[bloomyisia]

Hey everyone. Just a few minutes ago I was browsing on the internet and was doing a google search. I clicked on one of the links and it ended up opening a page where it was one of those "Your computer is infected, you must scan it now" type of things. It wasn't a popup, it opened in the firefox as if it were loading an actual website. And it also didn't prompt to download any software. It looked exactly the window when you click My Computer.

In 10 min my firefox closed all the tabs and another prompt "Your computer is infected.." blah blah blah came up. It does that every time I open firefox :( I'm using AOL explorer now

Please help!!!!

[Razer]

Use anything but FireFox atm.

Evil Fantasy should pick up your post and tell you what to do.

Have you run Spyware and Anti-Virus scans? Might pick it up and get rid. Likelihood is, if FireFox is infected, the rest of your PC is too.

[bloomyisia]

Yeah, I'm using AOL explorer and I just the same thing here but Kaspersky blocked the website from loading. It says that I have Trojan.HTML.fraud.l

I haven't run any spyware scans because the programs that I had weren't very useful so I uninstalled them since I'm running low on space.

[Razer]

That was a bad idea. Get SpyBot S&D and run that, don't use the tea-timer that comes with it.

[evilfantasy]

We need the logs from this topic.

- SUPERAntiSpyware
- Malwarebytes
- HijackThis

[bloomyisia]

