -> %SystemDrive%\ntuser.dat -> [Ver = | Size = 0 bytes | Modified Date = 19/11/2007 7:35:36 PM | Attr = ]
ntuser.dat.LOG1 -> %SystemDrive%\ntuser.dat.LOG1 -> [Ver = | Size = 0 bytes | Modified Date = 19/11/2007 7:35:36 PM | Attr = H ]
ntuser.dat.LOG2 -> %SystemDrive%\ntuser.dat.LOG2 -> [Ver = | Size = 0 bytes | Modified Date = 19/11/2007 7:35:36 PM | Attr = H ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 27/11/2007 7:24:10 PM | Attr = R ]
ProgramData -> %AllUsersAppData% -> [Folder | Modified Date = 27/11/2007 7:24:12 PM | Attr = H ]
qoobox -> %SystemDrive%\qoobox -> [Folder | Modified Date = 23/11/2007 5:49:46 PM | Attr = ]
System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 27/11/2007 7:17:34 PM | Attr = HS]
Windows -> %SystemRoot% -> [Folder | Modified Date = 27/11/2007 8:17:12 PM | Attr = ]
AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 09/10/2007 5:07:58 PM | Attr = ]
assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 14/11/2007 5:59:48 PM | Attr = R S]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 67584 bytes | Modified Date = 27/11/2007 8:13:38 PM | Attr = S]
bthservsdp.dat -> %SystemRoot%\bthservsdp.dat -> [Ver = | Size = 12 bytes | Modified Date = 27/11/2007 7:35:58 PM | Attr = ]
catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 136704 bytes | Modified Date = 08/11/2007 4:59:02 PM | Attr = ]
Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 27/11/2007 7:40:40 PM | Attr = ]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 18/11/2007 10:59:30 AM | Attr = S]
ehome -> %SystemRoot%\ehome -> [Folder | Modified Date = 14/11/2007 5:51:28 PM | Attr = ]
erdnt -> %SystemRoot%\erdnt -> [Folder | Modified Date = 22/11/2007 11:35:56 PM | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 27/11/2007 7:42:12 PM | Attr = ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 26/11/2007 5:16:00 PM | Attr = HS]
Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Modified Date = 14/11/2007 5:59:50 PM | Attr = ]
Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 27/11/2007 7:40:40 PM | Attr = ]
nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Modified Date = 26/11/2007 5:28:58 PM | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 27/11/2007 8:16:44 PM | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 27/11/2007 8:14:06 PM | Attr = H ]
SA210D6F8.tmp -> %SystemRoot%\SA210D6F8.tmp -> [Ver = | Size = 24 bytes | Modified Date = 11/11/2007 9:06:36 AM | Attr = HS]
System32 -> %System32% -> [Folder | Modified Date = 27/11/2007 7:42:14 PM | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 22/11/2007 11:29:20 PM | Attr = ]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 27/11/2007 8:18:46 PM | Attr = ]
WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [Ver = | Size = 749 bytes | Modified Date = 30/08/2007 7:33:44 PM | Attr = RH ]
wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 95 bytes | Modified Date = 18/11/2007 10:18:24 AM | Attr = ]
winsxs -> %SystemRoot%\winsxs -> [Folder | Modified Date = 14/11/2007 5:55:08 PM | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 27/11/2007 8:13:44 PM | Attr = H ]
User_Feed_Synchronization-{D9B30BB4-63C0-47D4-A444-A174F9308500}.job -> %SystemRoot%\tasks\User_Feed_Synchronization-{D9B30BB4-63C0-47D4-A444-A174F9308500}.job -> [Ver = | Size = 414 bytes | Modified Date = 27/11/2007 8:15:40 PM | Attr = H ]
7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> %System32%\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [Ver = | Size = 4576 bytes | Modified Date = 27/11/2007 8:13:46 PM | Attr = H ]
7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> %System32%\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [Ver = | Size = 4576 bytes | Modified Date = 27/11/2007 8:13:46 PM | Attr = H ]
catroot -> %System32%\catroot -> [Folder | Modified Date = 25/11/2007 8:21:08 PM | Attr = ]
catroot2 -> %System32%\catroot2 -> [Folder | Modified Date = 27/11/2007 7:38:52 PM | Attr = ]
Config.MPF -> %System32%\Config.MPF -> [Ver = | Size = 15904 bytes | Modified Date = 27/11/2007 8:16:18 PM | Attr = ]
