Unsolved
This post is more than 5 years old
30 Posts
0
1600
HiJackThis log -win32/vmalum.aom & win32/zquest.e
Hello. Everytime I start my computer my anti-virus pops up telling me I'm infected with
win32/vmalum.aom 83122.exe
win32/zquest. tk58[1].
win32/zquest. tk58[1].
here is my log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:42:39 AM, on 8/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Scan saved at 5:42:39 AM, on 8/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
C:\Program Files\dvd43\dvd43_tray.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\mefese22011.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
C:\Program Files\dvd43\dvd43_tray.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\mefese22011.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ShowLOMControl]
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"
O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mefese] C:\Program Files\Messenger\mefese22011.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {C946EF6D-296D-4907-A6E1-ED0E8E5AF024} (LycosMail Upload Control) - http://lycosmail.lycos.com/hanmail-ax/AttachMail.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: dlcc_device - - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ShowLOMControl]
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"
O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mefese] C:\Program Files\Messenger\mefese22011.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {C946EF6D-296D-4907-A6E1-ED0E8E5AF024} (LycosMail Upload Control) - http://lycosmail.lycos.com/hanmail-ax/AttachMail.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: dlcc_device - - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
--
End of file - 9351 bytes
End of file - 9351 bytes
Bugbatter
20.5K Posts
0
August 26th, 2007 13:00
Reboot into Safemode:
Turn on the computer.
Immediately begin tapping the F8 key.
Use the arrow keys to highlight Safe Mode and press the Enter key. Have your resident anti-virus scan and see if it will quarantine the infection. There have been other reports of this one showing up today from others using Yahoo's anti-virus. Therefore, just to be sure it is not a false positive, leave it in quarantine for a week or so until you delete it for good.
Following that, please upload/scan this file in question here: http://virusscan.jotti.org/
C:\Program Files\Messenger\ mefese22011.exe
You may have to click on Projects (only if the homepage comes up) and then online Malware Scan to access the virus scan page.
If you are at a black page with the title "Online malware scan", you are in the right place.
Click "Browse..." and navigate to the (bad file> show path)
Click "Open" and then "Submit"
It will take a couple seconds and then the results should be lower on the page. Please copy the information from "File:" down to "Norman Virus Control" and post it in your next reply.
Also include a fresh Hijackthis log. Let me know if your anti-virus was able to move the bad files to quarantine.
Message Edited by Bugbatter on 08-26-2007 10:01 AM
swingman13
30 Posts
0
August 27th, 2007 04:00
Scanner Malware name A-Squared Trojan-Downloader.Win32.Tiny.id AntiVir TR/Click.Agent.NP ArcaVir Trojan.Downloader.Tiny.Id Avast Win32:Tiny-IF AVG Antivirus Downloader.Generic4.ZQI BitDefender Trojan.Clicker.Agent.NP ClamAV Trojan.Downloader-10686 CPsecure Troj.Downloader.W32.Tiny.id Dr.Web Trojan.Click.2799 F-Prot Antivirus W32/Downldr2.AJXG F-Secure Anti-Virus Trojan-Downloader.Win32.Tiny.id Fortinet W32/Tiny.ID!tr.dldr Kaspersky Anti-Virus Trojan-Downloader.Win32.Tiny.id NOD32 probably a variant of Win32/TrojanDownloader.Small Norman Virus Control W32/Tiny.AHW Panda Antivirus Trj/Downloader.PCQ Rising Antivirus Trojan.DL.Win32.Tiny.id Sophos Antivirus Troj/Dloadr-BCZ VirusBuster Trojan.DL.Tiny.IH VBA32 Trojan.Click.2799
swingman13
30 Posts
0
August 27th, 2007 04:00
Scan saved at 10:26:52 PM, on 8/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
C:\Program Files\dvd43\dvd43_tray.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\mefese22011.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ShowLOMControl]
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"
O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mefese] C:\Program Files\Messenger\mefese22011.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {C946EF6D-296D-4907-A6E1-ED0E8E5AF024} (LycosMail Upload Control) - http://lycosmail.lycos.com/hanmail-ax/AttachMail.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: dlcc_device - - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
End of file - 8981 bytes
swingman13
30 Posts
0
August 27th, 2007 06:00
A few things I think you should know. Before all this happened That 2006 WinAntiVirus tried to install to my computer and I cancelled it. Also that Webbuying prgram was on my computer and I removed it before coming to this forum. From reading other post I felt it was important to mention that.