Sorry this took a while. Here are the logs.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 10/31/2009 at 08:45 PM
Application Version : 4.29.1004
Core Rules Database Version : 4217
Trace Rules Database Version: 2122
Scan type : Quick Scan
Total Scan Time : 01:41:50
Memory items scanned : 571
Memory threats detected : 0
Registry items scanned : 620
Registry threats detected : 6
File items scanned : 33629
File threats detected : 515
Adware.Tracking Cookie
C:\Documents and Settings\Bloomy\Cookies\bloomy@ad.yieldmanager[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@serving-sys[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@trafficmp[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@adtech[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@pointroll[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@cdn.at.atwola[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@insightexpressai[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@server.iad.livepers on[3].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@www.burstnet[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@adserver.adtechus[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@tacoda[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@mediaplex[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@casalemedia[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@atdmt[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@apmebf[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@collective-media[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@advertising[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@content.yieldmanage r[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@ads.lucidmedia[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@server.iad.livepers on[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@specificmedia[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@adlegend[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@ads.bridgetrack[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@fastclick[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@kaspersky.122.2o7[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@adbrite[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@realmedia[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@at.atwola[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@doubleclick[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@oasn04.247realmedia[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@media6degrees[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@burstnet[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@ads.pointroll[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@msnportal.112.2o7[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@bs.serving-sys[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@cdn4.specificclick[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@kontera[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@ar.atwola[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@specificclick[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@statse.webtrendsliv e[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@questionmarket[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@247realmedia[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@zedo[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@www.burstbeacon[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@ads.achildgrowsinbr ooklyn[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@network.realmedia[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@yieldmanager[1].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@atwola[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@lucidmedia[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@tribalfusion[2].txt
C:\Documents and Settings\Bloomy\Cookies\bloomy@burstbeacon[2].txt
.mediaplex.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.doubleclick.net [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.admarketplace.net [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.admarketplace.net [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.admarketplace.net [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.edge.ru4.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.edge.ru4.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.atdmt.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjlyqndzido.stats.esomniture.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wgkikjd5klo.stats.esomniture.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.ads.addynamix.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjkykpazsdo.stats.esomniture.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjny-1mcjag.stats.esomniture.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
server.iad.liveperson.net [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
server.iad.liveperson.net [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
server.iad.liveperson.net [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
server.iad.liveperson.net [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
server.iad.liveperson.net [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.atwola.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.2o7.net [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.2o7.net [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.revsci.net [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.revsci.net [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.bizrate.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.bizrate.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.bizrate.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.bizrate.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.saksfifthavenue.122.2o7.net [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjnysidzwgo.stats.esomniture.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjliuidpchq.stats.esomniture.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wflokhd5ibo.stats.esomniture.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjnyalcpohp.stats.esomniture.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjkospcpilp.stats.esomniture.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjloekcpedo.stats.esomniture.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wgkislcpohp.stats.esomniture.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjk4wkczeep.stats.esomniture.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.nextag.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.nextag.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjliolczcbp.stats.esomniture.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjkychdjmbp.stats.esomniture.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wgkywkdjsco.stats.esomniture.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6whk4und5aep.stats.esomniture.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
test.coremetrics.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjnycmdjgfo.stats.esomniture.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6whlyujcjiao.stats.esomniture.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wflooiajkbp.stats.esomniture.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjk4wod5eaq.stats.esomniture.com [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.fastclick.net [ C:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
C:\Documents and Settings\Other\Cookies\other@atwola[1].txt
F:\Documents and Settings\Administrator.IRINA\Cookies\administrator @at.atwola[1].txt
F:\Documents and Settings\Administrator.IRINA\Cookies\administrator @cdn.at.atwola[1].txt
F:\Documents and Settings\Administrator.IRINA\Cookies\administrator @revsci[2].txt
F:\Documents and Settings\Administrator.IRINA\Cookies\administrator @atwola[1].txt
F:\Documents and Settings\Administrator.IRINA\Cookies\administrator @msnportal.112.2o7[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.tripod.lycos[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ientry[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.love-teens[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@images.crossmediase rvices[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@clicktrack.wnu[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.discount-halloween-costumes[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@discountcruises.cru isemagic[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@banners.nbcupromote s[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.lasvegas[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ui.zanox-affiliate[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.clickmanage[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@cnstats[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.tns-counter[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.ussearch[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@trafficounter[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@adrevolver[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@link.vericlick[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@info.ticketsnow[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@pt.crossmediaservic es[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@it.acronymfinder[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.sexy-cola[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.sexbuddies[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@school.sexzaiki[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.macromedia[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.pennyweb[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.mystats[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@dealtime.co[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@find[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@half.advertarium.co m[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@doubleclick[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.harperteen[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@adv.zapal[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.countercentral[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.integraclick[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@sydney.find-hotels[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@eboz[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@isex[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@zedo[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.buddypic[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.lyricfind[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.thegauntlet[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@bs.serving-sys[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@teenagedopeslave[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.castingcouchtee ns[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.aporno[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@counter.lyricsdownl oad[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@track.faqts[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.short-media[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@divavillage.adverts erve[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.sexlibs[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.globalmediapro[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.us.e-planning[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@hit.namimedia[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@goto.trafficmultipl ier[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@watchclick[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.pornozero[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@windowsmedia[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@xtracker[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@gifts-for-teens[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@cj.sexdolls[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@traffic.clearplane[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.coolcounters[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@newaccounts.freeweb s[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@media101.sitebrand[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@starwares[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@teenwriting.about[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@leaderboard.adnet[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@mediabuilder[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@findmidis[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@stat.netlogic[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ezz.ezzmedia[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@flashbannernow[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@adcentriconline[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.vnuemedia[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@banner.cdpoker[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@rotabanner100.utro[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@doctorg.inadult[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@stormingmedia[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@optimost[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@stats.manticoretech nology[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.teenstargalleri es[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@xxx.top-ras[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@insightexpressai[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@toplist[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@bestoporn[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@spamblockerutility[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@fasttrack.switechno logies[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.zap2it[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@counter[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@counter[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@countrymusic.about[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.trafficbeamer[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@stats24[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.bridgetrack[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.peoplefinders[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@media.perfettomedia[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.sexzaiki[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@azara.freestats[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@webtracking.touchcl arity[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@clickfrom.buy[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@mmail.tripod[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@allsexgirls[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@interclick[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.searchextreme[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.neowin[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@stats.foresite[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.700x60.adnet[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@adiscountbeauty[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@banners.babes[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.neurox[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.oddcast[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ad2.bb[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www1.sexls[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@media.snapvine[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@extend.dearpornstar s[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@specificclick[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@counter[3].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.vokrug[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads2.blastro[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.contactmusic[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@stats[4].