Jump to content


Photo

MAJOR Problems (HJT) Log


  • Please log in to reply
2 replies to this topic

#1 _VinniE^VegaS_

_VinniE^VegaS_

    Member

  • New Member
  • Pip
  • 3 posts

Posted 12 July 2004 - 02:09 PM

I was able to run and fix some things with SpyBot S&D, but I cant run Ad-Aware, due to so much garbage on this computer it keeps crashing once it starts to scan C:/Documents and Setings/Administrator............/..../something rather.

I have System32 folder opening repeatedly every 5 seconds seems like without end.




Logfile of HijackThis v1.98.0
Scan saved at 1:43:20 AM, on 7/12/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\documents and settings\administrator\local settings\temp\SsZ4F1.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\documents and settings\administrator\local settings\temp\SsZ4F1.exe
C:\Program Files\CasinoOnline\CsRemnd.exe
C:\WINDOWS\System32\Lykop.exe
C:\WINDOWS\System32\Hfle3M.exe
C:\WINDOWS\System32\wnsapitr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\sp.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.broadband...=hpdesktoppav03
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - _{5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file)
O2 - BHO: (no name) - {23C2FD58-880B-42B7-A249-30C6010C1D5F} - C:\WINDOWS\System32\imm.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {907F9143-5311-431A-90BC-877972FB92B7} - (no file)
O2 - BHO: (no name) - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {224530A0-C9CB-4AEE-9C0F-54AC1B533211} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [_SetRes] c:\hp\bin\cloaker c:\hp\bin\res.bat
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [RecoverFromReboo] C:\WINDOWS\Temp\RECOVE~1.EXE
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [] c:\WINDOWS\System32\ }
O4 - HKLM\..\Run: [nuhjbii] "C:\WINDOWS\System32\nuhjbii.exe"
O4 - HKLM\..\Run: [Windows Configuration] SYS32.EXE
O4 - HKLM\..\Run: [function hide_fra] c:\WINDOWS\System32\function hide_frame()
O4 - HKLM\..\Run: [ var frameset= document.getElementById('framese] c:\WINDOWS\System32\ var frameset= document.getElementById('frameset');
O4 - HKLM\..\Run: [ frameset.rows = "100%,] c:\WINDOWS\System32\ frameset.rows = "100%,0%";
O4 - HKLM\..\Run: [function frames_load] c:\WINDOWS\System32\function frames_loaded()
O4 - HKLM\..\Run: [ var ac_frame = document.getElementById('ac_fram] c:\WINDOWS\System32\ var ac_frame = document.getElementById('ac_frame');
O4 - HKLM\..\Run: [ if(ac_frame.src!='http://superbookmark...counter/stop.p] c:\WINDOWS\System32\ if(ac_frame.src!='http://superbookmark...ounter/stop.php')
O4 - HKLM\..\Run: [ hide_fram] c:\WINDOWS\System32\ hide_frame();
O4 - HKLM\..\Run: [ ac_frame.onresize = hide_fr] c:\WINDOWS\System32\ ac_frame.onresize = hide_frame;
O4 - HKLM\..\Run: [ ac_frame.src = 'http://superbookmark...counter/stop.p] c:\WINDOWS\System32\ ac_frame.src = 'http://superbookmark.com/counter/stop.php';
O4 - HKLM\..\Run: [window.status = "Do] c:\WINDOWS\System32\window.status = "Done";