drivers -> %System32%\drivers -> [Folder | Modified Date = 27/11/2007 7:24:16 PM | Attr = ]
FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 338688 bytes | Modified Date = 14/11/2007 5:54:02 PM | Attr = ]
migration -> %System32%\migration -> [Folder | Modified Date = 09/10/2007 5:08:00 PM | Attr = ]
NETw4c32.dll -> %System32%\NETw4c32.dll -> Intel Corporation [Ver = 11. 1. 0. 0 | Size = 679936 bytes | Modified Date = 18/10/2007 4:26:32 PM | Attr = ]
@Alternate Data Stream - 26 bytes -> %System32%\NETw4c32.dll:Zone.Identifier ->
NETw4r32.dll -> %System32%\NETw4r32.dll -> Intel Corporation [Ver = 11. 1. 0. 0 | Size = 2756608 bytes | Modified Date = 18/10/2007 4:26:32 PM | Attr = ]
@Alternate Data Stream - 26 bytes -> %System32%\NETw4r32.dll:Zone.Identifier ->
perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 111022 bytes | Modified Date = 27/11/2007 7:42:14 PM | Attr = ]
perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 630074 bytes | Modified Date = 27/11/2007 7:42:14 PM | Attr = ]
PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 729436 bytes | Modified Date = 27/11/2007 7:42:12 PM | Attr = ]
Tasks -> %System32%\Tasks -> [Folder | Modified Date = 22/11/2007 11:29:20 PM | Attr = ]
wbem -> %System32%\wbem -> [Folder | Modified Date = 14/11/2007 5:51:32 PM | Attr = ]
wlan.tmf -> %System32%\wlan.tmf -> [Ver = | Size = 1655289 bytes | Modified Date = 14/11/2007 5:49:02 PM | Attr = ]
AnyDVD.sys -> %System32%\drivers\AnyDVD.sys -> SlySoft, Inc. [Ver = 6.1.9.6 | Size = 96832 bytes | Modified Date = 07/11/2007 10:26:10 AM | Attr = ]
etc -> %System32%\drivers\etc -> [Folder | Modified Date = 22/11/2007 11:33:40 PM | Attr = ]
Msft_Kernel_SynTP_01000.Wdf -> %System32%\drivers\Msft_Kernel_SynTP_01000.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 25/11/2007 6:57:22 PM | Attr = H ]
NETw4v32.sys -> %System32%\drivers\NETw4v32.sys -> Intel Corporation [Ver = 11.1.0.100 | Size = 2216448 bytes | Modified Date = 18/10/2007 4:26:34 PM | Attr = ]
@Alternate Data Stream - 26 bytes -> %System32%\drivers\NETw4v32.sys:Zone.Identifier ->
Rtlh86.sys -> %System32%\drivers\Rtlh86.sys -> Realtek Corporation [Ver = 6.198.1003.2007 built by: WinDDK | Size = 99840 bytes | Modified Date = 03/10/2007 8:18:12 AM | Attr = ]
hosts.20071030-144155.backup -> %System32%\drivers\etc\hosts.20071030-144155.backup -> [Ver = | Size = 178754 bytes | Modified Date = 13/09/2007 5:40:04 PM | Attr = R ]
hosts.20071118-103140.backup -> %System32%\drivers\etc\hosts.20071118-103140.backup -> [Ver = | Size = 206961 bytes | Modified Date = 30/10/2007 1:41:58 PM | Attr = R ]
[File String Scan - Non-Microsoft Only]
@Alternate Data Stream - 26 bytes -> %System32%\NETw4c32.dll:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %System32%\NETw4r32.dll:Zone.Identifier ->
UPX! , UPX0 , -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.8 | Size = 279552 bytes | Modified Date = 22/07/2007 6:39:28 PM | Attr = ]
@Alternate Data Stream - 26 bytes -> %System32%\drivers\NETw4v32.sys:Zone.Identifier ->
abetterinternet.com , web-nex , ad-w-a-r-e.com , -> %System32%\drivers\etc\hosts.20071030-144155.backup -> [Ver = | Size = 178754 bytes | Modified Date = 13/09/2007 5:40:04 PM | Attr = R ]
abetterinternet.com , web-nex , ad-w-a-r-e.com , -> %System32%\drivers\etc\hosts.20071118-103140.backup -> [Ver = | Size = 206961 bytes | Modified Date = 30/10/2007 1:41:58 PM | Attr = R ]
< End of report >
WinPFind3U Log:
[Registry - Non-Microsoft Only]
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\28e18d91 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{60E2746A-9C2E-45A2-85CE-7E1A8A890961} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60E2746A-9C2E-45A2-85CE-7E1A8A890961} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ssqnkhf deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vvsqvoej deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wvuuurs deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{89D7A724-C668-4139-A206-3DED8B6B97E0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB3C35D3-D4C5-4C68-8A14-1A6375E41507} deleted successfully.