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@stats[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@stats[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ez-tracks[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@cdn.at.atwola[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@webstats.bcd2000[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@easy-hit-counters[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ad.vba[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@server.cpmstar[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ad.yieldmanager[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@icc.intellisrv[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@questionmarket[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ad1.bb[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@hurricanedigitalmed ia[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.ecrush[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@atdmt[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@overture.ticketsolu tions[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@nandomedia[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@xxx-files[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@tracker.com[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@us.bestwebdiscounts[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@zweigmedia[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.singingfool[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@einmedia[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@centralmediaserver[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@teenpeople[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@rotabanner.dni[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.jointheporn[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@rapidresponse.direc ttrack[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@tracking.3gnet[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@msnportal.112.2o7[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@hurricanetracker05[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@elite.super-puper[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@m1.webstats4u[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@caselaw.lp.findlaw[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@burstnet[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@perfettomedia[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.jackpot[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@hotels.trip-discounts[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ad.ph-prt.tbn[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads3.blastro[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@adbrite[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.teens-max[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.untracked[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@apmebf[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@rotabanner.rian[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@saletrack.co[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.clickheretofind[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@fly-media.adnet[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ad.admarketplace[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@c.clickcashmoney[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@findadoctor.med.nyu[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@r-kimedia.co[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ad.israland[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@kohls70shop.crossme diaservices[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@anad.tacoda[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.rupornopics[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@engine.adnet[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads1.rodale[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@tracking.foxnews[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@kanoodle[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.ticketsnow1[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.ticketsnow2[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@mediaplex[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ad.600.tbn[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@stats01.pointshop[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@atwola[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.eztrackz[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.ezytrack[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.habbogroup[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@counter.fateback[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@clicktracks.webmetr o[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@bannermyspace[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@sweet-time.teen4ever[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@mediatemple[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.ez-tracks[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.countryfordltd[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.sexov[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@100.rbcmedia[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.bannerhouse[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ar.atwola[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@experclick[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.einmedia[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@media.skyauction[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@a.websponsors[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.ru-xxx[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.essayfinder[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@t1.q-stats[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@mediaonenetwork[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.ruporno[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@media.adrevolver[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@tracker.roitesting[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.pointroll[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.ruspornota[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.xxxepcoh[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@seventeen.princeton review[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@reservations.motel-discounts[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@xxx-videosz[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.vnuemedia[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.100.rbcmedia[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@oneclicktocontact[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.teenpeople[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.porn-mobile[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@2o7[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@tk.admin-account[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.nowteen[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.s-tracking[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@questionpro[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@deepdiscountdvd[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.op-design[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.first-internet-sex-shop[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.masternewmedia[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@120.rbcmedia[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.adfox[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@masternewmedia[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.backcountryoutl et[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ezzmedia[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@affordablebeds.free stats[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.txt.medialand[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@soundclick[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@freebannertrade[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@counter.credo[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@accountonline[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.pornocook[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@furniturefind[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@admarketplace[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@stats.adbrite[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@scimed.acronymfinde r[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@business.acronymfin der[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www2.inettraffic[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@coursefinder[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.worldemail[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@adopt.euroclick[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.mxcounters[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.click2music.com[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ebay.admarketplace[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@counter.nn[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@mypornovideo[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.furniturefind[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@tracking[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@smileycentral[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.120.rbcmedia[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.dressfinder[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.accountonline[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.teenchallenge[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@server.iad.livepers on[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@server.iad.livepers on[3].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@clicktwentysix[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.mobiledia[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@imp.partner2profit[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@homeclick[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www100.homeclick[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@tracking[4].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@stats.georgianjewel ry[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.backcountrystor e[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@234.rbcmedia[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@discountdance[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@find.person.superpa ges[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.234.rbcmedia[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@client.roiadtracker[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@certified-safe-downloads[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@slang.acronymfinder[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@stats.liutilities[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.glispa[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@serving-sys[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.pornogid[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.discountdance[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@rotabanner468.utro[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@findlaw[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@acvs.mediaonenetwor k[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@account[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@006.free-counter.co[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@beauty-porn[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@at.atwola[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@excellent-porno[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@hmt.connexpromotion s[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@stats.espinthebottl e[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@banners[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@thebest.porneed[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@count.webtrackingse rvices[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@stats1.webmetrics[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.electrodiscount s[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.ticketsnow[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@find.intelius[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@trafficmp[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@150.rbcmedia[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.counters[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.turbofind[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@acronymfinder[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@vhost.oddcast[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@count[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@xxx.ruporn[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@v7.stats.load[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@comparediscounthote ls[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@hotels-and-discounts[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@clickthrutracking[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@dynamic.media.adrev olver[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@country.mididb[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.countrysongtitl es[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@txt.advertarium.com[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.teensporn[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@local.medialand[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@aspencountry[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@onetruemedia[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.discountcardiol ogy[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.150.rbcmedia[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@lawyers.findlaw[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.005.free-counter.co[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@sdc.rbistats[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.linkfinding[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@468.rbcmedia[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@coolsavings[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.bigfoot[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.azoogleads[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@discounthotels[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.468.rbcmedia[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.trackingroi[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@discount.cruisenetw ork[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@rotabanner.kleo[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@tns-counter[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@rotabanner.utro[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@revsci[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.mindviz[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@nytix.freestats[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.backcountry[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@tracking.sms[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@rotabanner.izvestia[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@www.findarticles[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@advertising[1].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@tacoda[2].txt
F:\Documents and Settings\Bloomy\Cookies\bloomy@ads.habbohotel[1].txt
.mediaplex.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.doubleclick.net [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.adopt.specificclick.net [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.adopt.specificclick.net [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.adopt.specificclick.net [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.adopt.specificclick.net [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.adopt.specificclick.net [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.admarketplace.net [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.admarketplace.net [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.admarketplace.net [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.edge.ru4.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.edge.ru4.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.atdmt.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjlyqndzido.stats.esomniture.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wgkikjd5klo.stats.esomniture.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.ads.addynamix.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjkykpazsdo.stats.esomniture.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjny-1mcjag.stats.esomniture.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
server.iad.liveperson.net [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
server.iad.liveperson.net [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
server.iad.liveperson.net [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
server.iad.liveperson.net [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
server.iad.liveperson.net [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.atwola.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.2o7.net [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.2o7.net [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.revsci.net [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.revsci.net [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.bizrate.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.bizrate.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.bizrate.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.bizrate.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.saksfifthavenue.122.2o7.net [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjnysidzwgo.stats.esomniture.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjliuidpchq.stats.esomniture.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wflokhd5ibo.stats.esomniture.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjnyalcpohp.stats.esomniture.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjkospcpilp.stats.esomniture.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjloekcpedo.stats.esomniture.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wgkislcpohp.stats.esomniture.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjk4wkczeep.stats.esomniture.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.nextag.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.nextag.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjliolczcbp.stats.esomniture.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjkychdjmbp.stats.esomniture.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wgkywkdjsco.stats.esomniture.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6whk4und5aep.stats.esomniture.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
test.coremetrics.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjnycmdjgfo.stats.esomniture.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6whlyujcjiao.stats.esomniture.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wflooiajkbp.stats.esomniture.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.e-2dj6wjk4wod5eaq.stats.esomniture.com [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
.fastclick.net [ F:\Documents and Settings\Other\Application Data\Mozilla\Firefox\Profiles\p06kj3rx.default\coo kies.txt ]
F:\Documents and Settings\Other\Cookies\other@atwola[1].txt
Browser Hijacker.Tubby
HKCR\CLSID\{CF021F40-3E14-23A5-CBA2-717177651316}
HKCR\CLSID\{CF021F40-3E14-23A5-CBA2-717177651316}\InprocServer32
HKCR\CLSID\{CF021F40-3E14-23A5-CBA2-717177651316}\InprocServer32#ThreadingModel
HKCR\CLSID\{CF021F40-3E14-23A5-CBA2-717177651316}\ProgID
HKCR\CLSID\{CF021F40-3E14-23A5-CBA2-717177651316}\Programmable
HKCR\CLSID\{CF021F40-3E14-23A5-CBA2-717177651316}\VersionIndependentProgID

