Logfile of HijackThis v1.99.1
Scan saved at 2:43:49 PM, on 5/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\carpserv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\taskswitch.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\sckkte.exe
C:\Program Files\Common Files\AOL\1139965267\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1139965267\ee\AOLServiceHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Documents and Settings\Sasan\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=192.168.0.1:87
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.0.1;direcwaysupport.com
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: Band Class - {00F1D395-4744-40f0-A611-980F61AE2C59} - C:\WINDOWS\dsr.dll
O2 - BHO: (no name) - {01B5BF6B-E699-4BD7-BEA1-786FA05B83AB} - C:\Program Files\AITwo\AdMediaPlugin.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {33C9C393-6661-07B1-5CA7-57AE79E8BBFE} - C:\WINDOWS\system32\hpngt.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {948A2A6D-CDD8-B35D-A0A1-97CB2B990A9A} - C:\WINDOWS\system32\vmsne.dll
O2 - BHO: BestOffers Shopping BHO - {F5DE8ADB-4A69-4e56-96AB-823171C8E9D8} - C:\Program Files\TBONAS\TBONlchr.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: BestOffers Shopping v1.20 - {7FD44536-9DF0-4034-939F-5BD4D98E3187} - C:\Program Files\TBONAS\TBONlchr.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [30sC] C:\WINDOWS\ookfjq.exe
O4 - HKLM\..\Run: [AITwoUpdater] "C:\Program Files\AIUpdate\AIUpdate.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [Dinst] C:\WINDOWS\dinst.exe
O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1139965267\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [hjqbvl] C:\WINDOWS\system32\sckkte.exe r
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Tsa2] C:\PROGRA~1\COMMON~1\tsa\tsm2.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [PopUpStopperProfessional] "C:\PROGRA~1\PANICW~1\POP-UP~1\POPUPS~1.EXE"
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O20 - AppInit_DLLs: NVDESK32.DLL C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG6 Service (AvgServ) - GRISOFT s.r.o - C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe

BEFORE BEGINNING, Please read completely through the instructions below and download the files from the links provided. You may want to save or print out these instructions for easier reference.

First, download Ewido Security Suite (http://www.ewido.net/en/download/).

Next, download Lavasoft's Ad-Aware (http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10045910.html) and the VX2 Cleaner Plug-in (http://www.lavasoft.de/software/addons/vx2cleaner.shtml). Install Ad-Aware using the default options, then install vx2cleaner_inst.exe, taking all the defaults there as well.

Run Ad-Aware, update to the latest definitions, then click on Add-ons in the lefthand column. Select VX2 Cleaner V2.0 and click Run Tool. Click "OK", then, if something is found, click "Clean" as in the directions given. Click "Close", and exit Ad-Aware.

Reboot your PC and run Ad-Aware again. This time, click on the Start button in Ad-Aware, select "Perform smart system scan" and click Next. Once the scan finishes, click "Next" again. Select all objects found (right click anywhere in the list of found objects and click "Select All Objects"). Click "Next" one more time, then "OK" to confirm the removal.

You will be prompted to set Ad-Aware to run on reboot, click "OK". Exit Ad-Aware and restart your PC once again.

When Ad-Aware starts up, click on "Start", then "Next". Follow the steps above if anything is found, or click "Finish", then exit Ad-Aware.

For a final cleanup, please install and run Ewido.
When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
From the main ewido screen, click on update in the left menu, then click the Start update button.
After the update finishes (the status bar at the bottom will display "Update successful")
Click on the Scanner button in the left menu, then click on Complete System Scan. This scan can take quite a while to run.
If ewido finds anything, it will pop up a notification. We have been finding some cases of false positives with the new version of Ewido, so we need to step through the fixes one-by-one. If Ewido finds something that you KNOW is legitimate (for example, parts of AVG Antivirus, pcAnywhere and the game "Risk" have been flagged), select "none" as the action. DO NOT check "Perform action with all infections". If you are unsure of an entry, select "none" for the time being. I'll see that in the log you will post later and let you know if ewido needs to be run again.
When the scan finishes, click on "Save Report". This will create a text file. Make sure you know where to find this file again.


Please finish up by rebooting your system once more, and posting a new HijackThis log and the log from the Ewido scan.

thank you very much for your help!

here is the new hijackthis log and the ewido report. . .


