I've tried running spybot and ad-aware several times and all attempts have failed, they either say that it can't be removed or that it is removed, but it is still there if i check again immediately afterwards. any assistance will be greatly appreciated. thank you


Logfile of HijackThis v1.99.1
Scan saved at 9:43:42 AM, on 5/13/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\ups.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\kxmixer.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\retadpu72.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\??mbols\r?gedit.exe
C:\PROGRA~1\PPPATC~1\ntvdm.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Documents and Settings\zach\Desktop\scanner.exe

O2 - BHO: (no name) - {8BE3050F-AD0F-4AB2-BB9A-83AF2E0E70F1} - C:\WINDOWS\System32\byxursr.dll
O2 - BHO: C:\WINDOWS\System32\fs6ehnf8jd.dll - {8D5849A2-93F3-429D-FF34-260A2068897C} - C:\WINDOWS\System32\fs6ehnf8jd.dll
O2 - BHO: (no name) - {FF969221-97D1-41CB-8DB0-F89CEDDE97C4} - C:\WINDOWS\System32\mlljh.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [kX Mixer] C:\WINDOWS\System32\kxmixer.exe --startup
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\Program Files\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\retadpu72.exe 61A847B5BBF72815308B2B27128065E9C084320161C4661227A755E9C2933154389A28452DA545E9B1894E754BE54C29159A7DA197C7734672DE3F546CAC59B6D2907D4E66914B5C1E9E689DB6FC45715ED96D1223AD51A6C5813C477ACE
O4 - HKLM\..\Run: [WindowsUpdate] rundll32.exe "C:\WINDOWS\System32\xlbknxjo.dll",realset
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Kkjx] "C:\Program Files\??mbols\r?gedit.exe"
O4 - HKCU\..\Run: [Mcti] "C:\PROGRA~1\PPPATC~1\ntvdm.exe" -vt ndrv
O4 - HKCU\..\Run: [Restore Operation] C:\DOCUME~1\zach\LOCALS~1\Temp\svchots.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O20 - Winlogon Notify: byxursr - C:\WINDOWS\SYSTEM32\byxursr.dll
O20 - Winlogon Notify: mlljh - C:\WINDOWS\System32\mlljh.dll
O20 - Winlogon Notify: partnershipreg - C:\Documents and Settings\All Users\Documents\Settings\partnership.dll
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

Welcome to Safer Networking, if you still need help and are not receiving it elsewhere, it appears you have missed some important instructions our administrator has posted at the top of the forum, especially this: "BEFORE you POST" Mandatory Steps Before Requesting Assistance http://forums.spybot.info/showthread.php?t=288
All advice given is taken at your own risk.Please read and follow all instructions and post all required logs or reports, anything less will slow your process.
Use "Post Reply" to post the information in the instructions and stay in the same topic.

You are badly infected and much of the reason is the fact you are sadly dificient in Windows Security:
Update Your Windows XP. You are currently using an unpatched version of Windows XP.
Before attempting to remove malware, it is CRITICAL that you update to Service Pack 1a.
Get SP1a here : http://www.microsoft.com/windowsxp/downloads/updates/sp1/default.mspx
You should also get SP2, but NOT NOW, rather only after your machine is clean.
After updating your Windows to SP1a, post a new HijackThis log please, using the Post Reply button.

Thanks

Logfile of HijackThis v1.99.1
Scan saved at 12:42:13 PM, on 5/13/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\ups.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\System32\kxmixer.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\retadpu72.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\??mbols\r?gedit.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\PPPATC~1\ntvdm.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\zach\Desktop\scanner.exe

O2 - BHO: (no name) - {8BE3050F-AD0F-4AB2-BB9A-83AF2E0E70F1} - C:\WINDOWS\System32\byxursr.dll
O2 - BHO: C:\WINDOWS\System32\fs6ehnf8jd.dll - {8D5849A2-93F3-429D-FF34-260A2068897C} - C:\WINDOWS\System32\fs6ehnf8jd.dll
O2 - BHO: (no name) - {FD4E6FEC-3DC4-4031-AC92-420F19C49BB0} - C:\WINDOWS\System32\mlljh.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [kX Mixer] C:\WINDOWS\System32\kxmixer.exe --startup
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\Program Files\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\retadpu72.exe 61A847B5BBF72815308B2B27128065E9C084320161C4661227A755E9C2933154389A28452DA545E9B1894E754BE54C29159A7DA197C7734672DE3F546CAC59B6D2907D4E66914B5C1E9E689DB6FC45715ED96D1223AD51A6C5813C477ACE
O4 - HKLM\..\Run: [WindowsUpdate] rundll32.exe "C:\WINDOWS\System32\xlbknxjo.dll",realset
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Kkjx] "C:\Program Files\??mbols\r?gedit.exe"
O4 - HKCU\..\Run: [Mcti] "C:\PROGRA~1\PPPATC~1\ntvdm.exe" -vt ndrv
O4 - HKCU\..\Run: [Restore Operation] C:\DOCUME~1\zach\LOCALS~1\Temp\svchots.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O20 - Winlogon Notify: byxursr - C:\WINDOWS\SYSTEM32\byxursr.dll
O20 - Winlogon Notify: mlljh - C:\WINDOWS\System32\mlljh.dll
O20 - Winlogon Notify: partnershipreg - C:\Documents and Settings\All Users\Documents\Settings\partnership.dll
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

Thanks for taking care of those security issues, you have some nasty infections and I would appreciate it if you would review the "Before you Post" instructions so we can be assured we on on the same page. Your HJT log appears to be formatted and my scanner does not work with formatted logs. Open notepad and click on Format at the top, if "Word Wrap" is checked, please uncheck it for the duration of the time we are working together.
These infections will attract and even download others so my best advice is to stay offline until you are clean. All of the infections are bad but one of the infections, this one:
C:\Documents and Settings\All Users\Documents\Settings\partnership.dll is extremely bad, see this information:
http://research.sunbelt-software.com/threatdisplay.aspx?name=Trojan-Proxy.Win32.Xorpix.Fam&threatid=44436
It is important that you open that website and read all information so you can understand how your security has been compromised, I need to give you this information now:

A Backdoor is a software program that gives an attacker unauthorized access to a machine and the means for remotely controlling the machine without the user's knowledge. A Backdoor compromises system integrity by making changes to the system that allow it to by used by the attacker for malicious purposes unknown to the user.
One or more of the identified infections is a backdoor trojan.
This allows hackers to remotely control your computer, steal critical system information and Download and Execute files
I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.
Though the Trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of Trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
http://www.dslreports.com/faq/10451

When Should I Format, How Should I Reinstall
http://www.dslreports.com/faq/10063

I will proceed with the first instruction of many that will clean the stuff, but understand as the information indicates, there will be no way this computer can be trusted again. If you choose to reformat, please post to let me know so I can close the topic.

Instructions start here and it is very important they are followed carefully:

Thanks to sUBs and anyone else who helped with this fix.

1) Download ComboFix from Here (http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe) or Here (http://download.bleepingcomputer.com/sUBs/ComboFix.exe) to your Desktop.

Double click combofix.exe and follow the prompts.
When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply

Note: Do not mouseclick combofix's window while its running. That may cause it to stall


2) Open Hijackthis.
Click the "Open the Misc Tools" section Button.
Click the "Open Uninstall Manager" Button.
Click the "Save list..." Button.
Save it to your desktop. Copy and paste the contents into your reply.

Post the log from combofix, the list from uninstall manager and a new HJT log.

Thanks

"zach" - 2007-05-13 14:01:30 Service Pack 1
ComboFix 07-05.13.V - Running from: "C:\Program Files\Mozilla Firefox\"


(((((((((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\bhwgtmdb.dll
C:\WINDOWS\system32\iqklnfgj.dll
C:\WINDOWS\system32\lymagwoa.dll
C:\WINDOWS\system32\uvvakexn.dll
C:\WINDOWS\system32\xlbknxjo.dll
C:\WINDOWS\system32\ojxnkblx.ini
C:\WINDOWS\system32\byxursr.dll


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files\Common Files\Yazzle1122OinUninstaller.exe
C:\WINDOWS\system32\8_exception.nls
C:\WINDOWS\retadpu72.exe
C:\WINDOWS\system32\RunOnce2.t__
C:\WINDOWS\system32\winupd_KB50712874.exe
C:\WINDOWS\system32\winupd_KB93736873.exe
C:\WINDOWS\system32\ipv6mons.dll
C:\WINDOWS\system32\drivers\ip6fw.sys
C:\WINDOWS\system32\Packet.dll
C:\WINDOWS\system32\WanPacket.dll
C:\WINDOWS\system32\wpcap.dll
C:\Documents and Settings\All Users.\documents\settings\desktop.ini
C:\Program Files\outerinfo\OiUninstaller.exe
C:\Program Files\outerinfo\outerinfo.ico
C:\Program Files\outerinfo\Terms.rtf
C:\WINDOWS\system32\ksys.sys
C:\WINDOWS\system32\main.sys
C:\WINDOWS\system32\rpcc.exe
C:\WINDOWS\system32\wapisvcc.exe
C:\WINDOWS\system32\wsys.dll
C:\Program Files\outerinfo
C:\Documents and Settings\All Users.\documents\settings\partnership.dll
C:\Documents and Settings\All Users.\documents\settings
C:\WINDOWS\system32\koos.exe
C:\WINDOWS\system32\poof
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Folders Quarantined:
C:\qoobox\purity\C\DOCUME~1
C:\qoobox\purity\C\DOCUME~1\zach
C:\qoobox\purity\C\DOCUME~1\zach\MYDOCU~1
C:\qoobox\purity\C\DOCUME~1\zach\MYDOCU~1\SSTEM3~1
C:\qoobox\purity\C\Program Files\MBOLS~1
C:\qoobox\purity\C\Program Files\PPPATC~1

C:\WINDOWS\system32\winlogon.exe . . . is infected!!