- - - - - - - - -

Malwarebytes' Anti-Malware 1.41
Database version: 3078
Windows 5.1.2600 Service Pack 3
11/1/2009 11:59:19 AM
mbam-log-2009-11-01 (11-59-19).txt
Scan type: Quick Scan
Objects scanned: 131244
Time elapsed: 25 minute(s), 13 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\yingsoft (Malware.Trace) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)

[bloomyisia]

Logfile of HijackThis v1.99.1
Scan saved at 12:01:28 PM, on 11/1/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Logitech1\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\AOL\1135956007\ee\aolsoftware.exe
c:\program files\common files\aol\1135956007\ee\aexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost;*.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO:
- {A1FB2F9A-D35E-11DD-8935-E46A56D89593} - C:\Program Files\oovootb\dtx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ooVoo Toolbar - {A1FB2F9A-D35E-11DD-8935-E46A56D89593} - C:\Program Files\oovootb\dtx.dll
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Program Files\Samsung\Samsung CLP-310 Series\Install\Application\SPANEL\PanelMgr\SSMMgr. exe /autorun
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\RunOnce: [] C:\Program Files\Internet Explorer\IEXPLORE.EXE http://www.symantec.com/techsupp/ser...00049.000000b9
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/game...ts/y/xt0_x.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?link...67&clcid=0x409
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
O16 - DPF: {5763F8E8-0DD7-4A0F-ADB0-9F64C8F2C349} (Pixami/Snapfish Upload UI Control) - http://www.snapfish.com/SnapfishUploader.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - https://scan.safety.live.com/resourc...scbase3401.cab
O16 - DPF: {5F8A33E7-6A32-4EE0-887A-134C627CB052} (Easy Upload Tool Combo Control) - http://bloomyisia.myphotoalbum.com/EasyUploadTool.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} (WebEyeControl) - http://www.rockefellercenter.com/viewer/wg_webeye.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab32846.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab
O18 - Protocol: bw+0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {999930CE-1058-4585-B452-CC302AEE757E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" -r (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

[evilfantasy]

Download DDS from |HERE| or |HERE| or |HERE| and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.

1) DDS.txt
2) Attach.txt

* Save both logs to your desktop.
* Please copy and paste the entire contents of both logs in your next reply.

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copy and pasting it into the reply.

[bloomyisia]