Logfile of HijackThis v1.99.1
Scan saved at 12:09:19 PM, on 5/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\dajayyf.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\carpserv.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\AOL\1139965267\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1139965267\ee\AOLServiceHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Sasan\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=192.168.0.1:87
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.0.1;direcwaysupport.com
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: Band Class - {00F1D395-4744-40f0-A611-980F61AE2C59} - C:\WINDOWS\dsr.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {33C9C393-6661-07B1-5CA7-57AE79E8BBFE} - C:\WINDOWS\system32\hpngt.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {948A2A6D-CDD8-B35D-A0A1-97CB2B990A9A} - C:\WINDOWS\system32\vmsne.dll (file missing)
O2 - BHO: BestOffers Shopping BHO - {F5DE8ADB-4A69-4e56-96AB-823171C8E9D8} - C:\Program Files\TBONAS\TBONlchr.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: BestOffers Shopping v1.20 - {7FD44536-9DF0-4034-939F-5BD4D98E3187} - C:\Program Files\TBONAS\TBONlchr.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [30sC] C:\WINDOWS\ookfjq.exe
O4 - HKLM\..\Run: [AITwoUpdater] "C:\Program Files\AIUpdate\AIUpdate.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1139965267\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nestozc] C:\WINDOWS\system32\dajayyf.exe r
O4 - HKLM\..\Run: [Dinst] C:\WINDOWS\dinst.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Tsa2] C:\PROGRA~1\COMMON~1\tsa\tsm2.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [PopUpStopperProfessional] "C:\PROGRA~1\PANICW~1\POP-UP~1\POPUPS~1.EXE"
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O20 - AppInit_DLLs: NVDESK32.DLL C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG6 Service (AvgServ) - GRISOFT s.r.o - C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 12:42:20 AM, 5/12/2006
+ Report-Checksum: 6528A040

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{01B5BF6B-E699-4BD7-BEA1-786FA05B83AB} -> Adware.Admedia : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3D782BB3-F2A5-11D3-BF4C-000000000000} -> Adware.ActivShopper : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{7FD44536-9DF0-4034-939F-5BD4D98E3187} -> Adware.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F5DE8ADB-4A69-4e56-96AB-823171C8E9D8} -> Adware.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\YSBactivex.Installer.1 -> Adware.YourSiteBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{7FD44536-9DF0-4034-939F-5BD4D98E3187} -> Adware.Generic : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01B5BF6B-E699-4BD7-BEA1-786FA05B83AB} -> Adware.Admedia : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5DE8ADB-4A69-4e56-96AB-823171C8E9D8} -> Adware.Generic : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bsto-1 -> Adware.BetterInternet : Cleaned with backup
HKLM\SOFTWARE\SearchRelevancy -> Adware.SearchRelevancy : Cleaned with backup
HKLM\SOFTWARE\SearchRelevancy\Update -> Adware.SearchRelevancy : Cleaned with backup
HKLM\SOFTWARE\Windows ServeAd -> Adware.BlazeFind : Cleaned with backup
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\ZepMon -> Adware.BetterInternet : Cleaned with backup
HKU\S-1-5-21-507921405-789336058-725345543-1004\Software\aurora -> Adware.BetterInternet : Cleaned with backup
HKU\S-1-5-21-507921405-789336058-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00F1D395-4744-40F0-A611-980F61AE2C59} -> Adware.DrSearch : Cleaned with backup
HKU\S-1-5-21-507921405-789336058-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01B5BF6B-E699-4BD7-BEA1-786FA05B83AB} -> Adware.Admedia : Cleaned with backup
HKU\S-1-5-21-507921405-789336058-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FD44536-9DF0-4034-939F-5BD4D98E3187} -> Adware.Generic : Cleaned with backup
HKU\S-1-5-21-507921405-789336058-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F5DE8ADB-4A69-4E56-96AB-823171C8E9D8} -> Adware.Generic : Cleaned with backup
[1392] C:\WINDOWS\system32\DrPMon.dll -> Trojan.Agent.db : Cleaned with backup
[2496] C:\WINDOWS\system32\vcvuld.exe -> Trojan.Agent.ay : Cleaned with backup
[172] C:\Program Files\AITwo\AdMediaPlugin.dll -> Adware.Apropos : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\14jjdy72.sasan\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup
:mozilla.129:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.130:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.135:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.137:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.151:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.152:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.221:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.225:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.226:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.227:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.228:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.240:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.241:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.242:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.243:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.255:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.256:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.257:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.260:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.261:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.262:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.263:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.264:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.265:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.269:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.278:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.288:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.289:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.290:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.291:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.292:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\irzinld3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.109:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.119:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.126:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.128:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.129:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.130:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.133:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.134:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.135:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.137:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.146:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.151:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.152:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.153:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.154:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.155:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.156:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.158:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.159:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.160:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.161:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.162:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.163:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.166:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.167:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.175:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.182:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.184:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.200:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.201:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.202:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.208:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.211:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.212:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.213:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.221:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.231:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.232:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.235:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.236:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.237:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.252:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.253:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.254:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.255:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.256:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.257:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.262:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.263:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.280:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.283:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.284:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.285:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.286:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.287:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.288:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.290:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.310:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Masterstats : Cleaned with backup
:mozilla.311:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Ivwbox : Cleaned with backup
:mozilla.316:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.320:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.321:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.322:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.323:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.357:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.374:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.378:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.379:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.380:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.395:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.396:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.397:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.398:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.399:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.401:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.402:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.406:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup
:mozilla.423:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.424:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.425:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.434:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.435:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.444:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.445:C:\Documents and Settings\Sasan\Application

Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.459:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.460:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.463:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.464:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.484:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.485:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.486:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.487:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.514:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.519:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.524:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup
:mozilla.592:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.593:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.601:C:\Documents and Settings\Sasan\Application Data\Mozilla\Firefox\Profiles\yn2cgjjb.fwe\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@abetterinternet[2].txt -> TrackingCookie.Abetterinternet : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@adorigin[2].txt -> TrackingCookie.Adorigin : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@ads.euniverseads[1].txt -> TrackingCookie.Euniverseads : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@bestoffersnetworks[2].txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@cliks[2].txt -> TrackingCookie.Cliks : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@com[2].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@data1.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@data3.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@h.starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@pch.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@www.ysbweb[2].txt -> TrackingCookie.Ysbweb : Cleaned with backup
C:\Documents and Settings\Sasan\Cookies\sasan@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Sasan\Desktop\hijackthis\backups\backup-20060509-144735-956.dll -> Adware.ActivShopper : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\!update.exe -> Downloader.PurityScan.be : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\AEW\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\AGE\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\APE\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\APY\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\ATU\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\BGV\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\BIO\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\CBM\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\CDF\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\CDW\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\CKE\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\CMO\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\COW\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\CXQ\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\DDH\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\DDJ\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\DHX\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\DJA\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\DJY\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\EHZ\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\EJU\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\ELT\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\ELX\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\EWG\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\EWZ\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\FAC\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\FRM\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\GLF41GLF41.EXE -> Downloader.TSUpdate.f : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\GRB\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\GXS\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\HKR\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\HMK\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\HXM\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\HXO\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\IBV\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\IDF\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\IHM\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\ISF\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\JAA\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\JHD\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\JHQ\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\JHX\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\JND\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\JUL\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\JWX\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\KEH\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\KEU\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\KLR\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\KLT\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\KPR\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\KRX\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\LIS\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\MMO\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\MOW\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\MXD\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\MXF\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\NDU\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\NOF\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\NQC\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\NSQ\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\OLG\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\OSM\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\OUY\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\OYU\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\QCM\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\QIQ\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\QPY\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\QRO\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\RXB\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\SDQ\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\SQC\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\SQI\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\targetsaver.exe -> Downloader.TSUpdate.f : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\temp.frCB36 -> Downloader.Apropo.g : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\temp.frEC05 -> Adware.WinAD : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\THZ\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\tsinstall_4_0_3_7.exe -> Downloader.TSUpdate.i : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\TSO\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\TYH\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\UAN\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\UJH\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\UYS\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\VGG\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\VGX\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\VPY\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\WKC\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\WKP\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\WMM\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\WTS\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\WVG\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\WVP\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\WXF\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\WXM\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\WZA\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\XBX\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\XQV\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\XSZ\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\YDF\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\YFN\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\YFP\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\YQE\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\YSB\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\YSS\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\ZJU\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\ZLG\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Local Settings\Temp\ZLX\aurareco.exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Sasan\Shared\Ulead Gif Animator 4.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
:mozilla.6:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.8:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.9:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.126:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.128:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.129:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.130:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.133:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.134:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.168:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.169:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.172:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.209:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup
:mozilla.214:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.215:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.216:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.245:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.248:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.249:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.250:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.251:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.252:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.253:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.267:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.268:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.277:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.282:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.286:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.293:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.294:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.308:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.310:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.311:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.330:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup
:mozilla.331:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup
:mozilla.338:C:\Documents and Settings\Shahab\Application Data\Mozilla\Firefox\Profiles\oxrvq6tc.default\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
C:\Documents and Settings\Shahab\Cookies\shahab@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Shahab\Cookies\shahab@abetterinternet[2].txt -> TrackingCookie.Abetterinternet : Cleaned with backup
C:\Documents and Settings\Shahab\Cookies\shahab@ad.doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Shahab\Cookies\shahab@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Shahab\Cookies\shahab@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Shahab\Cookies\shahab@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Shahab\Cookies\shahab@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Shahab\Cookies\shahab@bestoffersnetworks[2].txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup
C:\Documents and Settings\Shahab\Cookies\shahab@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Shahab\Cookies\shahab@cliks[2].txt -> TrackingCookie.Cliks : Cleaned with backup
C:\Documents and Settings\Shahab\Cookies\shahab@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\Shahab\Cookies\shahab@ehg-pcsecurityshield.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Shahab\Cookies\shahab@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Shahab\Cookies\shahab@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Shahab\Cookies\shahab@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Shahab\Local Settings\Temporary Internet Files\Content.IE5\GE79P4OR\!update-3195[1].0000 -> Downloader.PurityScan.be : Cleaned with backup
C:\Documents and Settings\Shahab\Local Settings\Temporary Internet Files\Content.IE5\MLILCV21\!update-3100[1].0000 -> Downloader.PurityScan.be : Cleaned with backup
C:\Documents and Settings\Shahab\Local Settings\Temporary Internet Files\Content.IE5\MLILCV21\!update-3615[1].0000 -> Downloader.PurityScan.cb : Cleaned with backup
C:\Program Files\AITwo\AdMediaPlugin.dll -> Adware.Apropos : Cleaned with backup
C:\Program Files\AITwo\plg0\admediaplugin.dll -> Adware.Apropos : Cleaned with backup
C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Adware.Aws : Cleaned with backup
C:\Program Files\TBONAS\TBONcomp.dll -> Adware.ActivShopper : Cleaned with backup
C:\Program Files\TBONAS\TBONlchr.dll -> Adware.ActivShopper : Cleaned with backup
C:\Program Files\Windows ServeAd\WinAtServ.dll -> Adware.WinAD : Cleaned with backup
C:\Program Files\Windows ServeAd\WinServSuit.exe -> Adware.WinAD : Cleaned with backup
C:\Program Files\winupdates\a.zip/Setup.exe -> Worm.VB.an : Error during cleaning
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP478\A0033023.dll -> Adware.PurityScan : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP480\A0033044.dll -> Adware.PurityScan : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP482\A0033081.dll -> Adware.PurityScan : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP482\A0033082.dll -> Adware.PurityScan : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP482\A0033224.dll -> Adware.PurityScan : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP494\A0036064.dll -> Adware.PurityScan : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP498\A0036233.dll -> Adware.PurityScan : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP501\A0036542.dll -> Adware.PurityScan : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP508\A0037906.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP508\A0037912.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP510\A0037967.exe -> Adware.Bestofer : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP510\A0037972.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP510\A0037974.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP510\A0037981.exe -> Trojan.Stervis.e : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP513\A0038181.exe -> Adware.Bestofer : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP513\A0038188.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP513\A0038189.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP513\A0038199.exe -> Trojan.Stervis.e : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP513\A0038201.exe -> Adware.BetterInternet : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP536\A0038698.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP536\A0038699.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP536\A0038700.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP536\A0038900.exe -> Adware.Bestofer : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP536\A0038936.exe -> Adware.BetterInternet : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP544\A0039006.exe -> Downloader.PurityScan.cb : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP544\A0039013.exe -> Adware.PurityScan : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP547\A0039033.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP547\A0039043.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP547\A0039044.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP547\A0039045.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP547\A0039049.exe -> Trojan.Stervis.e : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP547\A0039051.exe -> Adware.BetterInternet : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP548\A0039057.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP549\A0039081.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP549\A0039082.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP549\A0039086.exe -> Adware.BetterInternet : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP549\A0039099.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP549\A0039108.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP551\A0040108.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP553\A0040147.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP553\A0040148.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP553\A0040181.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP554\A0040197.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP554\A0040198.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP554\A0040236.exe -> Trojan.Stervis.e : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP556\A0040342.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP556\A0040343.exe -> Trojan.Imiserv.c : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP556\A0040351.exe -> Adware.BetterInternet : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP563\A0040460.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP563\A0040469.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP563\A0040478.exe -> Trojan.Stervis.e : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP563\A0040482.exe -> Adware.PurityScan : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP563\A0040489.exe -> Adware.BetterInternet : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP564\A0040503.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP564\A0040506.exe -> Trojan.Stervis.e : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP564\A0040510.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP564\A0040512.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP564\A0040513.exe -> Trojan.Agent.ay : Cleaned with backup
C:\System Volume Information\_restore{1FA80ACC-647B-4807-B1DC-65932B6875F5}\RP565\A0040602.dll -> Adware.ImiBar : Cleaned with backup
C:\WINDOWS\dinst.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\WinServAdX.dll -> Adware.WinAD : Cleaned with backup
C:\WINDOWS\Nail.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\svcproc.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\system32\70tovmto.ini -> Adware.Sahat : Cleaned with backup
C:\WINDOWS\system32\DrPMon.dll -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\system32\vcvuld.exe -> Trojan.Agent.ay : Cleaned with backup
C:\WINDOWS\system32\vmsne.dll -> Adware.PurityScan : Cleaned with backup