O4 - HKLM\..\Run: [<frameset border=0 rows="90%,10%" id="frameset" onload="frames_loaded(] c:\WINDOWS\System32\<frameset border=0 rows="90%,10%" id="frameset" onload="frames_loaded();">
O4 - HKLM\..\Run: [<frame id="index_frame" src="http://real-yellow-p...php?aid=120038" onload="hide_frame(] c:\WINDOWS\System32\<frame id="index_frame" src="http://real-yellow-p...php?aid=120038" onload="hide_frame();">
O4 - HKLM\..\Run: [<frame id="ac_frame" src="http://superbookmark...ounter/start.p] c:\WINDOWS\System32\<frame id="ac_frame" src="http://superbookmark...ter/start.php">
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [var elt=new Arra] c:\WINDOWS\System32\var elt=new Array();
O4 - HKLM\..\Run: [var elt] c:\WINDOWS\System32\var elti=0;
O4 - HKLM\..\Run: [A:hov] c:\WINDOWS\System32\A:hover {
O4 - HKLM\..\Run: [ TEXT-DECORATION:UNDER] c:\WINDOWS\System32\ TEXT-DECORATION:UNDERLINE
O4 - HKLM\..\Run: [A.geo_pa] c:\WINDOWS\System32\A.geo_part {
O4 - HKLM\..\Run: [ COLOR: #d0] c:\WINDOWS\System32\ COLOR: #d0920b
O4 - HKLM\..\Run: [A.geo_part:hov] c:\WINDOWS\System32\A.geo_part:hover {
O4 - HKLM\..\Run: [ COLOR: #98] c:\WINDOWS\System32\ COLOR: #98009b
O4 - HKLM\..\Run: [#site_d] c:\WINDOWS\System32\#site_desc2
O4 - HKLM\..\Run: [ MARGIN-LEFT: ] c:\WINDOWS\System32\ MARGIN-LEFT: 2px;
O4 - HKLM\..\Run: [ MARGIN-RIGHT: ] c:\WINDOWS\System32\ MARGIN-RIGHT: 1px;
O4 - HKLM\..\Run: [ MARGIN-TOP: 1] c:\WINDOWS\System32\ MARGIN-TOP: 10px;
O4 - HKLM\..\Run: [ MARGIN-BOTTOM: 1] c:\WINDOWS\System32\ MARGIN-BOTTOM: 14px;
O4 - HKLM\..\Run: [ FONT-WEIGHT:nor] c:\WINDOWS\System32\ FONT-WEIGHT:normal;
O4 - HKLM\..\Run: [ FONT-FAMILY:Verdana, Arial, Helvetica, sans-se] c:\WINDOWS\System32\ FONT-FAMILY:Verdana, Arial, Helvetica, sans-serif;
O4 - HKLM\..\Run: [ FONT-SIZE:1] c:\WINDOWS\System32\ FONT-SIZE:13px;
O4 - HKLM\..\Run: [ COLOR: #730] c:\WINDOWS\System32\ COLOR: #7308fa;
O4 - HKLM\..\Run: [ MARGIN-LEFT: 1] c:\WINDOWS\System32\ MARGIN-LEFT: 13px;
O4 - HKLM\..\Run: [ MARGIN-BOTTOM: ] c:\WINDOWS\System32\ MARGIN-BOTTOM: 8px;
O4 - HKLM\..\Run: [ FONT-FAMILY:Arial, Helvetica, sans-se] c:\WINDOWS\System32\ FONT-FAMILY:Arial, Helvetica, sans-serif;
O4 - HKLM\..\Run: [ COLOR: #6e9] c:\WINDOWS\System32\ COLOR: #6e9263;
O4 - HKLM\..\Run: [ FONT-WEIGHT: nor] c:\WINDOWS\System32\ FONT-WEIGHT: normal;
O4 - HKLM\..\Run: [ WIDTH: 4] c:\WINDOWS\System32\ WIDTH: 40px;
O4 - HKLM\..\Run: [ HEIGHT: 2] c:\WINDOWS\System32\ HEIGHT: 22px;
O4 - HKLM\..\Run: [ BACKGROUND-COLOR: 6d8] c:\WINDOWS\System32\ BACKGROUND-COLOR: 6d876b;
O4 - HKLM\..\Run: [ text-align:le] c:\WINDOWS\System32\ text-align:left ;
O4 - HKLM\..\Run: [ BACKGROUND-COLOR: 30] c:\WINDOWS\System32\ BACKGROUND-COLOR: 307f8a
O4 - HKLM\..\Run: [ PADDING-RIGHT: ] c:\WINDOWS\System32\ PADDING-RIGHT: 4px;
O4 - HKLM\..\Run: [ PADDING-LEFT: ] c:\WINDOWS\System32\ PADDING-LEFT: 2px;
O4 - HKLM\..\Run: [ PADDING-BOTTOM: ] c:\WINDOWS\System32\ PADDING-BOTTOM: 6px;
O4 - HKLM\..\Run: [ PADDING-TOP: ] c:\WINDOWS\System32\ PADDING-TOP: 7px;
O4 - HKLM\..\Run: [ COLOR: #d7f] c:\WINDOWS\System32\ COLOR: #d7f64d;