DDS (Ver_09-09-29.01) - NTFSx86
Run by Bloomy at 12:18:47.76 on Sun 11/01/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_15
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.269 [GMT -5:00]
AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Logitech1\SetPoint\SetPoint.exe
svchost.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Common Files\AOL\1135956007\ee\aolsoftware.exe
c:\program files\common files\aol\1135956007\ee\aexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe
C:\WINDOWS\notepad.exe
C:\Documents and Settings\Bloomy\Desktop\dds.com
============== Pseudo HJT Report ===============
uStart Page = about:blank
uInternet Settings,ProxyOverride = localhost;*.local
mSearchURL = hxxp://ie.search.msn.com
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2009\ievkbd.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: ooVoo Toolbar: {a1fb2f9a-d35e-11dd-8935-e46a56d89593} - c:\program files\oovootb\dtx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: ooVoo Toolbar: {a1fb2f9a-d35e-11dd-8935-e46a56d89593} - c:\program files\oovootb\dtx.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRunOnce: [<NO NAME>] c:\program files\internet explorer\IEXPLORE.EXE http://www.symantec.com/techsupp/ser...00049.000000b9
mRun: [Samsung PanelMgr] c:\program files\samsung\samsung clp-310 series\install\application\spanel\panelmgr\SSMMgr. exe /autorun
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\log ite~1.lnk - c:\program files\logitech1\setpoint\SetPoint.exe
IE: Add to Banner Ad Blocker - c:\program files\kaspersky lab\kaspersky internet security 2009\ie_banner_deny.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky internet security 2009\SCIEPlgn.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: Yahoo! Bingo - hxxp://download.games.yahoo.com/games/clients/y/xt0_x.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {5763F8E8-0DD7-4A0F-ADB0-9F64C8F2C349} - hxxp://www.snapfish.com/SnapfishUploader.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxps://scan.safety.live.com/resource/download/scanner/en-us/wlscbase3401.cab
DPF: {5F8A33E7-6A32-4EE0-887A-134C627CB052} - hxxp://bloomyisia.myphotoalbum.com/EasyUploadTool.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - hxxp://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} - hxxp://www.microsoft.com/security/controls/Sasser/20/SassCln.CAB
DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} - hxxp://www.rockefellercenter.com/viewer/wg_webeye.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-150-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} - hxxp://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxsrvc.dll
Notify: klogon - c:\windows\system32\klogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\bloomy\applic~1\mozilla\firefox\profil es\mxm2pcme.default\
FF - prefs.js: browser.search.selectedEngine - Thesaurus - Reference.com
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\quicktime\plugins\npqtplugin8.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: f:\program files\google\picasa3\npPicasa3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
============= SERVICES / DRIVERS ===============
R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-7-21 121872]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 33808]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboo t.sys [2009-5-1 28544]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2008-11-26 213520]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-10-12 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-10-12 74480]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/04/20 20:57:17];f:\program files\cyberlink\powerdvd9\powerdvd9\000.fcl [2009-3-30 87536]
R2 AVP;Kaspersky Internet Security;c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe [2008-7-29 208616]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepK E.sys [2007-4-30 3712]
R2 PD91Agent;PD91Agent;c:\program files\raxco\perfectdisk2008\PD91Agent.exe [2008-9-9 693512]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-6-15 24652]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-4-30 24592]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-10-12 7408]
S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\sspo rt.sys --> c:\windows\system32\drivers\SSPORT.sys [?]
S3 brfilt;Brother MFC Filter Driver;c:\windows\system32\drivers\BrFilt.sys [2004-1-3 2944]
S3 BrSerWDM;Brother Serial driver;c:\windows\system32\drivers\BrSerWdm.sys [2004-1-3 60416]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\system32\drivers\BrUsbMdm.sys [2004-1-3 11008]
S3 BrUsbScn;Brother MFC USB Scanner driver;c:\windows\system32\drivers\BrUsbScn.sys [2004-1-3 10368]
S3 Fapieied;Fapieied; [x]
S3 PD91Engine;PD91Engine;c:\program files\raxco\perfectdisk2008\PD91Engine.exe [2008-9-9 906504]
S3 PLUsbbc2;USB 2.0 Networking/Data Transfer Cable;c:\windows\system32\drivers\usbbc2.sys [2007-7-26 8960]
S3 Winacusb;Winacusb;c:\windows\system32\drivers\wina cusb.sys --> c:\windows\system32\drivers\winacusb.sys [?]
S4 AGWinService;AG Windows Service;c:\program files\agi\common\win32\pythonservice.exe [2008-11-26 10240]
=============== Created Last 30 ================
2009-11-01 11:32 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-01 11:32 19,160 a------- c:\windows\system32\drivers\mbam.sys
2009-11-01 11:32 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-10-31 17:53 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-10-31 17:52 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-10-31 17:52 <DIR> --d----- c:\docume~1\bloomy\applic~1\SUPERAntiSpyware.com
2009-10-31 17:12 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
==================== Find3M ====================