((((((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\LEGACY_CORE
-------\LEGACY_EXAMPLE
-------\LEGACY_NDNET1
-------\LEGACY_NETWORK_MONITOR
-------\LEGACY_NM
-------\LEGACY_NPF
-------\LEGACY_POOF
-------\LEGACY_RUNTIME
-------\EXAMPLE
-------\NDnet1
-------\nm
-------\NPF
-------\Runtime


((((((((((((((((((((((((((((((( Files Created from 2007-04-05 to 2007-05-13 ))))))))))))))))))))))))))))))))))


2007-05-13 14:03 <DIR> d-------- C:\WINDOWS\LastGood.Tmp
2007-05-13 12:53 1,494,548 --ahs---- C:\WINDOWS\system32\hjllm.bak2
2007-05-13 12:52 1,494,365 ---hs---- C:\WINDOWS\system32\hjllm.ini2
2007-05-13 12:47 <DIR> d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-05-13 12:45 465,176 --a------ C:\WINDOWS\system32\wuapi.dll
2007-05-13 12:45 41,240 --a------ C:\WINDOWS\system32\wups.dll
2007-05-13 12:45 194,328 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-05-13 12:45 173,536 --a------ C:\WINDOWS\system32\wuweb.dll
2007-05-13 12:45 172,312 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-05-13 12:45 127,256 --a------ C:\WINDOWS\system32\wucltui.dll
2007-05-13 12:45 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2007-05-13 12:38 <DIR> d-------- C:\WINDOWS\Prefetch
2007-05-13 12:32 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2007-05-13 12:32 <DIR> d-------- C:\WINDOWS\ehome
2007-05-13 12:28 9,216 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-05-13 12:28 86,528 --a------ C:\WINDOWS\system32\wlnotify.dll
2007-05-13 12:28 86,016 --a------ C:\WINDOWS\system32\xactsrv.dll
2007-05-13 12:28 77,824 --a------ C:\WINDOWS\system32\wmpstub.exe
2007-05-13 12:28 61,952 --a------ C:\WINDOWS\system32\webclnt.dll
2007-05-13 12:28 60,416 --a------ C:\WINDOWS\system32\wextract.exe
2007-05-13 12:28 56,832 --a------ C:\WINDOWS\system32\wzcdlg.dll
2007-05-13 12:28 51,200 --a------ C:\WINDOWS\system32\wmerrenu.dll
2007-05-13 12:28 48,640 --a------ C:\WINDOWS\system32\vdmredir.dll
2007-05-13 12:28 48,128 --a------ C:\WINDOWS\system32\winsta.dll
2007-05-13 12:28 446,464 --a------ C:\WINDOWS\system32\wmvdmoe.dll
2007-05-13 12:28 409,088 --a------ C:\WINDOWS\system32\vssapi.dll
2007-05-13 12:28 38,912 --a------ C:\WINDOWS\system32\wsnmp32.dll
2007-05-13 12:28 316,416 --a------ C:\WINDOWS\system32\zipfldr.dll
2007-05-13 12:28 311,327 --a------ C:\WINDOWS\system32\wmv8dmod.dll
2007-05-13 12:28 296,448 --a------ C:\WINDOWS\system32\wmstream.dll
2007-05-13 12:28 266,752 --a------ C:\WINDOWS\winhlp32.exe
2007-05-13 12:28 264,704 --a------ C:\WINDOWS\system32\wzcsvc.dll
2007-05-13 12:28 247,808 --a------ C:\WINDOWS\system32\wow32.dll
2007-05-13 12:28 23,552 --a------ C:\WINDOWS\system32\wzcsapi.dll
2007-05-13 12:28 172,664 --a------ C:\WINDOWS\system32\xenroll.dll
2007-05-13 12:28 171,520 --a------ C:\WINDOWS\system32\winmm.dll
2007-05-13 12:28 17,408 --a------ C:\WINDOWS\system32\wtsapi32.dll
2007-05-13 12:28 168,448 --a------ C:\WINDOWS\system32\wldap32.dll
2007-05-13 12:28 165,376 --a------ C:\WINDOWS\system32\w32time.dll
2007-05-13 12:28 16,384 --a------ C:\WINDOWS\system32\watchdog.sys
2007-05-13 12:28 13,312 --a------ C:\WINDOWS\system32\wship6.dll
2007-05-13 12:28 124,928 --a------ C:\WINDOWS\system32\webvw.dll
2007-05-13 12:28 124,184 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-05-13 12:28 119,808 --a------ C:\WINDOWS\system32\wiadss.dll
2007-05-13 12:28 118,784 --a------ C:\WINDOWS\system32\wmsdmoe.dll
2007-05-13 12:28 1,343,768 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-05-13 12:27 98,304 --a------ C:\WINDOWS\system32\oleprn.dll
2007-05-13 12:27 95,744 --a------ C:\WINDOWS\system32\nlhtml.dll
2007-05-13 12:27 91,136 --a------ C:\WINDOWS\system32\rastls.dll
2007-05-13 12:27 9,856 --------- C:\WINDOWS\system32\drivers\tunmp.sys
2007-05-13 12:27 88,064 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-05-13 12:27 87,304 --a------ C:\WINDOWS\system32\rdpdd.dll
2007-05-13 12:27 82,944 --a------ C:\WINDOWS\system32\smlogsvc.exe
2007-05-13 12:27 82,944 --a------ C:\WINDOWS\system32\psbase.dll
2007-05-13 12:27 81,920 --a------ C:\WINDOWS\system32\trkwks.dll
2007-05-13 12:27 8,192 --a------ C:\WINDOWS\system32\scrnsave.scr
2007-05-13 12:27 75,912 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-05-13 12:27 74,240 --a------ C:\WINDOWS\system32\rtcshare.exe
2007-05-13 12:27 71,168 --a------ C:\WINDOWS\system32\telnet.exe
2007-05-13 12:27 71,168 --a------ C:\WINDOWS\system32\storprop.dll
2007-05-13 12:27 71,168 --a------ C:\WINDOWS\system32\sdbinst.exe
2007-05-13 12:27 686,080 --a------ C:\WINDOWS\system32\opengl32.dll
2007-05-13 12:27 674,816 --a------ C:\WINDOWS\system32\sxs.dll
2007-05-13 12:27 667,648 --a------ C:\WINDOWS\system32\ss3dfo.scr
2007-05-13 12:27 66,560 --a------ C:\WINDOWS\system32\spoolss.dll
2007-05-13 12:27 66,048 --a------ C:\WINDOWS\system32\sigverif.exe
2007-05-13 12:27 638,976 --a------ C:\WINDOWS\system32\sstext3d.scr
2007-05-13 12:27 63,488 --a------ C:\WINDOWS\system32\srclient.dll
2007-05-13 12:27 62,976 --a------ C:\WINDOWS\system32\shgina.dll
2007-05-13 12:27 61,952 --a------ C:\WINDOWS\system32\sti.dll
2007-05-13 12:27 60,416 --a------ C:\WINDOWS\system32\shimeng.dll
2007-05-13 12:27 6,144 --a------ C:\WINDOWS\system32\sensapi.dll
2007-05-13 12:27 58,880 --a------ C:\WINDOWS\system32\pautoenr.dll
2007-05-13 12:27 57,856 --a------ C:\WINDOWS\system32\raschap.dll
2007-05-13 12:27 569,344 --a------ C:\WINDOWS\system32\sspipes.scr
2007-05-13 12:27 56,320 --a------ C:\WINDOWS\system32\remotepg.dll
2007-05-13 12:27 548,864 --a------ C:\WINDOWS\system32\rtcdll.dll
2007-05-13 12:27 530,432 --a------ C:\WINDOWS\system32\rpcrt4.dll
2007-05-13 12:27 53,248 --a------ C:\WINDOWS\system32\packager.exe
2007-05-13 12:27 52,224 --a------ C:\WINDOWS\system32\secur32.dll
2007-05-13 12:27 5,504 --------- C:\WINDOWS\system32\drivers\smbali.sys
2007-05-13 12:27 49,152 --a------ C:\WINDOWS\system32\npptools.dll
2007-05-13 12:27 48,128 --a------ C:\WINDOWS\system32\reg.exe
2007-05-13 12:27 479,261 --a------ C:\WINDOWS\system32\vbscript.dll
2007-05-13 12:27 47,616 --a------ C:\WINDOWS\system32\utilman.exe
2007-05-13 12:27 44,032 --a------ C:\WINDOWS\system32\regapi.dll
2007-05-13 12:27 44,032 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-05-13 12:27 43,008 --a------ C:\WINDOWS\system32\ssdpsrv.dll
2007-05-13 12:27 420,864 --a------ C:\WINDOWS\system32\shimgvw.dll
2007-05-13 12:27 403,456 --a------ C:\WINDOWS\system32\winbrand.dll
2007-05-13 12:27 40,960 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-05-13 12:27 392,704 --a------ C:\WINDOWS\system32\ntmssvc.dll
2007-05-13 12:27 384,000 --a------ C:\WINDOWS\system32\themeui.dll
2007-05-13 12:27 38,400 --a------ C:\WINDOWS\system32\ntmsapi.dll
2007-05-13 12:27 38,400 --a------ C:\WINDOWS\system32\ntlanman.dll
2007-05-13 12:27 364,544 --a------ C:\WINDOWS\system32\ssflwbox.scr
2007-05-13 12:27 36,352 --a------ C:\WINDOWS\system32\sens.dll
2007-05-13 12:27 34,304 --a------ C:\WINDOWS\system32\rcimlby.exe
2007-05-13 12:27 339,456 --a------ C:\WINDOWS\system32\usp10.dll
2007-05-13 12:27 334,848 --a------ C:\WINDOWS\system32\smlogcfg.dll
2007-05-13 12:27 33,808 --a------ C:\WINDOWS\system32\ntio.sys
2007-05-13 12:27 33,280 --a------ C:\WINDOWS\system32\shmgrate.exe
2007-05-13 12:27 328,704 --a------ C:\WINDOWS\system32\oakley.dll
2007-05-13 12:27 32,256 --a------ C:\WINDOWS\system32\umandlg.dll
2007-05-13 12:27 310,272 --a------ C:\WINDOWS\system32\winhttp.dll