Message Edited by swingman13 on 08-27-2007 04:17 AM
Message Edited by swingman13 on 08-28-2007 12:24 AM
swingman13
30 Posts
0
August 29th, 2007 03:00
Message Edited by swingman13 on 08-28-2007 11:33 PM
Bugbatter
20.5K Posts
0
August 30th, 2007 15:00
Bugbatter
20.5K Posts
0
August 30th, 2007 15:00
We need to disable your Microsoft Windows Defender Real-time Protection as it may interfere with the fixes that we need to make.
* Open Microsoft Windows Defender. Click Start, Programs, Windows Defender
* Click on Tools, General Settings
* Under Real-time protection options, deselect the Turn on real-time protection check box
* Click Save
After all of the fixes are complete it is very important that you enable Real-time Protection again.
Please launch HijackThis and place a checkmark next to the following;
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
O4 - HKLM\..\Run: [mefese] C:\Program Files\Messenger\mefese22011.exe
Close all windows except HijackThis and click "Fix Checked".
Reboot into Safemode:
Turn on the computer.
Immediately begin tapping the F8 key.
Use the arrow keys to highlight Safe Mode and press the Enter key.
Configure to show all files/folders:
Go to Start>Search and at the top select Tools>Folder Options
Select the View tab
Display the contents of system folders
Show hidden files and folders
Uncheck: Hide protected operating system files
Click on Apply.
Next go to the side of the Search box and select All files and folders. Go down to More advanced options.
Be sure the first three boxes are selected:
Search System folders
Search Hidden Files and folders
Search SubFolders
Delete this file:
C:\Program Files\Messenger\ mefese22011.exe -- FILE
Reboot normally.
Rehide files:
Start>Search and at the top select Tools>Folder Options
Select the View tab
Display the contents of system folders
Show hidden files and folders
Check: Hide protected operating system files
Click on Apply.
Download SUPERAntiSpyware Free for Home Users
Double-click the icon to launch Super Anti-Spyware.
swingman13
30 Posts
0
August 30th, 2007 15:00
swingman13
30 Posts
0
August 30th, 2007 16:00
Bugbatter
20.5K Posts
0
August 30th, 2007 17:00
swingman13
30 Posts
0
August 30th, 2007 19:00
http://www.superantispyware.com
Trace Rules Database Version: 1305
Total Scan Time : 02:07:00
Memory threats detected : 0
Registry items scanned : 6572
Registry threats detected : 0
File items scanned : 100743
File threats detected : 583
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@adrevolver[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-hollywoodmedia.hitbox[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@reduxads.valuead[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@pornotube[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@edge.ru4[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@nextag[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.ez-tracks[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@bluestreak[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@anad.tacoda[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@apmebf[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@trafficmp[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@S134168[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ads.pointroll[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@statse.webtrendslive[4].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ads.addynamix[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@tacoda[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@view.atdmt[5].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@anat.tacoda[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@fastclick[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@sec1.liveperson[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@microsoftwga.112.2o7[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@dist.belnk[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@tradedoubler[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.burstbeacon[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-ifilm.hitbox[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@stalkertrack[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@247realmedia[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ads.k8l[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@fortunecity[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@adlegend[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-digg.hitbox[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@image.masterstats[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@adultdvdmovies[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@adinterax[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.clickmanage[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.adultdvdmovies[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@entrepreneur.us.intellitxt[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-maniatv.hitbox[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@clickbank[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@2o7[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@revsci[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@cgi-bin[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ad1.clickhype[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@kanoodle[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@stats1.clicktracks[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@onlinerewardcenter[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ads.as4x.tmcs[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@tracker.myspacemaps[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.videosdesexe[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@counter6.sextracker[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@stat.onestat[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.adult-pornstar-mall[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@dynamicsexlife[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@CAJ1232C.txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@perfectpornstars[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@artikochef.112.2o7[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@xiti[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ad2.bannerbank[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@zedo[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@targetnet[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@S148329[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@as1.falkag[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@b s.serving-sys[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@tribalfusion[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@maxserving[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@precisionclick[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@doubleclick[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@adknowledge[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@citi.bridgetrack[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@roiservice[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@20423[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@questionmarket[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@tripod[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@admarketplace[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ads.stephensmedia[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@snapfish.112.2o7[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ad.yieldmanager[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-bestbuy.hitbox[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.entrepreneur[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@exitexchange[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@z1.adserver[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@hitbox[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@microsofteup.112.2o7[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@data2.perf.overture[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@imrworldwide[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@mediaplex[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@perf.overture[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@data4.perf.overture[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@network.realmedia[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@entrepreneur[2].txt