::Report End

You will have to try this instead as that did not appear to remove the infection as expected.

You may want to print or save these instructions locally before starting.

Download CCleaner (http://www.ccleaner.com/ccdownload.asp) and install, but do not run it yet.

Please download the Nailfix utility (http://www.noidea.us/easyfile/file.php?download=20050711214630636).
DO NOT run it yet.

Reboot into Safe Mode. To do this with Windows XP, you can follow these steps from Microsoft (http://support.microsoft.com/default.aspx?kbid=315222):

Restart your computer and start pressing the F8 key on your keyboard. On a computer that is configured for booting to multiple operating systems, you can press the F8 key when you the Boot Menu appears.
Select an option when the Windows Advanced Options menu appears, and then press ENTER.
When the Boot menu appears again, and the words "Safe Mode" appear in blue at the bottom, select the installation that you want to start, and then press ENTER.


Once in Safe Mode, please double-click on nailfix.exe. Click "Next" in the setup, then make sure "Run Nailfix" is checked and click "Finish". Your desktop and icons will disappear and reappear, and a window should open and close very quickly --- this is normal.

Next, run Ewido again.

Click on the Scanner button in the left menu, then click on Complete System Scan. This scan can take quite a while to run.
If ewido finds anything, it will pop up a notification. We have been finding some cases of false positives with the new version of Ewido, so we need to step through the fixes one-by-one. If Ewido finds something that you KNOW is legitimate (for example, parts of AVG Antivirus, pcAnywhere and the game "Risk" have been flagged), select "none" as the action. DO NOT check "Perform action with all infections". If you are unsure of an entry, select "none" for the time being. I'll see that in the log you will post later and let you know if ewido needs to be run again.
When the scan finishes, click on "Save Report". This will create a text file. Make sure you know where to find this file again.



Then run HijackThis, click Scan, and place a checkmark by the following item:

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe


Close all open windows except for HijackThis and click Fix Checked.


Now, run CCleaner.

Uncheck "Cookies" under "Internet Explorer".
Click on Run Cleaner in the lower right-hand corner. This can take quite a while to run.