2007-05-13 12:27 3,338 --a------ C:\WINDOWS\system32\redir.exe
2007-05-13 12:27 297,984 --a------ C:\WINDOWS\system32\scesrv.dll
2007-05-13 12:27 27,136 --a------ C:\WINDOWS\system32\ssdpapi.dll
2007-05-13 12:27 260,608 --a------ C:\WINDOWS\system32\rpcss.dll
2007-05-13 12:27 254,976 --a------ C:\WINDOWS\system32\pdh.dll
2007-05-13 12:27 251,904 --a------ C:\WINDOWS\system32\strmdll.dll
2007-05-13 12:27 24,576 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-05-13 12:27 24,064 --a------ C:\WINDOWS\system32\skeys.exe
2007-05-13 12:27 238,080 --a------ C:\WINDOWS\system32\newdev.dll
2007-05-13 12:27 233,984 --a------ C:\WINDOWS\system32\tapisrv.dll
2007-05-13 12:27 231,424 --a------ C:\WINDOWS\system32\upnpui.dll
2007-05-13 12:27 226,304 --a------ C:\WINDOWS\system32\srrstr.dll
2007-05-13 12:27 221,696 --a------ C:\WINDOWS\system32\qmgr.dll
2007-05-13 12:27 22,528 --a------ C:\WINDOWS\system32\slayerxp.dll
2007-05-13 12:27 22,528 --a------ C:\WINDOWS\system32\shfolder.dll
2007-05-13 12:27 22,016 --a------ C:\WINDOWS\system32\udhisapi.dll
2007-05-13 12:27 212,480 --a------ C:\WINDOWS\system32\osk.exe
2007-05-13 12:27 203,264 --a------ C:\WINDOWS\system32\uxtheme.dll
2007-05-13 12:27 200,192 --a------ C:\WINDOWS\system32\termsrv.dll
2007-05-13 12:27 20,992 --a------ C:\WINDOWS\system32\setup.exe
2007-05-13 12:27 193,536 --a------ C:\WINDOWS\system32\rasppp.dll
2007-05-13 12:27 19,456 --a------ C:\WINDOWS\system32\ssmarque.scr
2007-05-13 12:27 19,328 --------- C:\WINDOWS\system32\drivers\usbehci.sys
2007-05-13 12:27 187,904 --a------ C:\WINDOWS\system32\xpsp1res.dll
2007-05-13 12:27 18,944 --a------ C:\WINDOWS\system32\ssbezier.scr
2007-05-13 12:27 174,592 --a------ C:\WINDOWS\system32\scecli.dll
2007-05-13 12:27 171,008 --a------ C:\WINDOWS\system32\sccsccp.dll
2007-05-13 12:27 17,408 --a------ C:\WINDOWS\system32\ssmyst.scr
2007-05-13 12:27 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-05-13 12:27 17,408 --a------ C:\WINDOWS\system32\psapi.dll
2007-05-13 12:27 169,984 --a------ C:\WINDOWS\system32\sccbase.dll
2007-05-13 12:27 165,888 --a------ C:\WINDOWS\system32\ntmsdba.dll
2007-05-13 12:27 165,376 --a------ C:\WINDOWS\system32\tapi32.dll
2007-05-13 12:27 164,864 --a------ C:\WINDOWS\system32\upnphost.dll
2007-05-13 12:27 16,896 --a------ C:\WINDOWS\system32\snmpapi.dll
2007-05-13 12:27 16,384 --a------ C:\WINDOWS\system32\ups.exe
2007-05-13 12:27 16,384 --a------ C:\WINDOWS\system32\ping.exe
2007-05-13 12:27 159,232 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-05-13 12:27 158,720 --a------ C:\WINDOWS\system32\srsvc.dll
2007-05-13 12:27 14,848 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-05-13 12:27 137,216 --a------ C:\WINDOWS\system32\ntshrui.dll
2007-05-13 12:27 135,680 --a------ C:\WINDOWS\system32\rdchost.dll
2007-05-13 12:27 134,144 --a------ C:\WINDOWS\regedit.exe
2007-05-13 12:27 133,632 --a------ C:\WINDOWS\system32\rsaenh.dll
2007-05-13 12:27 133,120 --a------ C:\WINDOWS\system32\sfc_os.dll
2007-05-13 12:27 130,560 --a------ C:\WINDOWS\system32\sti_ci.dll
2007-05-13 12:27 13,824 --a------ C:\WINDOWS\system32\rassapi.dll
2007-05-13 12:27 13,312 --a------ C:\WINDOWS\system32\ssstars.scr
2007-05-13 12:27 13,056 --------- C:\WINDOWS\system32\drivers\wacompen.sys
2007-05-13 12:27 128,512 --a------ C:\WINDOWS\system32\taskmgr.exe
2007-05-13 12:27 120,320 --a------ C:\WINDOWS\system32\upnp.dll
2007-05-13 12:27 12,800 --a------ C:\WINDOWS\system32\runonce.exe
2007-05-13 12:27 12,288 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-05-13 12:27 12,288 --a------ C:\WINDOWS\system32\odbcp32r.dll
2007-05-13 12:27 117,760 --a------ C:\WINDOWS\system32\stobject.dll
2007-05-13 12:27 112,128 --a------ C:\WINDOWS\system32\ntmarta.dll
2007-05-13 12:27 11,776 --a------ C:\WINDOWS\system32\sigtab.dll
2007-05-13 12:27 109,568 --a------ C:\WINDOWS\system32\offfilt.dll
2007-05-13 12:27 107,008 --a------ C:\WINDOWS\system32\umpnpmgr.dll
2007-05-13 12:27 10,752 --a------ C:\WINDOWS\system32\tracert.exe
2007-05-13 12:27 1,677,312 --a------ C:\WINDOWS\system32\wmvcore2.dll
2007-05-13 12:27 1,349,120 --a------ C:\WINDOWS\system32\query.dll
2007-05-13 12:27 1,169,920 --a------ C:\WINDOWS\system32\ole32.dll
2007-05-13 12:27 1,157,632 --a------ C:\WINDOWS\system32\sfcfiles.dll
2007-05-13 12:26 921,475 --a------ C:\WINDOWS\system32\ati3d2ag.dll
2007-05-13 12:26 9,728 --a------ C:\WINDOWS\system32\mstinit.exe
2007-05-13 12:26 857,600 --a------ C:\WINDOWS\system32\netplwiz.dll
2007-05-13 12:26 844,675 --a------ C:\WINDOWS\system32\ati3d1ag.dll
2007-05-13 12:26 81,408 --a------ C:\WINDOWS\system32\msoert2.dll
2007-05-13 12:26 699,392 --a------ C:\WINDOWS\system32\msxml2.dll
2007-05-13 12:26 63,663 --------- C:\WINDOWS\system32\drivers\atinrvxx.sys
2007-05-13 12:26 6,912 --------- C:\WINDOWS\system32\drivers\hidir.sys
2007-05-13 12:26 598,016 --a------ C:\WINDOWS\system32\mstscax.dll
2007-05-13 12:26 584,192 --a------ C:\WINDOWS\system32\netcfgx.dll
2007-05-13 12:26 56,591 --------- C:\WINDOWS\system32\drivers\atinbtxx.sys
2007-05-13 12:26 56,320 --a------ C:\WINDOWS\system32\mshtmler.dll
2007-05-13 12:26 552,991 --a------ C:\WINDOWS\system32\msrepl40.dll
2007-05-13 12:26 512,031 --a------ C:\WINDOWS\system32\msexch40.dll
2007-05-13 12:26 5,120 --a------ C:\WINDOWS\system32\hccoin.dll
2007-05-13 12:26 450,176 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-05-13 12:26 421,919 --a------ C:\WINDOWS\system32\msrd2x40.dll
2007-05-13 12:26 42,496 --a------ C:\WINDOWS\system32\ncobjapi.dll
2007-05-13 12:26 401,462 --a------ C:\WINDOWS\system32\msvcp60.dll
2007-05-13 12:26 4,608 --a------ C:\WINDOWS\system32\msimg32.dll
2007-05-13 12:26 4,126 --a------ C:\WINDOWS\system32\msdxmlc.dll
2007-05-13 12:26 399,360 --a------ C:\WINDOWS\system32\netlogon.dll
2007-05-13 12:26 39,424 --a------ C:\WINDOWS\system32\net.exe
2007-05-13 12:26 388,608 --a------ C:\WINDOWS\system32\mstsc.exe
2007-05-13 12:26 377,984 --a------ C:\WINDOWS\system32\ati2dvaa.dll
2007-05-13 12:26 368,710 --a------ C:\WINDOWS\system32\msisam11.dll
2007-05-13 12:26 36,463 --------- C:\WINDOWS\system32\drivers\atintuxx.sys
2007-05-13 12:26 359,936 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-05-13 12:26 348,195 --a------ C:\WINDOWS\system32\msjetoledb40.dll
2007-05-13 12:26 348,191 --a------ C:\WINDOWS\system32\mspbde40.dll
2007-05-13 12:26 344,095 --a------ C:\WINDOWS\system32\msxbde40.dll
2007-05-13 12:26 34,735 --------- C:\WINDOWS\system32\drivers\atinxsxx.sys
2007-05-13 12:26 327,040 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2007-05-13 12:26 326,656 --a------ C:\WINDOWS\system32\netsetup.exe
2007-05-13 12:26 323,072 --a------ C:\WINDOWS\system32\msvcrt.dll
2007-05-13 12:26 319,760 --a------ C:\WINDOWS\system32\msnsspc.dll
2007-05-13 12:26 319,519 --a------ C:\WINDOWS\system32\msexcl40.dll
2007-05-13 12:26 30,671 --------- C:\WINDOWS\system32\drivers\atinraxx.sys
2007-05-13 12:26 3,584 --a------ C:\WINDOWS\system32\dsprpres.dll
2007-05-13 12:26 29,455 --------- C:\WINDOWS\system32\drivers\atinxbxx.sys
2007-05-13 12:26 26,367 --------- C:\WINDOWS\system32\drivers\atinsnxx.sys
2007-05-13 12:26 253,983 --a------ C:\WINDOWS\system32\mstext40.dll
2007-05-13 12:26 250,368 --a------ C:\WINDOWS\system32\mstask.dll
2007-05-13 12:26 241,725 --a------ C:\WINDOWS\system32\msuni11.dll
2007-05-13 12:26 241,695 --a------ C:\WINDOWS\system32\msjtes40.dll