swingman13
30 Posts
0
August 30th, 2007 19:00
Scan saved at 1:06:47 PM, on 8/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
C:\Program Files\dvd43\dvd43_tray.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ShowLOMControl]
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"
O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {C946EF6D-296D-4907-A6E1-ED0E8E5AF024} (LycosMail Upload Control) - http://lycosmail.lycos.com/hanmail-ax/AttachMail.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: dlcc_device - - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
End of file - 8992 bytes
swingman13
30 Posts
0
August 30th, 2007 19:00
Message Edited by swingman13 on 08-30-2007 03:03 PM
swingman13
30 Posts
0
August 30th, 2007 19:00
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@screensavers[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@indexstats[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@thatsmyad.112.2o7[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@hypertracker[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@try.screensavers[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@sexlist[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@pro-market[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.nielsenmedia[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@sitestat.mayoclinic[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@offers.cmitracking[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@adserver.conjelco[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@networksolutions.112.2o7[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-lifetimeentertainment.hitbox[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ad2.adnetinteractive[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@yourxxxsites[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@web-stat[3].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@list[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@komtrack[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ad.interepads[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@c5.zedo[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@stats1.reliablestats[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.googleadservices[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@server.iad.liveperson[9].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ad.interclick[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@beersex[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@mediamall.wireless.att[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ad.adocean[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@adultfriendfinder[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@tracking.exclusivenet[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@counter.search[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@media.top-banners[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@toseeka[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@adserver.easyad[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@indextools[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@view.atdmt[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.googleadservices[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@sitestat.mayoclinic[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ads.espn.adsonar[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ads.glispa[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@e-2dj6wjkycgcjgdp.stats.esomniture[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@sec1.liveperson[3].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.webstat[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@sexreactor[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@stats.adbrite[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@mediatraffic[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.entrepreneurenespanol[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@sales.liveperson[5].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-pharmacia.hitbox[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.googleadservices[3].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@gcc-06.googleadservices[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@publishers.clickbooth[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@shortmedia.us.intellitxt[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@sexualkey[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@winantispyware[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@interclick[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@server.iad.liveperson[5].txt
C:\Documents and Settings\Guest\Cookies\guest@112.2o7[2].txt
C:\Documents and Settings\Guest\Cookies\guest@2o7[1].txt
C:\Documents and Settings\Guest\Cookies\guest@ad.xplusone[2].txt
C:\Documents and Settings\Guest\Cookies\guest@ad.yieldmanager[2].txt
C:\Documents and Settings\Guest\Cookies\guest@adopt.euroclick[2].txt
C:\Documents and Settings\Guest\Cookies\guest@ads.as4x.tmcs[2].txt
C:\Documents and Settings\Guest\Cookies\guest@ads.espn.adsonar[1].txt
C:\Documents and Settings\Guest\Cookies\guest@ads.pointroll[2].txt
C:\Documents and Settings\Guest\Cookies\guest@adserving.cpxinteractive[2].txt
C:\Documents and Settings\Guest\Cookies\guest@advertising[2].txt
C:\Documents and Settings\Guest\Cookies\guest@apmebf[1].txt
C:\Documents and Settings\Guest\Cookies\guest@atdmt[2].txt
C:\Documents and Settings\Guest\Cookies\guest@casalemedia[2].txt
C:\Documents and Settings\Guest\Cookies\guest@counter4.sextracker[2].txt
C:\Documents and Settings\Guest\Cookies\guest@counter5.sextracker[1].txt
C:\Documents and Settings\Guest\Cookies\guest@cs.sexcounter[2].txt
C:\Documents and Settings\Guest\Cookies\guest@doubleclick[2].txt
C:\Documents and Settings\Guest\Cookies\guest@edge.ru4[2].txt
C:\Documents and Settings\Guest\Cookies\guest@ehg-dig.hitbox[2].txt
C:\Documents and Settings\Guest\Cookies\guest@fastclick[1].txt
C:\Documents and Settings\Guest\Cookies\guest@hitbox[2].txt
C:\Documents and Settings\Guest\Cookies\guest@image.masterstats[1].txt
C:\Documents and Settings\Guest\Cookies\guest@imrworldwide[2].txt
C:\Documents and Settings\Guest\Cookies\guest@mediaplex[2].txt
C:\Documents and Settings\Guest\Cookies\guest@perf.overture[1].txt
C:\Documents and Settings\Guest\Cookies\guest@precisionclick[2].txt
C:\Documents and Settings\Guest\Cookies\guest@questionmarket[2].txt
C:\Documents and Settings\Guest\Cookies\guest@realmedia[2].txt
C:\Documents and Settings\Guest\Cookies\guest@richmedia.yahoo[1].txt
C:\Documents and Settings\Guest\Cookies\guest@sextracker[1].txt