2009-11-01 11:20 8,429,600 a--sh--- c:\windows\system32\drivers\fidbox.dat
2009-11-01 11:20 1,212,448 a--sh--- c:\windows\system32\drivers\fidbox2.dat
2009-11-01 11:20 67,984 a--sh--- c:\windows\system32\drivers\fidbox.idx
2009-11-01 11:20 6,272 a--sh--- c:\windows\system32\drivers\fidbox2.idx
2009-10-14 14:47 108,059 a------- c:\windows\system32\drivers\klin.dat
2009-10-14 14:47 95,259 a------- c:\windows\system32\drivers\klick.dat
2009-09-28 21:36 112,176 a------- c:\docume~1\bloomy\applic~1\GDIPFONTCACHEV1.DAT
2009-09-11 09:18 136,192 a------- c:\windows\system32\msv1_0.dll
2009-09-11 09:18 136,192 -------- c:\windows\system32\dllcache\msv1_0.dll
2009-09-04 16:03 58,880 a------- c:\windows\system32\msasn1.dll
2009-09-04 16:03 58,880 -------- c:\windows\system32\dllcache\msasn1.dll
2009-08-28 05:28 70,656 -------- c:\windows\system32\dllcache\ie4uinit.exe
2009-08-28 05:28 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2009-08-27 00:18 634,648 -------- c:\windows\system32\dllcache\iexplore.exe
2009-08-27 00:18 161,792 -------- c:\windows\system32\dllcache\ieakui.dll
2009-08-26 03:00 247,326 -------- c:\windows\system32\strmdll.dll
2009-08-26 03:00 247,326 -------- c:\windows\system32\dllcache\strmdll.dll
2009-08-20 14:09 1,193,832 a------- c:\windows\system32\FM20.DLL
2009-08-13 10:16 512,000 -------- c:\windows\system32\dllcache\jscript.dll
2009-08-06 18:24 327,896 a------- c:\windows\system32\dllcache\wucltui.dll
2009-08-06 18:24 209,632 a------- c:\windows\system32\dllcache\wuweb.dll
2009-08-06 18:24 35,552 a------- c:\windows\system32\dllcache\wups.dll
2009-08-06 18:24 53,472 a------- c:\windows\system32\dllcache\wuauclt.exe
2009-08-06 18:24 96,480 a------- c:\windows\system32\dllcache\cdm.dll
2009-08-06 18:23 575,704 a------- c:\windows\system32\dllcache\wuapi.dll
2009-08-06 18:23 1,929,952 a------- c:\windows\system32\dllcache\wuaueng.dll
2009-08-06 18:23 274,288 a------- c:\windows\system32\mucltui.dll
2009-08-06 18:23 215,920 a------- c:\windows\system32\muweb.dll
2009-08-05 04:01 204,800 -------- c:\windows\system32\mswebdvd.dll
2009-08-05 04:01 204,800 -------- c:\windows\system32\dllcache\mswebdvd.dll
2009-08-04 19:44 2,189,184 -------- c:\windows\system32\ntoskrnl.exe
2009-08-04 19:44 2,189,184 -------- c:\windows\system32\dllcache\ntoskrnl.exe
2009-08-04 10:13 2,145,280 -------- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-08-04 09:20 2,023,936 -------- c:\windows\system32\dllcache\ntkrpamp.exe
2009-08-04 09:20 2,066,048 -------- c:\windows\system32\ntkrnlpa.exe
2009-08-04 09:20 2,066,048 -------- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-02-25 20:13 133 a---h--- c:\docume~1\bloomy\applic~1\lakerda1967.sys
2006-03-17 18:52 24,192 a------- c:\documents and settings\bloomy\usbsermptxp.sys
2006-03-17 18:52 22,768 a------- c:\documents and settings\bloomy\usbsermpt.sys
2006-02-05 20:52 12 a------- c:\program files\MOBILE.INI
2004-08-06 18:55 1,986 a------- c:\documents and settings\bloomy\winupdate.dat
2004-01-04 13:41 3,130,328 a------- c:\program files\Install_AIM.exe
2002-04-23 07:39 10,431,072 a------- c:\program files\mp71.exe
2002-04-23 07:35 35,842 a------- c:\program files\microsoft.comwindowswindowsmediadownload.htm l
2002-04-23 07:35 6,552 a------- c:\program files\GoldWave 4.26-sound editor player recorder converterFULL.html
2002-04-23 06:30 644,622 a------- c:\program files\lamewin32.exe
2009-01-12 21:17 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009011220090 113\index.dat
============= FINISH: 12:20:50.87 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-09-29.01)
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 1/3/2004 4:40:17 PM
System Uptime: 11/1/2009 12:20:23 PM (0 hours ago)
Motherboard: Dell Computer Corp. | | 0C2425
Processor: Intel(R) Pentium(R) 4 CPU 2.40GHz | Microprocessor | 2392/533mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 37 GiB total, 1.858 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (NTFS) - 233 GiB total, 206.726 GiB free.
H: is Removable
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP987: 8/20/2009 1:49:44 PM - Printer Driver Microsoft XPS Document Writer Installed
RP988: 8/15/2009 2:35:10 PM - System Checkpoint
RP989: 8/16/2009 3:00:46 PM - System Checkpoint
RP990: 8/16/2009 8:00:44 PM - Software Distribution Service 3.0
RP991: 8/19/2009 7:00:43 PM - System Checkpoint
RP992: 8/20/2009 7:23:10 PM - System Checkpoint
RP993: 8/21/2009 7:29:18 PM - System Checkpoint
RP994: 8/22/2009 9:00:57 PM - System Checkpoint
RP995: 8/23/2009 9:38:32 PM - System Checkpoint
RP996: 8/25/2009 11:11:21 AM - System Checkpoint
RP997: 8/26/2009 11:38:58 AM - System Checkpoint
RP998: 8/26/2009 2:51:29 PM - Installed Turbo Lister 2
RP999: 8/26/2009 8:00:23 PM - Software Distribution Service 3.0
RP1000: 8/27/2009 8:08:21 PM - System Checkpoint
RP1001: 8/28/2009 9:38:31 PM - System Checkpoint
RP1002: 8/29/2009 10:50:37 PM - System Checkpoint
RP1003: 8/30/2009 10:51:16 PM - System Checkpoint
RP1004: 9/1/2009 1:03:49 PM - System Checkpoint
RP1005: 9/1/2009 8:00:22 PM - Software Distribution Service 3.0
RP1006: 9/2/2009 8:08:53 PM - System Checkpoint
RP1007: 9/3/2009 8:19:24 PM - System Checkpoint
RP1008: 9/7/2009 11:33:09 AM - System Checkpoint
RP1009: 9/8/2009 11:53:57 AM - System Checkpoint
RP1010: 9/9/2009 3:04:00 PM - System Checkpoint
RP1011: 9/9/2009 8:00:34 PM - Software Distribution Service 3.0
RP1012: 9/10/2009 9:44:48 PM - System Checkpoint
RP1013: 9/11/2009 10:48:49 PM - System Checkpoint
RP1014: 9/13/2009 2:23:18 PM - System Checkpoint
RP1015: 9/14/2009 8:26:54 PM - System Checkpoint
RP1016: 9/15/2009 9:53:26 PM - System Checkpoint
RP1017: 9/18/2009 8:19:42 PM - System Checkpoint
RP1018: 9/20/2009 11:57:54 AM - System Checkpoint
RP1019: 9/25/2009 8:58:42 PM - System Checkpoint