Finally, restart your computer in normal mode and please post a new HijackThis log, as well as the log from the Ewido scan.

ok here they are


Logfile of HijackThis v1.99.1
Scan saved at 2:32:14 PM, on 5/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\pspvideo9\pspVideo9.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\PANICW~1\POP-UP~1\POPUPS~1.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Common Files\AOL\1139965267\ee\AOLHostManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\AOL\1139965267\ee\AOLServiceHost.exe
C:\Program Files\Common Files\AOL\1139965267\ee\AOLServiceHost.exe
C:\Documents and Settings\Sasan\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=192.168.0.1:87
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.0.1;direcwaysupport.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {33C9C393-6661-07B1-5CA7-57AE79E8BBFE} - C:\WINDOWS\system32\hpngt.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {948A2A6D-CDD8-B35D-A0A1-97CB2B990A9A} - C:\WINDOWS\system32\vmsne.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [30sC] C:\WINDOWS\ookfjq.exe
O4 - HKLM\..\Run: [AITwoUpdater] "C:\Program Files\AIUpdate\AIUpdate.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1139965267\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Dinst] C:\WINDOWS\dinst.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Tsa2] C:\PROGRA~1\COMMON~1\tsa\tsm2.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [PopUpStopperProfessional] "C:\PROGRA~1\PANICW~1\POP-UP~1\POPUPS~1.EXE"
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O20 - AppInit_DLLs: NVDESK32.DLL C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG6 Service (AvgServ) - GRISOFT s.r.o - C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 1:41:42 PM, 5/13/2006
+ Report-Checksum: FBAA68EF

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{00F1D395-4744-40f0-A611-980F61AE2C59} -> Adware.DrSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3D782BB3-F2A5-11D3-BF4C-000000000000} -> Adware.ActivShopper : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{7FD44536-9DF0-4034-939F-5BD4D98E3187} -> Adware.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F5DE8ADB-4A69-4e56-96AB-823171C8E9D8} -> Adware.Generic : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{7FD44536-9DF0-4034-939F-5BD4D98E3187} -> Adware.Generic : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00F1D395-4744-40f0-A611-980F61AE2C59} -> Adware.DrSearch : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5DE8ADB-4A69-4e56-96AB-823171C8E9D8} -> Adware.Generic : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bsto-1 -> Adware.BetterInternet : Cleaned with backup
HKU\S-1-5-21-507921405-789336058-725345543-500\Software\aurora -> Adware.BetterInternet : Cleaned with backup
[1568] C:\WINDOWS\system32\czyaov.exe -> Trojan.Agent.ay : Cleaned with backup
C:\Program Files\TBONAS\TBONcomp.dll -> Adware.ActivShopper : Cleaned with backup
C:\Program Files\TBONAS\TBONlchr.dll -> Adware.ActivShopper : Cleaned with backup
C:\Program Files\winupdates\a.zip/Setup.exe -> Worm.VB.an : Error during cleaning
C:\WINDOWS\dsr.dll -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\dsr.exe -> Trojan.Imiserv.c : Cleaned with backup
C:\WINDOWS\system32\czyaov.exe -> Trojan.Agent.ay : Cleaned with backup


::Report End

Can you please do the following.

===============

Go to Add/Remove programs and remove(uninstall) the following, if present:

TSA

The above could appear anywhere within the entry. Be careful not to remove any personal or system software.

===============

Scan with HiJackThis, then check(tick) the following, if present:


R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=

O2 - BHO: (no name) - {33C9C393-6661-07B1-5CA7-57AE79E8BBFE} - C:\WINDOWS\system32\hpngt.dll (file missing)
O2 - BHO: (no name) - {948A2A6D-CDD8-B35D-A0A1-97CB2B990A9A} - C:\WINDOWS\system32\vmsne.dll (file missing)

O4 - HKLM\..\Run: [30sC] C:\WINDOWS\ookfjq.exe
O4 - HKLM\..\Run: [Dinst] C:\WINDOWS\dinst.exe
O4 - HKCU\..\Run: [Tsa2] C:\PROGRA~1\COMMON~1\tsa\tsm2.exe


Now, close all instances of Internet Explorer and any other windows you have open except HiJackThis, click "Fix checked".

===============

Locate and delete the following item(s), if present. Make sure you are able to view system and hidden files/ folders: (http://www.xtra.co.nz/help/0,,4155-1916458,00.html)

folders...

C:\PROGRA~1\COMMON~1\tsa

files...

C:\WINDOWS\ookfjq.exe
C:\WINDOWS\dinst.exe

-

Note that some of these file(s)/folder(s) may or may not be present. If present, and cannot be deleted because they're 'in use', try deleting them in "Safe Mode (http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406?OpenDocument&src=sec_doc_nam)".

-

Reboot.