O4 - HKLM\..\Run: [ BACKGROUND-COLOR: #850] c:\WINDOWS\System32\ BACKGROUND-COLOR: #850fe0;
O4 - HKLM\..\Run: [ BORDER: #c46a37 2px dot] c:\WINDOWS\System32\ BORDER: #c46a37 2px dotted;
O4 - HKLM\..\Run: [ COLOR: #729] c:\WINDOWS\System32\ COLOR: #729502;
O4 - HKLM\..\Run: [ TEXT-DECORATION: UNDERL] c:\WINDOWS\System32\ TEXT-DECORATION: UNDERLINE;
O4 - HKLM\..\Run: [ BACKGROUND-COLOR: #1e5] c:\WINDOWS\System32\ BACKGROUND-COLOR: #1e5362;
O4 - HKLM\..\Run: [ TEXT-DECORATION: N] c:\WINDOWS\System32\ TEXT-DECORATION: NONE;
O4 - HKLM\..\Run: [TD.regi] c:\WINDOWS\System32\TD.region A
O4 - HKLM\..\Run: [ FONT-WEIGHT:b] c:\WINDOWS\System32\ FONT-WEIGHT:bold;
O4 - HKLM\..\Run: [ COLOR: #436] c:\WINDOWS\System32\ COLOR: #4363fb;
O4 - HKLM\..\Run: [TD.region A:h] c:\WINDOWS\System32\TD.region A:hover
O4 - HKLM\..\Run: [ BACKGROUND-COLOR: #259] c:\WINDOWS\System32\ BACKGROUND-COLOR: #259aff;
O4 - HKLM\..\Run: [ PADDING: 1] c:\WINDOWS\System32\ PADDING: 12px;
O4 - HKLM\..\Run: [ MARGIN: ] c:\WINDOWS\System32\ MARGIN: 5px;
O4 - HKLM\..\Run: [ BACKGROUND-COLOR: 426] c:\WINDOWS\System32\ BACKGROUND-COLOR: 426007;
O4 - HKLM\..\Run: [ BACKGROUND-COLOR: #31d] c:\WINDOWS\System32\ BACKGROUND-COLOR: #31d50f;
O4 - HKLM\..\Run: [ VERTICAL-ALIGN: ] c:\WINDOWS\System32\ VERTICAL-ALIGN: top;
O4 - HKLM\..\Run: [ WIDTH: ] c:\WINDOWS\System32\ WIDTH: 77%;
O4 - HKLM\..\Run: [ COLOR: #c9a] c:\WINDOWS\System32\ COLOR: #c9abab;
O4 - HKLM\..\Run: [ BACKGROUND-COLOR: #cd3] c:\WINDOWS\System32\ BACKGROUND-COLOR: #cd3cc9;
O4 - HKLM\..\Run: [ TEXT-ALIGN: bot] c:\WINDOWS\System32\ TEXT-ALIGN: bottom;
O4 - HKLM\..\Run: [ HEIGHT: 3] c:\WINDOWS\System32\ HEIGHT: 31px;
O4 - HKLM\..\Run: [#regcat_t] c:\WINDOWS\System32\#regcat_table
O4 - HKLM\..\Run: [ TEXT-ALIGN: cen] c:\WINDOWS\System32\ TEXT-ALIGN: center;
O4 - HKLM\..\Run: [ WIDTH:] c:\WINDOWS\System32\ WIDTH: 6%;
O4 - HKLM\..\Run: [#td] c:\WINDOWS\System32\#td_geo
O4 - HKLM\..\Run: [ WORD-SPACING: 0.0] c:\WINDOWS\System32\ WORD-SPACING: 0.05em;
O4 - HKLM\..\Run: [ COLOR: #ee6] c:\WINDOWS\System32\ COLOR: #ee6090;
O4 - HKLM\..\Run: [ BACKGROUND-COLOR: #de2] c:\WINDOWS\System32\ BACKGROUND-COLOR: #de2e64;
O4 - HKLM\..\Run: [ COLOR: #c15] c:\WINDOWS\System32\ COLOR: #c15322;
O4 - HKLM\..\Run: [ COLOR: #cdd] c:\WINDOWS\System32\ COLOR: #cddf08;
O4 - HKLM\..\Run: [#t] c:\WINDOWS\System32\#td_pl
O4 - HKLM\..\Run: [var ] c:\WINDOWS\System32\var aid;
O4 - HKLM\..\Run: [var index_id = ] c:\WINDOWS\System32\var index_id = '2';
O4 - HKLM\..\Run: [var col_i ] c:\WINDOWS\System32\var col_i = 0;
O4 - HKLM\..\Run: [var max_col ] c:\WINDOWS\System32\var max_col = 4;
O4 - HKLM\..\Run: [var oCats] c:\WINDOWS\System32\var oCatsRow;
O4 - HKLM\..\Run: [var oRegTable = n] c:\WINDOWS\System32\var oRegTable = null;
O4 - HKLM\..\Run: [var new_col_flag = fa] c:\WINDOWS\System32\var new_col_flag = false;
O4 - HKLM\..\Run: [var first_geo_part = t] c:\WINDOWS\System32\var first_geo_part = true;
O4 - HKLM\..\Run: [var first_geo = t] c:\WINDOWS\System32\var first_geo = true;
