as requested, here is the
rapport text:
SmitFraudFix v2.53
Scan done at 15:52:58.69, Tue 06/06/2006
Run from C:\Documents and Settings\P DiZzLe x19\Desktop\smitfraudfix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in safe mode
»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
C:\WINDOWS\keyboard??.exe Deleted
C:\WINDOWS\uninstDsk.exe Deleted
C:\WINDOWS\warnhp.html Deleted
C:\WINDOWS\system32\intell321.exe Deleted
C:\Documents and Settings\LocalService\Application Data\AlfaCleaner Deleted
C:\Documents and Settings\P DiZzLe x19\Application Data\AlfaCleaner\ Deleted
C:\Documents and Settings\P DiZzLe x19\Application Data\Skinux\ Deleted
C:\Program Files\AlfaCleaner\ Deleted
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» End
the
ewido log:
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 4:37:16 PM, 6/6/2006
+ Report-Checksum: 5BA48069
+ Scan result:
:mozilla.6:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.7:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.8:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.10:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.13:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.14:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.21:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.22:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.23:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.24:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.25:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.26:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.45:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.49:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.92:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.94:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.95:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.96:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.97:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.103:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.104:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.105:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.106:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.107:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.108:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.109:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.110:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.112:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.113:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.114:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.115:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.116:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.117:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.118:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.119:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.122:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.123:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.124:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.126:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.127:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.128:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.130:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.131:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.132:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.133:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.134:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.135:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.136:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.137:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.153:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup
:mozilla.181:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.183:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.184:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.185:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.186:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.187:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.188:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.189:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.190:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.209:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.210:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.211:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.213:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.214:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.215:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.216:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.217:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.218:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.219:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.220:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.229:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.230:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.234:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.238:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.239:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.240:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.249:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.250:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.251:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.252:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.253:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.272:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.273:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.274:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.275:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.278:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.279:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.284:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.285:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.286:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.291:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.292:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.293:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.294:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.300:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup
:mozilla.301:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup
:mozilla.302:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup
:mozilla.307:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.321:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.323:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.330:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.331:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.332:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.333:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.335:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.336:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.337:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.338:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.358:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.368:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.369:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.379:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup
:mozilla.393:C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle x19@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle
x19@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle
x19@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle x19@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle
x19@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle x19@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle x19@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle
x19@c5.zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle x19@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle x19@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle
x19@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle x19@estat[1].txt -> TrackingCookie.Estat : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle x19@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle x19@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle x19@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle x19@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle x19@trafic[1].txt -> TrackingCookie.Trafic : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle x19@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle x19@zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\em3792\HbTools.mlpX -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\P DiZzLe x19\rose.out.exe -> Backdoor.Rbot : Cleaned with backup
C:\Program Files\DIGStream\digstream.exe -> Not-A-Virus.Downloader.Win32.DigStream : Cleaned with backup
C:\WINDOWS\Temp\Cookies\p dizzle x19@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\WINDOWS\winfix32.exe -> Backdoor.Rbot : Cleaned with backup
::Report End
panda log:
Incident Status Location
Hacktool:rootkit/fu.a Not disinfected hkey_local_machine\system\currentcontrolset\services\msdirectx
Adware:adware/dollarrevenue Not disinfected Windows Registry
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[.doubleclick.net/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[.ads.pointroll.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[.questionmarket.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[.advertising.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[.mediaplex.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[statse.webtrendslive.com/]
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[.tradedoubler.com/]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[.xiti.com/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[.2o7.net/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[.serving-sys.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[.bs.serving-sys.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[.serving-sys.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[.atwola.com/]
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[as1.falkag.de/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[.realmedia.com/]
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[.maxserving.com/]
Spyware:Cookie/FortuneCity Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[.fortunecity.com/]
Spyware:Cookie/Entrepreneur Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Mozilla\Firefox\Profiles\quznjc4p.default\cookies.txt[.entrepreneur.com/]
Adware:Adware/PestTrap Not disinfected C:\Documents and Settings\P DiZzLe x19\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-4732cb06-65b4f86f.zip[web.exe]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle x19@247realmedia[1].txt
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle x19@2o7[1].txt
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle x19@2o7[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle
x19@ad.yieldmanager[2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle
x19@ads.pointroll[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle x19@advertising[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle
x19@as-us.falkag[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle x19@atdmt[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle x19@atwola[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle x19@belnk[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle x19@casalemedia[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle
x19@dist.belnk[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle x19@doubleclick[1].txt
Spyware:Cookie/Entrepreneur Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle x19@entrepreneur[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle x19@fastclick[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle x19@hitbox[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle
x19@media.fastclick[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle x19@mediaplex[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle x19@questionmarket[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle x19@realmedia[2].txt
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle x19@targetnet[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle x19@tribalfusion[2].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\P DiZzLe x19\Cookies\p dizzle x19@zedo[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle x19@atwola[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle x19@belnk[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\P DiZzLe x19\Local Settings\Temp\Cookies\p dizzle
x19@dist.belnk[2].txt
new hijack this log
:
Logfile of HijackThis v1.99.1
Scan saved at 9:29:10 PM, on 6/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Wireless-G Portable USB Adapter\WLService.exe
C:\Program Files\Wireless-G Portable USB Adapter\WUSB54GP.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\AIM\aim.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\P DiZzLe x19\Desktop\HijackThis.exe
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee Privacy Service Popup Blocker - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {6ED948C2-486B-4FBC-997A-D649D6D8FEBB} - C:\WINDOWS\system32\pmkhf.dll (file missing)
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1135479603\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Cleanup] C:\DOCUME~1\PDIZZL~1\LOCALS~1\Temp\2006531103327_mcappins.exe /v=3 /cleanup
O4 - HKLM\..\Run: [firewall32] C:\WINDOWS\firewall32.exe
O4 - HKLM\..\RunServices: [firewall32] C:\WINDOWS\firewall32.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe" /d locale=en-US
ee://aol/imApp
O4 - HKCU\..\Run: [SP2 Connection Patcher] "C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [freestyle] rBot.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [firewall32] C:\WINDOWS\firewall32.exe
O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/ms ... b31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) -
http://miniclip.com/supergerball/miniclipGameLoader.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) -
http://static.zangocash.com/cab/Seekmo/ ... 54b810aed3
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: WUSB54GPSVC - Unknown owner - C:\Program Files\Wireless-G Portable USB Adapter\WLService.exe" "WUSB54GP.exe (file missing)