===============

After rebooting, rescan with hijackthis and post back a new log. Please let me know how your pc is now.

thank you so much, the computer feels so much better, smoother, and faster!!!

im having a problem uninstalling this program called AVG 6.0 Anti-virus-FREE edition

when i click change/remove in the the add/remove windo it gives me an error.

it says:

"C:\WINDOWS\system32\AUTOEXEC.NT. The system file is not suitable for running MS-DOS and Microsoft Windows applications. Choose 'Close' to terminate the application."


there must be a way to get rid of this broken demo program AVG 6.0 Anti-virus-FREE edition



other then that, i think the computer is doing so much better!!!


heres my log

Logfile of HijackThis v1.99.1
Scan saved at 1:07:01 AM, on 5/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\WINDOWS\system32\carpserv.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\AOL\1139965267\ee\AOLHostManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\AOL\1139965267\ee\AOLServiceHost.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Common Files\AOL\1139965267\ee\AOLServiceHost.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Documents and Settings\Sasan\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=192.168.0.1:87
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.0.1;direcwaysupport.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [AITwoUpdater] "C:\Program Files\AIUpdate\AIUpdate.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1139965267\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O20 - AppInit_DLLs: NVDESK32.DLL C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG6 Service (AvgServ) - GRISOFT s.r.o - C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe

thank you so much, the computer feels so much better, smoother, and faster!!!

im having a problem uninstalling this program called AVG 6.0 Anti-virus-FREE edition

when i click change/remove in the the add/remove windo it gives me an error.

it says:

"C:\WINDOWS\system32\AUTOEXEC.NT. The system file is not suitable for running MS-DOS and Microsoft Windows applications. Choose 'Close' to terminate the application."
Try the fix from MS and see if that helps; http://support.microsoft.com/default.aspx?scid=kb;en-us;324767

==

Scan with HiJackThis, then check(tick) the following, if present:


R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)


Now, close all instances of Internet Explorer and any other windows you have open except HiJackThis, click "Fix checked".

Congratulations! Your log looks clean - good work!

===============

Now that your PC is clean you need to follow these easy steps to keeping it this way:

Secure your Internet Explorer by going here (http://bshagnasty.home.att.net/browsersettings.htm) and following the instructions there.

Better yet, use an alternative browser! Download FireFox (http://www.mozilla.org/products/firefox/) and give it a run. It is far more secure than Internet Explorer. Or, you can get Opera (http://www.opera.com/download/) which in my opinion, is better still.

Use a firewall to help prevent your PC's control being usurped by undesireables. There is a link to a good, free firewall in my signature.

Install and keep updated, Ewido anti-malware, (http://www.majorgeeks.com/Ewido_security_suite_d4677.html) Ad-Aware SE (http://www.lavasoftusa.com/software/adaware/) and Spybot S&D. (http://www.computercops.biz/zx/phoenix22/spybotsd13.zip)
Run them both on a regular basis, following the manufacturer's recommendations.

Install an anti-virus. There are some good, free AV's available today. Make sure that it is updated regularly and have it scan your system often.

Check for Windows Updates. (http://windowsupdate.microsoft.com/) Microsoft regularly post updates for your systems safe running. Make sure to take advantage of this. Reboot when installed and return to make sure there are no others.


Clear your Temp folders.
Clear out your Temporary internet files and other temp files.
Go to Start > Settings > Control Panel >Internet Options.
Under the General tab click the Delete temporary internet files,
delete all Offline content as well. Clear out Cookies.

Also, go to Start > Find/search > Files or folders > in the named box, type: *.tmp and choose Edit > select all -> File > delete.

Empty/delete the entire contents of the C:\Windows\temp folder and C:\temp folder, if you have one. (Contents but not the folder itself.)

C:\Documents and Settings\username\Local Settings\Temp\

In order to view these files you may have to select 'show hidden files/folders.' Instructions on how to here. (http://www.xtra.co.nz/help/0,,4155-1916458,00.html)

Empty the Recycle Bin.

For XP users.
After something like this it is a good idea to Flush the Restore Points and start fresh.
To flush the XP system Restore Points.

Go to Start>Run and type msconfig. Press enter.

When msconfig opens, click the Launch System Restore Button.
On the next page, click the System Restore Settings link on the left.

Check the box labelled 'Turn off System restore'.

Reboot. Go back in and Turn System Restore Back on. A new Restore Point will be created.

Note that all previous restore points will be lost.

===============

If you have any more problems, post back.

-

Happy surfing,

crunchie.