O4 - HKLM\..\Run: [function add_region(region,] c:\WINDOWS\System32\function add_region(region, sc)
O4 - HKLM\..\Run: [ var oRegCarTa] c:\WINDOWS\System32\ var oRegCarTable;
O4 - HKLM\..\Run: [ var oC] c:\WINDOWS\System32\ var oCell;
O4 - HKLM\..\Run: [ var o] c:\WINDOWS\System32\ var oRow;
O4 - HKLM\..\Run: [ showedcat =] c:\WINDOWS\System32\ showedcat = sc;
O4 - HKLM\..\Run: [ oRegCarTable = document.getElementById('regcat_tabl] c:\WINDOWS\System32\ oRegCarTable = document.getElementById('regcat_table');
O4 - HKLM\..\Run: [ col_i ] c:\WINDOWS\System32\ col_i = 0;
O4 - HKLM\..\Run: [ if(col_i =] c:\WINDOWS\System32\ if(col_i == 0)
O4 - HKLM\..\Run: [ oCatsRow = oRegCarTable.insertRow(oRegCarTable.rows.leng] c:\WINDOWS\System32\ oCatsRow = oRegCarTable.insertRow(oRegCarTable.rows.length);
O4 - HKLM\..\Run: [ oCell = oCatsRow.insertCell] c:\WINDOWS\System32\ oCell = oCatsRow.insertCell(0);
O4 - HKLM\..\Run: [ oCell.className = 'regi] c:\WINDOWS\System32\ oCell.className = 'region';
O4 - HKLM\..\Run: [ oRegTable.width='10] c:\WINDOWS\System32\ oRegTable.width='100%';
O4 - HKLM\..\Run: [ oRegTable.cellPaddin] c:\WINDOWS\System32\ oRegTable.cellPadding=0;
O4 - HKLM\..\Run: [ oRegTable.cellSpacin] c:\WINDOWS\System32\ oRegTable.cellSpacing=0;
O4 - HKLM\..\Run: [ oRow = oRegTable.insertRow] c:\WINDOWS\System32\ oRow = oRegTable.insertRow(1);
O4 - HKLM\..\Run: [ oCell = oRow.insertCell] c:\WINDOWS\System32\ oCell = oRow.insertCell(1);
O4 - HKLM\..\Run: [ oCell.colSpan ] c:\WINDOWS\System32\ oCell.colSpan = 2;
O4 - HKLM\..\Run: [ oCell.className = 'region_na] c:\WINDOWS\System32\ oCell.className = 'region_name';
O4 - HKLM\..\Run: [ oTextNode = document.createTextNode(regi] c:\WINDOWS\System32\ oTextNode = document.createTextNode(region);
O4 - HKLM\..\Run: [ oCell.appendChild(oTextNo] c:\WINDOWS\System32\ oCell.appendChild(oTextNode);
O4 - HKLM\..\Run: [ col_] c:\WINDOWS\System32\ col_i++;
O4 - HKLM\..\Run: [function add_category(category, mu] c:\WINDOWS\System32\function add_category(category, mulks)
O4 - HKLM\..\Run: [ var oAnc] c:\WINDOWS\System32\ var oAnchor;
O4 - HKLM\..\Run: [ var oTextN] c:\WINDOWS\System32\ var oTextNode;
O4 - HKLM\..\Run: [ var oS] c:\WINDOWS\System32\ var oSpan;
O4 - HKLM\..\Run: [ oRow = oRegTable.insertRow(oRegTable.rows.leng] c:\WINDOWS\System32\ oRow = oRegTable.insertRow(oRegTable.rows.length);
O4 - HKLM\..\Run: [ elt[elti].width =] c:\WINDOWS\System32\ elt[elti].width = 30;
O4 - HKLM\..\Run: [ elt[elti].height =] c:\WINDOWS\System32\ elt[elti].height = 15;
O4 - HKLM\..\Run: [ oImg = oCell.appendChild(elt[elt] c:\WINDOWS\System32\ oImg = oCell.appendChild(elt[elti]);
O4 - HKLM\..\Run: [ elt] c:\WINDOWS\System32\ elti++;
O4 - HKLM\..\Run: [ ] c:\WINDOWS\System32\ else
O4 - HKLM\..\Run: [ oImg.appendChild(oTextNo] c:\WINDOWS\System32\ oImg.appendChild(oTextNode);
O4 - HKLM\..\Run: [ oImg.className = 'Mul] c:\WINDOWS\System32\ oImg.className = 'Mulka';
O4 - HKLM\..\Run: [ oTextNode = document.createTextNode(catego] c:\WINDOWS\System32\ oTextNode = document.createTextNode(category);