RP1020: 9/26/2009 10:01:20 PM - System Checkpoint
RP1021: 9/28/2009 4:23:59 PM - System Checkpoint
RP1022: 10/1/2009 10:30:38 AM - System Checkpoint
RP1023: 10/3/2009 3:32:32 PM - System Checkpoint
RP1024: 10/5/2009 10:17:59 PM - System Checkpoint
RP1025: 10/7/2009 9:52:40 PM - System Checkpoint
RP1026: 10/9/2009 5:17:41 PM - System Checkpoint
RP1027: 10/11/2009 7:00:22 PM - System Checkpoint
RP1028: 10/12/2009 7:12:08 PM - System Checkpoint
RP1029: 10/13/2009 8:01:28 PM - Software Distribution Service 3.0
RP1030: 10/15/2009 10:26:58 AM - System Checkpoint
RP1031: 10/16/2009 3:09:29 PM - System Checkpoint
RP1032: 10/17/2009 3:42:15 PM - System Checkpoint
RP1033: 10/18/2009 10:31:53 PM - System Checkpoint
RP1034: 10/21/2009 9:55:37 PM - System Checkpoint
RP1035: 10/22/2009 8:00:55 PM - Software Distribution Service 3.0
RP1036: 10/23/2009 8:39:09 PM - System Checkpoint
RP1037: 10/24/2009 9:25:04 PM - System Checkpoint
RP1038: 10/25/2009 9:26:53 PM - System Checkpoint
RP1039: 10/28/2009 8:26:44 PM - System Checkpoint
RP1040: 10/29/2009 9:22:49 PM - System Checkpoint
RP1041: 10/31/2009 6:28:37 PM - System Checkpoint
RP1042: 10/31/2009 6:52:04 PM - Installed SUPERAntiSpyware Free Edition
==== Installed Programs ======================
µTorrent
123VideoMagic
ABBYY FineReader 5.0 Sprint
Adobe Acrobat Reader 3.01
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Flash Player ActiveX
Adobe Photoshop CS
Adobe Reader 8.1.4
Adobe Shockwave Player
AIM 6
Alive Zune Video Converter (version 1.2.8.8)
Anvil Studio
AOL Instant Messenger
AOL Uninstaller (Choose which Products to Remove)
Apple Mobile Device Support
Apple Software Update
Avanquest update
Avidemux 2.5
Banctec Service Agreement
BCM V.92 56K Modem
BlackBerry Desktop Software 4.2.2
Bonjour
Broadcom Management Programs
Brother MFL Pro Suite
BS.Player FREE
Compatibility Pack for the 2007 Office system
Cool Edit Pro 2.0
Critical Update for Windows Media Player 11 (KB959772)
CyberLink PowerDVD 9
DA920EN
Dell AIO Printer A920
Dell Digital Jukebox Driver
Dell Media Experience
Dell Networking Guide
Dell Solution Center
Dell Support 5.0.0 (766)
DIGOpt
DIGReqEx
DivX Web Player
Dr Watson for Microsoft Windows OneCare Live v0.9.0929.18
DS21Patch
EPSON CardMonitor
EPSON PhotoStarter3.0
EPSON PictureMate User's Guide
EPSON Printer Software
Film Factory
GMail Drive Shell Extension
Google Talk (remove only)
Google Video Uploader
Help and Support Customization
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 1.99.1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
HP LaserJet 1100
Intel(R) Extreme Graphics Driver
Internet Explorer Default Page
iPod for Windows 2006-03-23
iPod Updater 2004-11-15
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 6
Jasc Paint Shop Photo Album
Java(TM) 6 Update 15
JetLan USB 2.0 Networking - Data Transfer Cable
Kaspersky Internet Security 2009
KhalSetup
KONICA MINOLTA magicolor 2400W
Lernout & Hauspie TruVoice American English TTS Engine
LimeWire PRO 4.13.0
Logitech Desktop Messenger
Logitech Print Service
Logitech QuickCam Software
Logitech SetPoint
Logitech® Camera Driver
Macromedia Dreamweaver 8
Macromedia Extension Manager
Macromedia Flash 8
Macromedia Flash 8 Video Encoder
Macromedia Flash Player 8
Macromedia Flash Player 8 Plugin
Mall Tycoon 3
Malwarebytes' Anti-Malware
MathPlayer
MediaFACE 4.01
MediaFACE 4.01 Image Library
MFZ0 codec (Remove Only)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft ActiveSync
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Encarta Encyclopedia Standard 2004
Microsoft IntelliPoint 5.2
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office Word Viewer 2003
Microsoft Office XP Professional with FrontPage
Microsoft Picture It! Library 9
Microsoft User-Mode Driver Framework Feature Pack 1.7
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual J# 2.0 Redistributable Package
Microsoft WinUsb 1.0
Modem Helper
Motorola Phone Tools
Motorola USB Drivers
Mozilla Firefox (3.5.4)
MSN
MSN Encarta Plus Support Files
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 Parser and SDK
MSXML 6 Service Pack 2 (KB954459)
NetWaiting
ooVoo
ooVoo Toolbar (Remove Toolbar Only)
Paint Shop Pro 4.15 SE
Panda ActiveScan 2.0
PaperPort 8.0 SE
PerfectDisk 2008 Professional
Picasa 3
PowerDVD
QuickTime
RealPlayer
Roxio Media Manager
Samsung CLP-310 Series
Sapi
ScreenPrint32 v3.5
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Shockwave
Skype™ 3.8
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
Spybot - Search & Destroy
SUPERAntiSpyware Free Edition
TBS WMP Plug-in
Total Video Converter 3.10
Turbo Lister
Turbo Lister 2
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
USB Storage Adapter FX (MXO)
Viewpoint Media Player
VTech Phonebook Manager
WebFldrs XP
Webshots Desktop
Winamp (remove only)
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Live installer
Windows Live Safety scanner
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
WinZip
WordPerfect Office 11
Zoran Video Camera Drivers V1.0
==== Event Viewer Messages From Past Week ========
10/29/2009 4:44:49 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service PD91Agent with arguments "-Service" in order to run the server: {145401CE-987A-445F-818A-6690BD9A5CF0}
10/29/2009 4:41:34 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service PD91Engine with arguments "-Service" in order to run the server: {00772927-3E20-4854-9D99-77DEA78FE9E5}
10/27/2009 7:47:49 PM, error: Service Control Manager [7000] - The Zune Bus Enumerator Driver service failed to start due to the following error: The system cannot find the file specified.
10/27/2009 7:47:49 PM, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified.
==== End Of File ===========================