C:\Documents and Settings\Guest\Cookies\guest@statse.webtrendslive[1].txt
C:\Documents and Settings\Guest\Cookies\guest@trafficmp[1].txt
C:\Documents and Settings\Guest\Cookies\guest@tribalfusion[2].txt
C:\Documents and Settings\Guest\Cookies\guest@www.afterhourteens[1].txt
C:\Documents and Settings\Guest\Cookies\guest@www.bravoteens[1].txt
C:\Documents and Settings\Guest\Cookies\guest@zedo[1].txt
C:\Documents and Settings\Jimmymonti\Local Settings\Temp\Cookies\jimmymonti@a.websponsors[2].txt
C:\Documents and Settings\Jimmymonti\Local Settings\Temp\Cookies\jimmymonti@advertising[1].txt
C:\Documents and Settings\Jimmymonti\Local Settings\Temp\Cookies\jimmymonti@atdmt[2].txt
C:\Documents and Settings\Jimmymonti\Local Settings\Temp\Cookies\jimmymonti@doubleclick[1].txt
C:\Documents and Settings\Jimmymonti\Local Settings\Temp\Cookies\jimmymonti@questionmarket[1].txt
C:\Documents and Settings\Jimmymonti\Local Settings\Temp\Cookies\jimmymonti@servedby.advertising[2].txt
C:\Documents and Settings\Jimmymonti\Local Settings\Temp\Cookies\jimmymonti@zedo[1].txt
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\WILDTANGENT\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{26D2C2C3-CF14-4ED7-B1FC-0BE64AFBA3B3}.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\WILDTANGENT\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{6293BC00-4EB8-4C65-8548-53E2FC3BF937}.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\WILDTANGENT\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{651956B7-1969-42AA-9453-E0B813019D54}.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\WILDTANGENT\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{6B6A7665-DB48-4762-AB5D-BEEB9E1CD7FA}.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\WILDTANGENT\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{989E4C3B-B2C9-4486-9A09-D5A8F953837C}.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\WILDTANGENT\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{C2D8F0E2-6978-4409-8351-BA8785DA11EE}.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\WILDTANGENT\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{D1A6F3FD-7B40-443F-8767-BADB25A0D222}.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\WILDTANGENT\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{E0814F95-5380-4892-B8C8-7FA4B349EF46}.EXE
C:\RECYCLER\S-1-5-21-2442203461-4014105696-2272063204-1005\DC3.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP303\A0029883.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP304\A0029958.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP304\A0029959.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP304\A0029978.EXE
swingman13
30 Posts
0
August 30th, 2007 19:00
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@tracker.wholinked[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@brightcove.112.2o7[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-sportingbet.hitbox[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@media.adrevolver[9].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-globalgamingleague.hitbox[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@click.porngurus[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@blockbuster.112.2o7[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.smartadserver[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@server.iad.liveperson[3].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.adultrental[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@toplist[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ads.pno[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@track.bestbuy[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@proelite.112.2o7[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@nytix.freestats[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@clicksor[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ecnext.advertserve[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-eline.hitbox[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@azoogleads[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ad.doubleclick[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@mytrackerspace[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@105-bmp.googleadservices[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.49media[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@adultswim[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@members.tripod[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@max.queerclick[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@usatoday1.112.2o7[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@media.adrevolver[11].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@media-general[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@media.egotastic[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@tracking.pinnaclesports[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.statspage[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-darden.hitbox[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@realworldseduction.directtrack[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ads.adultswim[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ads.belointeractive[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@tracking.foxnews[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@persianpride14.tripod[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@harpo.122.2o7[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@i.screensavers[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-zoom.hitbox[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-youtube.hitbox[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@masteryoursexlife[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@53320982[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ads.mediamayhemcorp[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@qnsr[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@click.mgg01[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.yourdailymedia[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@web-stat[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ads.gayot[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@server.iad.liveperson[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@valueclick[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@112.2o7[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ad.doubleclick[10].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@media.adrevolver[4].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@media.injectnet[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@server.iad.liveperson[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ad.doubleclick[7].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@audit.median[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@euros4click[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@67.15.239[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@newmediadriver[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-tigerdirect2.hitbox[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@media.adrevolver[3].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ad.uk.tangozebra[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ad.doubleclick[4].