2007-05-13 12:26 229,888 --a------ C:\WINDOWS\system32\msieftp.dll
2007-05-13 12:26 228,864 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-05-13 12:26 22,528 --a------ C:\WINDOWS\system32\mslbui.dll
2007-05-13 12:26 218,112 --a------ C:\WINDOWS\system32\sbe.dll
2007-05-13 12:26 213,023 --a------ C:\WINDOWS\system32\msltus40.dll
2007-05-13 12:26 21,343 --------- C:\WINDOWS\system32\drivers\atinttxx.sys
2007-05-13 12:26 202,496 --a------ C:\WINDOWS\system32\ati2dvag.dll
2007-05-13 12:26 182,784 --a------ C:\WINDOWS\system32\msutb.dll
2007-05-13 12:26 18,944 --a------ C:\WINDOWS\system32\faxpatch.exe
2007-05-13 12:26 172,032 --a------ C:\WINDOWS\system32\mssap.dll
2007-05-13 12:26 16,384 --a------ C:\WINDOWS\system32\nddenb32.dll
2007-05-13 12:26 155,648 --a------ C:\WINDOWS\system32\encdec.dll
2007-05-13 12:26 154,112 --a------ C:\WINDOWS\system32\netman.dll
2007-05-13 12:26 143,872 --a------ C:\WINDOWS\system32\msimtf.dll
2007-05-13 12:26 12,047 --------- C:\WINDOWS\system32\drivers\atinpdxx.sys
2007-05-13 12:26 115,200 --a------ C:\WINDOWS\system32\net1.exe
2007-05-13 12:26 113,664 --a------ C:\WINDOWS\system32\msvfw32.dll
2007-05-13 12:26 110,080 --a------ C:\WINDOWS\system32\sbeio.dll
2007-05-13 12:26 11,904 --------- C:\WINDOWS\system32\drivers\mutohpen.sys
2007-05-13 12:26 11,615 --------- C:\WINDOWS\system32\drivers\atinmdxx.sys
2007-05-13 12:26 105,984 --a------ C:\WINDOWS\system32\netdde.exe
2007-05-13 12:26 10,240 --a------ C:\WINDOWS\system32\msrle32.dll
2007-05-13 12:26 1,622,528 --a------ C:\WINDOWS\system32\netshell.dll
2007-05-13 12:26 1,503,262 --a------ C:\WINDOWS\system32\msjet40.dll
2007-05-13 12:25 91,648 --a------ C:\WINDOWS\system32\iuctl.dll
2007-05-13 12:25 73,728 --a------ C:\WINDOWS\system32\tlntsess.exe
2007-05-13 12:25 7,168 --a------ C:\WINDOWS\system32\tlntsvrp.dll
2007-05-13 12:25 7,040 --a------ C:\WINDOWS\system32\kd1394.dll
2007-05-13 12:25 68,096 --a------ C:\WINDOWS\system32\mscms.dll
2007-05-13 12:25 67,584 --a------ C:\WINDOWS\system32\tlntsvr.exe
2007-05-13 12:25 67,584 --a------ C:\WINDOWS\system32\msctfp.dll
2007-05-13 12:25 65,536 --a------ C:\WINDOWS\system32\msconf.dll
2007-05-13 12:25 60,928 --a------ C:\WINDOWS\system32\ipv6.exe
2007-05-13 12:25 57,856 --a------ C:\WINDOWS\system32\tlntadmn.exe
2007-05-13 12:25 57,856 --a------ C:\WINDOWS\system32\licwmi.dll
2007-05-13 12:25 545,792 --a------ C:\WINDOWS\system32\wsecedit.dll
2007-05-13 12:25 51,712 --a------ C:\WINDOWS\system32\ipconfig.exe
2007-05-13 12:25 504,320 --a------ C:\WINDOWS\system32\logonui.exe
2007-05-13 12:25 49,664 --a------ C:\WINDOWS\system32\ixsso.dll
2007-05-13 12:25 435,200 --a------ C:\WINDOWS\system32\ipnathlp.dll
2007-05-13 12:25 42,537 --a------ C:\WINDOWS\system32\keyboard.sys
2007-05-13 12:25 381,440 --a------ C:\WINDOWS\system32\lmrt.dll
2007-05-13 12:25 32,256 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-05-13 12:25 318,464 --a------ C:\WINDOWS\system32\ippromon.dll
2007-05-13 12:25 272,896 --a------ C:\WINDOWS\system32\kerberos.dll
2007-05-13 12:25 266,752 --a------ C:\WINDOWS\system32\msctf.dll
2007-05-13 12:25 231,936 --a------ C:\WINDOWS\system32\tracerpt.exe
2007-05-13 12:25 219,648 --a------ C:\WINDOWS\system32\logon.scr
2007-05-13 12:25 210,944 --a------ C:\WINDOWS\system32\moricons.dll
2007-05-13 12:25 198,424 --a------ C:\WINDOWS\system32\iuengine.dll
2007-05-13 12:25 196,096 --a------ C:\WINDOWS\system32\mobsync.dll
2007-05-13 12:25 19,456 --a------ C:\WINDOWS\system32\licmgr10.dll
2007-05-13 12:25 163,840 --a------ C:\WINDOWS\system32\mindex.dll
2007-05-13 12:25 155,648 --a------ C:\WINDOWS\system32\ipsecsvc.dll
2007-05-13 12:25 143,872 --a------ C:\WINDOWS\system32\itircl.dll
2007-05-13 12:25 134,144 --a------ C:\WINDOWS\system32\ipv6mon.dll
2007-05-13 12:25 122,368 --a------ C:\WINDOWS\system32\itss.dll
2007-05-13 12:25 12,288 --a------ C:\WINDOWS\system32\mscpx32r.dll
2007-05-13 12:25 10,240 --a------ C:\WINDOWS\system32\localui.dll
2007-05-13 12:25 1,128,960 --a------ C:\WINDOWS\system32\mmcndmgr.dll
2007-05-13 12:24 91,648 --a------ C:\WINDOWS\system32\ahui.exe
2007-05-13 12:24 9,216 --a------ C:\WINDOWS\system32\icaapi.dll
2007-05-13 12:24 9,216 --a------ C:\WINDOWS\system32\dumprep.exe
2007-05-13 12:24 89,088 --a------ C:\WINDOWS\system32\mqsec.dll
2007-05-13 12:24 82,432 --a------ C:\WINDOWS\system32\fldrclnr.dll
2007-05-13 12:24 802,304 --a------ C:\WINDOWS\system32\dxmrtp.dll
2007-05-13 12:24 8,832 --a------ C:\WINDOWS\system32\framebuf.dll
2007-05-13 12:24 8,192 --a------ C:\WINDOWS\system32\autolfn.exe
2007-05-13 12:24 76,288 --a------ C:\WINDOWS\system32\dfrgfat.exe
2007-05-13 12:24 76,288 --a------ C:\WINDOWS\system32\avifil32.dll
2007-05-13 12:24 75,544 --a------ C:\WINDOWS\system32\cdm.dll
2007-05-13 12:24 74,810 --a------ C:\WINDOWS\system32\atl.dll
2007-05-13 12:24 73,728 --a------ C:\WINDOWS\system32\ils.dll
2007-05-13 12:24 71,680 --a------ C:\WINDOWS\system32\browsewm.dll
2007-05-13 12:24 70,656 --a------ C:\WINDOWS\system32\defrag.exe
2007-05-13 12:24 70,144 --a------ C:\WINDOWS\system32\cryptdlg.dll
2007-05-13 12:24 67,584 --a------ C:\WINDOWS\system32\fdeploy.dll
2007-05-13 12:24 67,200 --a------ C:\WINDOWS\system32\drivers\mqac.sys
2007-05-13 12:24 66,560 --a------ C:\WINDOWS\system32\faultrep.dll
2007-05-13 12:24 64,512 --a------ C:\WINDOWS\system32\ciodm.dll
2007-05-13 12:24 62,976 --a------ C:\WINDOWS\system32\browselc.dll
2007-05-13 12:24 62,464 --a------ C:\WINDOWS\system32\adsmsext.dll
2007-05-13 12:24 613,888 --a------ C:\WINDOWS\system32\mqqm.dll
2007-05-13 12:24 6,656 --a------ C:\WINDOWS\system32\batt.dll
2007-05-13 12:24 59,904 --a------ C:\WINDOWS\system32\cabinet.dll
2007-05-13 12:24 59,392 --a------ C:\WINDOWS\system32\iesetup.dll
2007-05-13 12:24 59,392 --a------ C:\WINDOWS\system32\6to4svc.dll
2007-05-13 12:24 587,776 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-13 12:24 582,656 --a------ C:\WINDOWS\system32\catsrvut.dll
2007-05-13 12:24 57,344 --a------ C:\WINDOWS\system32\nwwks.dll
2007-05-13 12:24 557,568 --a------ C:\WINDOWS\system32\crypt32.dll
2007-05-13 12:24 55,296 --a------ C:\WINDOWS\system32\digest.dll