[evilfantasy]

Go to Add or Remove Programs and uninstall:

• Logitech Desktop Messenger <- This is totally unnecessary and will not effect your Logitech software.
• Viewpoint Media Player

----------

Your Java is out of date.

Older versions have vulnerabilities that malicious sites can use to infect your system.

First install the new Sun Java Runtime Environment

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Be sure to close all browser windows before beginning the install.

Remove the old version(s)

Download JavaRa
* Unzip the file and open the JavaRa.exe
* Click Remove Older Versions
* JavaRa will search for and remove any outdated version of Java and remove any that are found.
* Click Additional Tasks
* Place a check next to Remove Useless JRE Files and click Go
* Exit JavaRa
* Delete the JavaRa files from the desktop

Additional Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

----------

If you already have ComboFix be sure to delete it and download a new copy.

Download ComboFix© by sUBs from one of the below links. Be sure top save it to the Desktop.

Link #1
Link #2

**Note: It is important that it is saved directly to your Desktop

DO NOT run it yet!

Note: the below instructions were created specifically for this user. If you are not this user, DO NOT follow these directions as they could damage the workings of your system

Delete these files/folders, as follows:

1. Go to Start > Run > type Notepad.exe and click OK to open Notepad.
It must be Notepad, not Wordpad.
2. Copy the text in the below code box by highlighting all the text and pressing Ctrl+C

Code:

KillAll::

Folder::
C:\Program Files\Viewpoint

Firefox::
FF - plugin: c:\program files\viewpoint

3. Go to the Notepad window and click Edit > Paste
4. Then click File > Save
5. Name the file CFScript.txt - Save the file to your Desktop
6. Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!



ComboFix will begin to execute, just follow the prompts.
After reboot (in case it asks to reboot), it will produce a log for you.
Post that log (Combofix.txt) in your next reply.

Note: Do not mouseclick ComboFix's window while it is running. That may cause your system to freeze