DNS NameServer information removed successfully for adapter:
DNS NameServer information removed successfully for adapter:
[Files/Folders - Created Within 90 days]
C:\Windows\SYSTEM32\agjiwcfj.dll moved successfully.
C:\Windows\SYSTEM32\attxunri.ini moved successfully.
C:\Windows\SYSTEM32\attxunri.ini2 moved successfully.
C:\Windows\SYSTEM32\attxunri.tmp moved successfully.
C:\Windows\SYSTEM32\irnuxtta.dll moved successfully.
C:\Windows\SYSTEM32\jfcwijga.ini moved successfully.
C:\Windows\SYSTEM32\mljhgee.dll moved successfully.
C:\Windows\SYSTEM32\povrpgmx.dll moved successfully.
C:\Windows\SYSTEM32\sgiivbdc.ini moved successfully.
C:\Windows\SYSTEM32\ssqnkhf.dll moved successfully.
C:\Windows\SYSTEM32\wvuuurs.dll moved successfully.
C:\Windows\SYSTEM32\xmgprvop.ini moved successfully.
C:\Windows\SYSTEM32\cdbviigs.dll moved successfully.
[Files/Folders - Modified Within 90 days]
File C:\Windows\SYSTEM32\agjiwcfj.dll not found!
File C:\Windows\SYSTEM32\attxunri.ini not found!
File C:\Windows\SYSTEM32\attxunri.ini2 not found!
File C:\Windows\SYSTEM32\attxunri.tmp not found!
File C:\Windows\SYSTEM32\irnuxtta.dll not found!
File C:\Windows\SYSTEM32\jfcwijga.ini not found!
File C:\Windows\SYSTEM32\mljhgee.dll not found!
File C:\Windows\SYSTEM32\sgiivbdc.ini not found!
File C:\Windows\SYSTEM32\ssqnkhf.dll not found!
File C:\Windows\SYSTEM32\wvuuurs.dll not found!
File C:\Windows\SYSTEM32\xmgprvop.ini not found!
< End of log >
Created on 11/27/2007 19:33:17
AVG Anti-Spyware Report:---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 8:11:44 PM 27/11/2007
+ Scan result:
:mozilla.133:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.134:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.135:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.139:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.307:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.387:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.420:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@amazonsearsca.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@brightcove.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@workopolis.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.117:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.405:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Adengage : Cleaned.
:mozilla.406:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Adengage : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@ads.adengage[2].txt -> TrackingCookie.Adengage : Cleaned.
:mozilla.394:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.33:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.65:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.66:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.67:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.68:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.76:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.77:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.88:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.327:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.86:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.395:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.399:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.419:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.453:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@e-2dj6wbkogiczwco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@e-2dj6whlisndpodp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@e-2dj6wjkogmdzcbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@e-2dj6wjlowmajeco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.158:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.159:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.204:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.205:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.206:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.266:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.267:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.458:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@ehg-camcorderinfo.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@ehg-techtarget.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.392:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.341:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@overture[1].txt -> TrackingCookie.Overture : Cleaned.
:mozilla.439:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.440:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.441:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.442:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.443:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.444:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.445:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.385:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.386:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.256:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.257:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.258:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.259:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.260:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@revsci[1].txt -> TrackingCookie.Revsci : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@www.safer-networking[1].txt -> TrackingCookie.Safer-networking : Cleaned.
:mozilla.100:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.94:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.95:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.96:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.97:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.98:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.99:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.57:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.58:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.63:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.78:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.84:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.85:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.326:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@login.tracking101[1].txt -> TrackingCookie.Tracking101 : Cleaned.
:mozilla.34:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.235:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.236:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@web-stat[1].txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.422:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.384:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Users\RHW\AppData\Roaming\Microsoft\Windows\Cookies\rhw@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.89:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.90:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.91:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.113:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.115:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.116:C:\Users\RHW\AppData\Roaming\Mozilla\Firefox\Profiles\cmkidvyd.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
::Report end