2007-05-13 12:24 54,272 --a------ C:\WINDOWS\system32\clusapi.dll
2007-05-13 12:24 53,248 --a------ C:\WINDOWS\system32\cryptsvc.dll
2007-05-13 12:24 498,205 --a------ C:\WINDOWS\system32\dxmasf.dll
2007-05-13 12:24 49,152 --a------ C:\WINDOWS\system32\eventlog.dll
2007-05-13 12:24 49,152 --a------ C:\WINDOWS\system32\browser.dll
2007-05-13 12:24 489,984 --a------ C:\WINDOWS\system32\dbghelp.dll
2007-05-13 12:24 478,720 --a------ C:\WINDOWS\system32\mqsnap.dll
2007-05-13 12:24 471,040 --a------ C:\WINDOWS\system32\cryptui.dll
2007-05-13 12:24 469,504 --a------ C:\WINDOWS\system32\mqutil.dll
2007-05-13 12:24 45,568 --a------ C:\WINDOWS\system32\docprop2.dll
2007-05-13 12:24 41,984 --a------ C:\WINDOWS\system32\alg.exe
2007-05-13 12:24 41,472 --a------ C:\WINDOWS\system32\cmdl32.exe
2007-05-13 12:24 380,445 --a------ C:\WINDOWS\system32\expsrv.dll
2007-05-13 12:24 38,912 --a------ C:\WINDOWS\system32\audiosrv.dll
2007-05-13 12:24 37,888 --a------ C:\WINDOWS\system32\hhsetup.dll
2007-05-13 12:24 36,922 --a------ C:\WINDOWS\system32\imeshare.dll
2007-05-13 12:24 35,328 --a------ C:\WINDOWS\system32\dfrgsnap.dll
2007-05-13 12:24 324,608 --a------ C:\WINDOWS\system32\cmdial32.dll
2007-05-13 12:24 32,768 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-05-13 12:24 32,512 --------- C:\WINDOWS\system32\drivers\amdk7.sys
2007-05-13 12:24 307,712 --a------ C:\WINDOWS\system32\cscui.dll
2007-05-13 12:24 30,208 --a------ C:\WINDOWS\system32\imgutil.dll
2007-05-13 12:24 29,696 --a------ C:\WINDOWS\system32\asr_pfu.exe
2007-05-13 12:24 28,160 --a------ C:\WINDOWS\system32\pidgen.dll
2007-05-13 12:24 277,504 --a------ C:\WINDOWS\system32\appmgr.dll
2007-05-13 12:24 263,680 --a------ C:\WINDOWS\system32\duser.dll
2007-05-13 12:24 263,168 --a------ C:\WINDOWS\system32\devmgr.dll
2007-05-13 12:24 25,600 --a------ C:\WINDOWS\system32\dfsshlex.dll
2007-05-13 12:24 240,640 --a------ C:\WINDOWS\system32\hnetcfg.dll
2007-05-13 12:24 24,576 --a------ C:\WINDOWS\system32\conime.exe
2007-05-13 12:24 239,616 --a------ C:\WINDOWS\system32\adsnt.dll
2007-05-13 12:24 238,592 --a------ C:\WINDOWS\system32\compatui.dll
2007-05-13 12:24 236,032 --a------ C:\WINDOWS\system32\icm32.dll
2007-05-13 12:24 227,840 --a------ C:\WINDOWS\system32\dsquery.dll
2007-05-13 12:24 225,280 --a------ C:\WINDOWS\system32\es.dll
2007-05-13 12:24 22,528 --a------ C:\WINDOWS\system32\at.exe
2007-05-13 12:24 20,480 --a------ C:\WINDOWS\system32\hidserv.dll
2007-05-13 12:24 19,456 --a------ C:\WINDOWS\system32\fontview.exe
2007-05-13 12:24 19,456 --a------ C:\WINDOWS\system32\ersvc.dll
2007-05-13 12:24 186,880 --a------ C:\WINDOWS\system32\certcli.dll
2007-05-13 12:24 183,296 --a------ C:\WINDOWS\system32\gptext.dll
2007-05-13 12:24 180,224 --a------ C:\WINDOWS\system32\dwwin.exe
2007-05-13 12:24 178,688 --a------ C:\WINDOWS\system32\eudcedit.exe
2007-05-13 12:24 17,792 --------- C:\WINDOWS\system32\drivers\irbus.sys
2007-05-13 12:24 168,960 --a------ C:\WINDOWS\system32\dinput8.dll
2007-05-13 12:24 165,376 --a------ C:\WINDOWS\system32\els.dll
2007-05-13 12:24 164,864 --a------ C:\WINDOWS\system32\mqrt.dll
2007-05-13 12:24 164,352 --a------ C:\WINDOWS\system32\mqtrig.dll
2007-05-13 12:24 162,816 --a------ C:\WINDOWS\system32\adsldp.dll
2007-05-13 12:24 158,720 --a------ C:\WINDOWS\system32\credui.dll
2007-05-13 12:24 156,672 --a------ C:\WINDOWS\system32\appmgmts.dll
2007-05-13 12:24 156,544 --a------ C:\WINDOWS\system32\drivers\nwrdr.sys
2007-05-13 12:24 151,552 --a------ C:\WINDOWS\system32\dinput.dll
2007-05-13 12:24 14,848 --a------ C:\WINDOWS\system32\mqise.dll
2007-05-13 12:24 14,366 --a------ C:\WINDOWS\system32\asfsipc.dll
2007-05-13 12:24 139,776 --a------ C:\WINDOWS\system32\adsldpc.dll
2007-05-13 12:24 135,680 --a------ C:\WINDOWS\system32\dsprop.dll
2007-05-13 12:24 130,048 --a------ C:\WINDOWS\system32\mqad.dll
2007-05-13 12:24 13,312 --a------ C:\WINDOWS\system32\ctfmon.exe
2007-05-13 12:24 124,928 --a------ C:\WINDOWS\system32\dssenh.dll
2007-05-13 12:24 123,904 --a------ C:\WINDOWS\system32\imapi.exe
2007-05-13 12:24 115,712 --a------ C:\WINDOWS\system32\apphelp.dll
2007-05-13 12:24 115,200 --a------ C:\WINDOWS\system32\dpcdll.dll
2007-05-13 12:24 114,176 --a------ C:\WINDOWS\system32\input.dll
2007-05-13 12:24 113,664 --a------ C:\WINDOWS\system32\schtasks.exe
2007-05-13 12:24 113,152 --a------ C:\WINDOWS\system32\idq.dll
2007-05-13 12:24 113,152 --a------ C:\WINDOWS\system32\gpresult.exe
2007-05-13 12:24 113,152 --a------ C:\WINDOWS\system32\dfrgui.dll
2007-05-13 12:24 103,936 --a------ C:\WINDOWS\system32\rsnotify.exe
2007-05-13 12:24 103,936 --a------ C:\WINDOWS\system32\imm32.dll
2007-05-13 12:24 103,424 --a------ C:\WINDOWS\system32\dgnet.dll
2007-05-13 12:24 10,752 --a------ C:\WINDOWS\system32\spiisupd.exe
2007-05-13 12:24 10,752 --a------ C:\WINDOWS\hh.exe
2007-05-13 12:24 1,740 --a------ C:\WINDOWS\system32\dcache.bin
2007-05-13 12:24 1,172,992 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-05-13 12:24 1,004,032 --a------ C:\WINDOWS\explorer.exe
2007-05-12 17:28 262,708 --a------ C:\WINDOWS\system32\mlljh.dll
2007-05-12 17:28 1,494,199 --ahs---- C:\WINDOWS\system32\hjllm.bak1
2007-05-12 17:20 10,000 --a------ C:\WINDOWS\system32\fs6ehnf8jd.dll
2007-05-12 13:03 <DIR> d-------- C:\WINDOWS\system32\appmgmt
2007-05-11 14:57 <DIR> d-------- C:\Program Files\mIRC
2007-05-11 14:44 <DIR> d-------- C:\DOCUME~1\zach\APPLIC~1\Lavasoft
2007-05-11 14:43 <DIR> d-------- C:\Program Files\Lavasoft
2007-05-10 14:51 <DIR> d-------- C:\DOCUME~1\zach\APPLIC~1\WinRAR
2007-05-10 14:47 53,248 --a------ C:\WINDOWS\system32\ImageOle.dll
2007-05-10 14:47 <DIR> d-------- C:\Program Files\Ocean Technology
2007-05-02 00:06 60,928 --a------ C:\WINDOWS\system32\bilq.dll
2007-05-01 23:51 <DIR> d-------- C:\WINDOWS\umum
2007-05-01 23:51 <DIR> d-------- C:\Program Files\Common Files\umum
2007-05-01 23:36 <DIR> d--hs---- C:\WINDOWS\emFjaA
2007-04-24 14:46 <DIR> d-------- C:\Program Files\iPod
2007-04-24 14:45 <DIR> d-------- C:\Program Files\QuickTime
2007-04-24 00:51 <DIR> d-------- C:\Program Files\Last.fm
2007-04-16 21:10 124,142 --a------ C:\WINDOWS\b136.exe