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ads.us.e-planning[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@redorbit.us.intellitxt[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@e-2dj6wfliknczglp.stats.esomniture[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@vhost.oddcast[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@3.adbrite[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@click-to-download[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@amaena[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@adultadworld[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@cartoonnetwork.122.2o7[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@view.atdmt[3].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@media.adrevolver[10].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@specificclick[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@media1.break[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ad.doubleclick:emotion-29:.txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ad.doubleclick[11].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.creotrack[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.adtrak[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.screensavers[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@media.fimnetwork[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-playboy.hitbox[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ad.doubleclick[5].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@hotlog[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-parademag.hitbox[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-bmwna.hitbox[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ads.shoutfile[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-veohnetworksinc.hitbox[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ezzs.valueclick[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@counter9.sextracker[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ads.eagleinteractive[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.directnetadvertising[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@viavh1video.112.2o7[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@cf-db01.clickfacts[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@aff.primaryads[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www3.addfreestats[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@consumergain[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ad.zanox[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ad.iconadserver[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@banner.brinkhurst[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@statse.webtrendslive[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ads.movieweb[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@e-2dj6wjnycpczkgo.stats.esomniture[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ad.doubleclick:emotion-14:.txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@track.searchignite[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ad.doubleclick[3].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-wildoats.hitbox[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-twi.hitbox[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-rr.hitbox[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@planetout.122.2o7[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@elitenick[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-legacy.hitbox[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.internetisforporn[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@counter8.sextracker[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@warezlab[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-bskyb.hitbox[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@clickshapers[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@sales.liveperson[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.virginmedia[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@server.iad.liveperson:emotion-29:.txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-findlaw.hitbox[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@media.mtvnservices[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@server.iad.liveperson:emotion-14:.txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@cpvfeed[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@realnetworks.112.2o7[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@viacomedycentralrl.112.2o7[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@rmbannerserver.agestado.com[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@richmedia.yahoo[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.onlineemedia[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ads.adbrite[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@prnewswire.122.2o7[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@partners.webmasterplan[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@view.atdmt[4].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@sexyshare[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@hearstmagazines.112.2o7[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@he.valueclick[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@counter2.sextracker[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.googleadservices[4].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ads.ookla[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@a.websponsors[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@leeenterprises.112.2o7[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@cgm.adbureau[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@lynxtrack[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-y2m.hitbox[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@adserver.dnevnik[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@redirect.clickshield[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@counter.inkfrog[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-hitent.hitbox[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-salemwebnetworks.hitbox[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@www.allrealitypass[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@2.adbrite[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@directtrack[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@CAJPGR5S.txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-foxsports.hitbox[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@v7.stats.load[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ehg-crain.hitbox[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@newmotioninc.112.2o7[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@youporn[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@medianewsgroup[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@click.revenuepilot[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@adserverb.conjelco[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@maxim.122.2o7[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@media.refreshads[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@e-2dj6wjk4cjcpobo.stats.esomniture[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@easy-hit-counters[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@ad.doubleclick[9].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@counter.surfcounters[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@soundtrackcollector[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@adsby.zwoops[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@clicktorrent[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@clicksfeed[2].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@counter7.sextracker[1].txt
C:\Documents and Settings\Jimmymonti\Cookies\jimmymonti@n479ad.doubleclick[1].txt