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-05-13 17:59:15 -------- d-----w C:\Program Files\Warcraft III
2007-05-13 16:51:41 75,264 ----a-w C:\WINDOWS\system32\ws2_32.dll
2007-05-13 16:45:43 -------- d--h--w C:\Program Files\WindowsUpdate
2007-05-13 16:37:59 -------- d-----w C:\Program Files\Messenger
2007-05-13 16:31:51 -------- d-----w C:\Program Files\Movie Maker
2007-05-12 21:23:38 -------- d-----w C:\Program Files\Windows NT
2007-05-11 19:02:01 -------- d-----w C:\Program Files\Steam
2007-05-11 18:43:24 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-05-10 18:47:07 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-05-10 18:46:58 -------- d-----w C:\Program Files\Common Files\InstallShield
2007-04-30 03:27:40 -------- d-----w C:\Program Files\AIM
2007-04-24 18:47:04 -------- d-----w C:\Program Files\iTunes
2007-04-20 15:26:53 -------- d-----w C:\DOCUME~1\zach\APPLIC~1\Aim
2007-03-06 04:10:03 -------- d-----w C:\Program Files\StepMania


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{E2EE5C44-C66D-499d-BEAE-A2A79189A63A}=C:\WINDOWS\System32\mtlhmofk.dll [2007-05-13 14:06]
{F409000E-3BD1-4CDB-88D6-3830A3C0D862}=C:\WINDOWS\System32\mlljh.dll [2007-05-12 17:28]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"kX Mixer"="C:\\WINDOWS\\System32\\kxmixer.exe --startup"
"HP Software Update"="\"C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe\""
"HP Component Manager"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"DeadAIM"="rundll32.exe \"C:\\Program Files\\AIM\\\\DeadAIM.ocm\",ExportedCheckODLs"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_10\\bin\\jusched.exe\""
"NvMediaCenter"="RunDLL32.exe NvMCTray.dll,NvTaskbarInit"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2006-10-22 13:22]
"nwiz"="nwiz.exe" [2006-10-22 13:22 C:\WINDOWS\system32\nwiz.exe])
"kX Mixer"="C:\WINDOWS\System32\kxmixer.exe" [2004-02-16 18:19]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 14:38]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 16:18]
"DeadAIM"="C:\Program Files\AIM\\DeadAIM.ocm" [2003-02-24 17:11]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" [2006-11-09 16:07]
"NvMediaCenter"="NvMCTray.dll" [2006-10-22 13:22 C:\WINDOWS\system32\nvmctray.dll])
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 10:54]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-03-14 19:05]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2002-08-29 06:41]
"Steam"="" [])
"Kkjx"="C:\Program Files\??mbols\r?gedit.exe" []
"Mcti"="C:\PROGRA~1\PPPATC~1\ntvdm.exe" []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"Steam"=""
"Kkjx"="\"C:\\Program Files\\??mbols\\r?gedit.exe\""
"Mcti"="\"C:\\PROGRA~1\\PPPATC~1\\ntvdm.exe\" -vt ndrv"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoDispAppearancePage"=dword:00000000
"NoColorChoice"=dword:00000000
"NoSizeChoice"=dword:00000000
"NoDispBackgroundPage"=dword:00000000
"NoDispScrSavPage"=dword:00000000
"NoDispCPL"=dword:00000000
"NoVisualStyleChoice"=dword:00000000
"NoDispSettingsPage"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktopChanges"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSaveSettings"=dword:00000000
"NoThemesTab"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]


HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mlljh

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages msv1_0\0\0
Security Packages kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages scecli\0\0




[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService DnsCache\0\0
rpcss RpcSs\0\0
imgsvc StiSvc\0\0
termsvcs TermService\0\0

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost


~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

backup-20070512-224627-785
O4 - HKLM\..\Run: [RunOnce2Upd] "C:\WINDOWS\System32\KB_963493.exe"

********************************************************************

catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-05-13 14:07:22
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


********************************************************************

Completion time: 2007-05-13 14:07:51 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-05-13 14:07

uninstall_list

ABC (remove only)
Ad-Aware SE Personal
Adobe Flash Player 9 ActiveX
Adobe Reader 8
Adobe SVG Viewer 3.0
AOL Instant Messenger
DeadAIM
GG E-Sports Platform
Google Earth
HijackThis 1.99.1
HP Image Zone 4.2
HP PSC & OfficeJet 4.2
HP Software Update
iTunes
J2SE Runtime Environment 5.0 Update 10
Last.fm 1.1.3.0
Microsoft .NET Framework 1.1
mIRC
Mozilla Firefox (2.0.0.2)
Mozilla Firefox (2.0.0.3)
Natural Selection 3.2
NVIDIA Drivers
QuickTime
Spybot - Search & Destroy 1.4
Steam
Ventrilo Client
VideoLAN VLC media player 0.8.6a
Viewpoint Media Player
WC3Banlist
Windows Installer 3.1 (KB893803)
Windows XP Service Pack 1a
WinRAR archiver

Logfile of HijackThis v1.99.1
Scan saved at 2:09:32 PM, on 5/13/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\kxmixer.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\System32\notepad.exe
C:\Documents and Settings\zach\Desktop\scanner.exe

O2 - BHO: (no name) - {E2EE5C44-C66D-499d-BEAE-A2A79189A63A} - C:\WINDOWS\System32\mtlhmofk.dll
O2 - BHO: (no name) - {F409000E-3BD1-4CDB-88D6-3830A3C0D862} - C:\WINDOWS\System32\mlljh.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [kX Mixer] C:\WINDOWS\System32\kxmixer.exe --startup
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\Program Files\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Kkjx] "C:\Program Files\??mbols\r?gedit.exe"
O4 - HKCU\..\Run: [Mcti] "C:\PROGRA~1\PPPATC~1\ntvdm.exe" -vt ndrv
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O20 - Winlogon Notify: mlljh - C:\WINDOWS\System32\mlljh.dll
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

Thanks to Atribune and any others who helped with this fix.

Please understand these hackers can call there junk anything they wish. Vundofix may not know the files at first, but it will learn. You want to run the fix until you see all Vundo files say: "Has been deleted"

Please download VundoFix.exe (http://www.atribune.org/ccount/click.php?id=4) to your desktop
Double-click VundoFix.exe to run it.
Click the Scan for Vundo button.
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will reboot your computer, click OK.
Please post the contents of C:\vundofix.txt and a new HiJackThislogin a reply to this thread.Note: It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button" when VundoFix appears upon rebooting.

If there is a file VundoFix doesn't find we need it submitted. Please submit
the files to upload malware http://www.uploadmalware.com

Thanks

VundoFix V6.3.21

Checking Java version...

Java version is 1.5.0.10

Scan started at 2:49:55 PM 5/13/2007

Listing files found while scanning....

C:\WINDOWS\System32\hjllm.bak1
C:\WINDOWS\System32\hjllm.bak2
C:\WINDOWS\System32\hjllm.ini
C:\WINDOWS\System32\hjllm.ini2
C:\WINDOWS\System32\hjllm.tmp
C:\WINDOWS\System32\mlljh.dll

Beginning removal...

Attempting to delete C:\WINDOWS\System32\hjllm.bak1
C:\WINDOWS\System32\hjllm.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\System32\hjllm.bak2
C:\WINDOWS\System32\hjllm.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\System32\hjllm.ini
C:\WINDOWS\System32\hjllm.ini Has been deleted!

Attempting to delete C:\WINDOWS\System32\hjllm.ini2
C:\WINDOWS\System32\hjllm.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\System32\hjllm.tmp
C:\WINDOWS\System32\hjllm.tmp Has been deleted!

Attempting to delete C:\WINDOWS\System32\mlljh.dll
C:\WINDOWS\System32\mlljh.dll Has been deleted!

Performing Repairs to the registry.
Done!








Logfile of HijackThis v1.99.1
Scan saved at 2:57:23 PM, on 5/13/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\kxmixer.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\zach\Desktop\scanner.exe

O2 - BHO: (no name) - {E2EE5C44-C66D-499d-BEAE-A2A79189A63A} - C:\WINDOWS\System32\mtlhmofk.dll
O2 - BHO: (no name) - {F409000E-3BD1-4CDB-88D6-3830A3C0D862} - C:\WINDOWS\System32\mlljh.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [kX Mixer] C:\WINDOWS\System32\kxmixer.exe --startup
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\Program Files\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WindowsUpdate] rundll32.exe "C:\WINDOWS\System32\ainwpnun.dll",realset
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Kkjx] "C:\Program Files\??mbols\r?gedit.exe"
O4 - HKCU\..\Run: [Mcti] "C:\PROGRA~1\PPPATC~1\ntvdm.exe" -vt ndrv
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

See this: http://forums.spybot.info/showpost.php?p=12880&postcount=2
C:\Program Files\Java\jre1.5.0_10\ <<< update your Java then uninstall this old version. Check your Java scheduler when time permits, it is running any appears it is not working. The scheduler is buggy, personally I turn it off and update manually.


1) How to make files and folders visible:
Click Start > Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.
Uncheck: Hide file extensions for known file types
Uncheck the Hide protected operating system files (recommended) option.
Click Yes to confirm. Click OK.
You may reverse this for safety when we are finished.

2) Please download ATF Cleaner by Atribune
http://www.atribune.org/content/view/25/2/
Save it to your Desktop. We will use this later.

3) Open HijackThis and choose "Do a system scan only" then check the box in front of these line items:

O2 - BHO: (no name) - {E2EE5C44-C66D-499d-BEAE-A2A79189A63A} - C:\WINDOWS\System32\mtlhmofk.dll
O2 - BHO: (no name) - {F409000E-3BD1-4CDB-88D6-3830A3C0D862} - C:\WINDOWS\System32\mlljh.dll (file missing)
O4 - HKLM\..\Run: [WindowsUpdate] rundll32.exe "C:\WINDOWS\System32\ainwpnun.dll",realset
O4 - HKCU\..\Run: [Kkjx] "C:\Program Files\??mbols\r?gedit.exe"

Close all programs but HJT and all browser windows, then click on "Fix Checked"

4) RIGHT Click on Start then click on Explore. Locate and delete these items:

C:\Program Files\??mbols\ <<< delete that folder

C:\WINDOWS\System32\ainwpnun.dll <<< delete that file

( that file gives you trouble, then use this tool to kill it)
How to use the Delete on Reboot tool http://www.bleepingcomputer.com/tutorials/tutorial42.html#delreb

5) Run ATF Cleaner
Double-click ATF-Cleaner.exe to run the program.
Click Select All found at the bottom of the list.
Click the Empty Selected button.
Click Exit on the Main menu to close the program.

Restart the computer and post a new HJT log, let me know how the computer is running.

Thanks

I am unable to locate this folder to delete it, is it possible that it has already been deleted?

C:\Program Files\??mbols\

I skipped deleting the "??mbols" folder, ran the ATF Cleaner, and rebooted my PC, heres the new log

Logfile of HijackThis v1.99.1
Scan saved at 4:10:05 PM, on 5/13/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\kxmixer.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\zach\Desktop\scanner.exe

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [kX Mixer] C:\WINDOWS\System32\kxmixer.exe --startup
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\Program Files\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Mcti] "C:\PROGRA~1\PPPATC~1\ntvdm.exe" -vt ndrv
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

I am unable to locate this folder to delete it, is it possible that it has already been deleted?
C:\Program Files\??mbols\Yes, it is very possible it only remained in the HJT log and just needed removed. At this point I can see no malware in the HJT log. Since this was such a nasty infection, I would like to run one more scan to look for possible hidden malware. Once that is done and we clean the System Restore files, I suggest you download SP2 at that point.

Follow the instructions in this link to download, install, update and run AVG Anti-Spyware, delete or quarantine anything it finds and post the scan report. http://forums.security-central.us/showthread.php?t=3165

Thanks

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 5:00:33 PM 5/13/2007

+ Scan result:



C:\QooBox\Quarantine\C\WINDOWS\system32\lymagwoa.dll.vir -> Adware.BHO : No action taken.
C:\QooBox\Quarantine\C\Program Files\Outerinfo\OiUninstaller.exe.vir -> Adware.PurityScan : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP103\A0023831.exe -> Adware.PurityScan : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP94\A0017866.dll -> Adware.PurityScan : No action taken.
C:\WINDOWS\system32\bilq.dll -> Adware.PurityScan : No action taken.
C:\WINDOWS\b136.exe -> Adware.Softomate : No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\byxursr.dll.vir -> Adware.Virtumonde : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP95\A0018200.exe -> Adware.WebHancer : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP95\A0018201.dll -> Adware.WebHancer : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP95\A0018202.dll -> Adware.WebHancer : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP95\A0018209.exe -> Adware.WebHancer : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP95\A0018210.dll -> Adware.WebHancer : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP95\A0018211.dll -> Adware.WebHancer : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP98\A0018340.exe -> Adware.WebHancer : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP98\A0018341.dll -> Adware.WebHancer : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP98\A0018342.exe -> Adware.WebHancer : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP99\A0018349.dll -> Adware.WebHancer : No action taken.
C:\WINDOWS\b129.exe -> Adware.WebHancer : No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\ip6fw.sys.vir -> Backdoor.Bulknet : No action taken.
C:\Program Files\AIM\uq.exe -> Downloader.Agent.bls : No action taken.
C:\Program Files\Mozilla Firefox\uq.exe -> Downloader.Agent.bls : No action taken.
C:\QooBox\Quarantine\C\WINDOWS\retadpu72.exe.vir -> Downloader.Agent.bls : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP101\A0018679.exe -> Downloader.Agent.bls : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP96\A0018285.exe -> Downloader.Agent.bls : No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\winupd_KB93736873.exe.vir -> Downloader.Agent.bnf : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP103\A0023832.exe -> Downloader.PurityScan.ee : No action taken.
C:\Program Files\AIM\xz.exe -> Downloader.PurityScan.eg : No action taken.
C:\Program Files\Mozilla Firefox\xz.exe -> Downloader.PurityScan.eg : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP94\A0017871.exe -> Downloader.PurityScan.eg : No action taken.
C:\WINDOWS\b104.exe -> Downloader.Small.buy : No action taken.
C:\WINDOWS\system32\fs6ehnf8jd.dll -> Downloader.Small.ddx : No action taken.
C:\Program Files\Common Files\umum\umumd\vocabulary -> Downloader.TSUpdate.j : No action taken.
C:\WINDOWS\b103.exe -> Downloader.TSUpdate.o : No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\rpcc.exe.vir -> Proxy.Dlena.ad : No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\winupd_KB50712874.exe.vir -> Proxy.Wopla.ag : No action taken.
C:\QooBox\Quarantine\catchme2007-05-13_140552.31.zip/koos.exe -> Proxy.Wopla.ag : No action taken.
C:\QooBox\Quarantine\catchme2007-05-13_140552.31.zip/poof -> Proxy.Wopla.ag : No action taken.
C:\QooBox\Quarantine\C\Documents and Settings\All Users\Documents\Settings\partnership.dll.vir -> Proxy.Xorpix.ar : No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\main.sys.vir -> Rootkit.Agent.el : No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\ksys.sys.vir -> Rootkit.NtRootKit : No action taken.
:mozilla.221:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.100:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.101:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.102:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.103:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.26:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.27:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.28:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.29:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.300:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.301:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.30:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.31:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.32:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.33:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.34:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.35:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.36:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.37:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.385:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.38:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.39:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.40:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.41:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.42:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.43:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.442:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.44:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.45:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.46:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.474:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.478:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.47:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.48:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.49:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.508:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.50:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.51:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.52:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.53:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.54:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.55:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.56:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.57:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.58:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.592:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.59:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.60:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.61:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.62:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.63:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.64:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.65:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.66:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.679:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.67:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.68:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.69:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.70:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.71:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.727:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.72:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.733:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.73:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.73:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.74:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.74:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.75:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.76:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.77:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.78:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.79:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.80:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.81:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.82:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.82:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.83:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.84:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.85:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.86:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.87:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.88:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.891:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.89:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.90:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.91:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.92:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.93:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.94:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.95:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.96:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.97:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.98:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.99:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.242:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.243:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.300:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.301:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.302:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.303:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.772:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.773:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.248:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Addynamix : No action taken.
:mozilla.279:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.286:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.48:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.49:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.50:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.51:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.52:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.53:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.54:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.166:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.167:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.168:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.169:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.170:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.18:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.21:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.23:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.30:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\zach\Cookies\zach@advertising[2].txt -> TrackingCookie.Advertising : No action taken.
:mozilla.22:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.88:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.431:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Bfast : No action taken.
:mozilla.605:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.258:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Bridgetrack : No action taken.
:mozilla.265:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Bridgetrack : No action taken.
:mozilla.271:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Bridgetrack : No action taken.
:mozilla.789:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Bridgetrack : No action taken.
:mozilla.790:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Bridgetrack : No action taken.
:mozilla.304:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Burstbeacon : No action taken.
:mozilla.897:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Burstbeacon : No action taken.
:mozilla.294:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.295:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.296:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.782:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.783:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.312:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.313:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.314:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.315:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.329:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Com : No action taken.
:mozilla.153:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Coremetrics : No action taken.
:mozilla.356:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Coremetrics : No action taken.
:mozilla.555:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Coremetrics : No action taken.
:mozilla.332:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Cpvfeed : No action taken.
:mozilla.333:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Cpvfeed : No action taken.
:mozilla.334:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Cpvfeed : No action taken.
:mozilla.335:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Cpvfeed : No action taken.
:mozilla.38:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.89:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\zach\Cookies\zach@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.388:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Enhance : No action taken.
:mozilla.640:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.244:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.245:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.246:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.703:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.704:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.281:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.311:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.284:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.285:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.181:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Findwhat : No action taken.
C:\WINDOWS\system32\config\systemprofile\Cookies\system@findwhat[1].txt -> TrackingCookie.Findwhat : No action taken.
:mozilla.220:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.239:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.292:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.402:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.602:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.623:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.651:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.665:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.676:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.688:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.714:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.717:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.718:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.75:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.916:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.917:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.918:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.132:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.140:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.141:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.144:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.145:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.14:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.6:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.716:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.724:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.725:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.727:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.758:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.759:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.760:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.761:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.762:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.7:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.403:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.747:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.455:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken.
:mozilla.456:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken.
:mozilla.479:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken.
:mozilla.480:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken.
:mozilla.632:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Info : No action taken.
:mozilla.633:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Info : No action taken.
:mozilla.840:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Information : No action taken.
:mozilla.631:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Intelli-direct : No action taken.
:mozilla.494:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Ivwbox : No action taken.
:mozilla.316:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.317:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.318:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.350:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.351:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.352:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.399:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.400:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.401:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.559:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.560:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.667:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.668:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.812:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.813:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.829:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.830:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.831:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.832:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.833:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.841:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.842:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.843:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.845:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.846:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.847:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.927:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.928:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.221:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Matchcraft : No action taken.
:mozilla.222:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Matchcraft : No action taken.
:mozilla.223:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Matchcraft : No action taken.
:mozilla.224:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Matchcraft : No action taken.
:mozilla.225:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Matchcraft : No action taken.
:mozilla.129:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.359:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.360:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.854:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.855:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.114:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.115:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.116:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.117:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Overture : No action taken.

:mozilla.180:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.85:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.86:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.87:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Overture : No action taken.
C:\WINDOWS\system32\config\systemprofile\Cookies\system@overture[1].txt -> TrackingCookie.Overture : No action taken.
:mozilla.645:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Paypal : No action taken.
:mozilla.958:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Paypal : No action taken.
:mozilla.193:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.195:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.196:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.197:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.198:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.249:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.250:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.251:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.252:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.253:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.109:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Pro-market : No action taken.
:mozilla.110:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Pro-market : No action taken.
:mozilla.165:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.166:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.167:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.240:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.241:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.435:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.436:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.437:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.438:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.439:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.635:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.636:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.637:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.638:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.639:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.640:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.641:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.642:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.643:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.644:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.871:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Realtracker : No action taken.
:mozilla.118:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.119:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.125:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.126:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.128:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.649:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.771:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.175:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.176:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.177:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.178:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.179:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.180:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.181:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.182:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.183:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.259:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.777:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.90:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.91:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.92:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.93:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.94:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.95:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.96:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.97:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.98:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.99:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.168:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.169:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.170:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.171:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.172:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.174:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.202:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.203:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.204:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.205:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.206:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.207:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.293:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.528:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.529:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.530:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.531:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.532:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.533:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.658:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.659:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.660:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.661:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.662:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.206:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.207:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.208:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.

:mozilla.210:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.213:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.214:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.215:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.216:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.217:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.218:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.219:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.277:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.278:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.282:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.287:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.438:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Starware : No action taken.
:mozilla.439:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Starware : No action taken.
:mozilla.863:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Starware : No action taken.
:mozilla.858:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.860:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.862:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.863:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.306:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.307:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.308:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.309:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.310:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.434:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.690:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.691:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.692:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.783:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.19:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.20:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.244:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.245:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.246:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.247:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.248:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.249:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.24:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.250:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.251:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.252:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.25:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.26:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.27:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.28:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.29:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.243:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.63:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.64:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.617:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Valueclick : No action taken.
:mozilla.189:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Webtrends : No action taken.
:mozilla.821:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.273:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.274:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.275:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.276:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.41:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.42:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.43:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.46:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.47:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.203:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.204:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.205:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.211:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.212:C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\42zfj4vh.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.280:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.281:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.283:C:\Documents and Settings\mom\Application Data\Mozilla\Firefox\Profiles\526calv5.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\wsys.dll.vir -> Trojan.Pakes : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP102\A0019815.dll -> Trojan.Pakes : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP102\A0020826.dll:fork2 -> Trojan.Pakes : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP103\A0021826.dll:fork2 -> Trojan.Pakes : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP103\A0022826.dll:fork2 -> Trojan.Pakes : No action taken.
C:\WINDOWS\system32\ws2_32.dll:fork2 -> Trojan.Pakes : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP101\A0018633.exe -> Trojan.Rond : No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\wapisvcc.exe.vir -> Trojan.Small : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP94\A0017867.exe -> Trojan.Small : No action taken.
C:\System Volume Information\_restore{A0E84C9B-6235-43CD-BF83-18A8013F9855}\RP98\A0018336.vbs -> Trojan.Small : No action taken.
C:\WINDOWS\emFjaA\yAI3uE.vbs -> Trojan.Small : No action taken.


::Report end

Follow the instructions in this link to download, install, update and run AVG Anti-Spyware, delete or quarantine anything it finds and post the scan report.

I specified to delete or quarantine anything you found?

Before you run it again, do this:

1) C:\QooBox\ <<< delete this and any other combofix files from your computer.
Also remove Vundofix.

2) http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001111912274039?Open&src=sec_doc_nam
Same instructions:
Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

Reboot

Turn ON System Restore,
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.

3) Delete all cookies in Firefox:
http://mozilla.gunnars.net/firefox_help_firefox_cookie_tutorial.html
http://privacy.getnetwise.org/browsing/tools/firefox1/ffdisablecookies
http://www.mozilla.org/projects/security/pki/psm/help_21/using_priv_help.html

Especially check:
C:\Documents and Settings\zach\Application Data\Mozilla\Firefox\Profiles\ <<< in this folderall appear to be in Zack and Mom profiles.

Once that is done, then restart the computer and run AVG Anti-Spyware again and this time DELETE or QUARANTINE anything it finds and post the scan report.

this is the second report

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 6:04:48 PM 5/13/2007

+ Scan result:



C:\WINDOWS\system32\bilq.dll -> Adware.PurityScan : Cleaned.
C:\WINDOWS\b136.exe -> Adware.Softomate : Cleaned.
C:\WINDOWS\b129.exe -> Adware.WebHancer : Cleaned.
C:\Documents and Settings\zach\Cookies\zach@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.


::Report end

Looks good :bigthumb: You will want to review this information:
http://www.microsoft.com/windowsxp/downloads/updates/sp2/cdorder/en_us/default.mspx
http://www.microsoft.com/windowsxp/sp2/sp2_whattoknow.mspx
http://www.microsoft.com/windowsxp/sp2/sysreqs.mspx
The CD used to be free but I believe they charge for it now. You must update to SP#2, you cannot download the critical updates until you do:
http://www.microsoft.com/windows/support/endofsupport.mspx

You can download online at Windows updates: Internet Explorer > Tools > Windows Updates. If you have any problems downloading SP#2 you can get help here: http://support.microsoft.com/

AVG Anti-Spyware is a good program but it does use some resources. Once the trial is over you can update and use the scanner for as long as you wish, but unless you purchase it you should turn it off completely so it does not run unless you start it manually.

Here is some great information from Tony Klein, Texruss, ChrisRLG and Grinler to help you stay clean and safe online:
http://forums.spybot.info/showthread.php?t=279
http://russelltexas.com/malware/allclear.htm
http://forum.malwareremoval.com/viewtopic.php?t=14
http://www.bleepingcomputer.com/forums/topict2520.html
http://cybercoyote.org/security/not-admin.shtml

Thanks...pskelley
Safer Networking Forums
http://www.spybot.info/en/donate/index.html
If you are reading this information...thank a teacher,
If you are reading it in English...thank a soldier.

Thank you so much! This means a great deal to me, especially since its mothers day. I would have gotten nowhere without your help. Thank you!

As the problem appears to be resolved this topic has been closed.

If you need it re-opened please send me or a forum staff member a private message (pm) and provide a link to the thread; this applies only to the original topic starter.

Anyone else with similar problems please start a new topic.

Thanks