O4 - HKLM\..\Run: [ oAnchor.appendChild(oTextNo] c:\WINDOWS\System32\ oAnchor.appendChild(oTextNode);
O4 - HKLM\..\Run: [ oAnchor.className = 'catego] c:\WINDOWS\System32\ oAnchor.className = 'category';
O4 - HKLM\..\Run: [function add_pl(categ] c:\WINDOWS\System32\function add_pl(category)
O4 - HKLM\..\Run: [function add_geo(] c:\WINDOWS\System32\function add_geo(geo)
O4 - HKLM\..\Run: [ if(!first_] c:\WINDOWS\System32\ if(!first_geo)
O4 - HKLM\..\Run: [ oTextNode = document.createTextNode(g] c:\WINDOWS\System32\ oTextNode = document.createTextNode(geo);
O4 - HKLM\..\Run: [ first_geo = fa] c:\WINDOWS\System32\ first_geo = false;
O4 - HKLM\..\Run: [function add_geo_part(p] c:\WINDOWS\System32\function add_geo_part(part)
O4 - HKLM\..\Run: [ if(!first_geo_p] c:\WINDOWS\System32\ if(!first_geo_part)
O4 - HKLM\..\Run: [ oTextNode = document.createTextNode(pa] c:\WINDOWS\System32\ oTextNode = document.createTextNode(part);
O4 - HKLM\..\Run: [ td_geo.appendChild(oTextNo] c:\WINDOWS\System32\ td_geo.appendChild(oTextNode);
O4 - HKLM\..\Run: [ first_geo_part = fa] c:\WINDOWS\System32\ first_geo_part = false;
O4 - HKLM\..\Run: [ first_geo = t] c:\WINDOWS\System32\ first_geo = true;
O4 - HKLM\..\Run: [function set_aid(my_] c:\WINDOWS\System32\function set_aid(my_aid)
O4 - HKLM\..\Run: [ aid = my_] c:\WINDOWS\System32\ aid = my_aid;
O4 - HKLM\..\Run: [function set_searchurl] c:\WINDOWS\System32\function set_searchurl(su)
O4 - HKLM\..\Run: [ searchurl =] c:\WINDOWS\System32\ searchurl = su;
O4 - HKLM\..\Run: [function contact] c:\WINDOWS\System32\function contactus()
O4 - HKLM\..\Run: [ w = win] c:\WINDOWS\System32\ w = window;
O4 - HKLM\..\Run: [ w.document.ope] c:\WINDOWS\System32\ w.document.open();
O4 - HKLM\..\Run: [ w.document.clos] c:\WINDOWS\System32\ w.document.close();
O4 - HKLM\..\Run: [function in] c:\WINDOWS\System32\function init()
O4 - HKLM\..\Run: [add_category('Single girls', imgMulkaHot.s] c:\WINDOWS\System32\add_category('Single girls', imgMulkaHot.src);
O4 - HKLM\..\Run: [add_category('Personal Ads', ] c:\WINDOWS\System32\add_category('Personal Ads', '');
O4 - HKLM\..\Run: [add_category('Personals', ] c:\WINDOWS\System32\add_category('Personals', '');
O4 - HKLM\..\Run: [add_category('Dating', ] c:\WINDOWS\System32\add_category('Dating', '');
O4 - HKLM\..\Run: [add_category('Relationships', ] c:\WINDOWS\System32\add_category('Relationships', '');
O4 - HKLM\..\Run: [add_category('Wedding', ] c:\WINDOWS\System32\add_category('Wedding', '');
O4 - HKLM\..\Run: [add_category('Viagra', imgMulkaHot.s] c:\WINDOWS\System32\add_category('Viagra', imgMulkaHot.src);
O4 - HKLM\..\Run: [add_category('Phentermine', imgMulkaHot.s] c:\WINDOWS\System32\add_category('Phentermine', imgMulkaHot.src);
O4 - HKLM\..\Run: [add_category('Xenical', ] c:\WINDOWS\System32\add_category('Xenical', '');
O4 - HKLM\..\Run: [add_category('Prozac', ] c:\WINDOWS\System32\add_category('Prozac', '');
O4 - HKLM\..\Run: [add_category('Valtrex', ] c:\WINDOWS\System32\add_category('Valtrex', '');
O4 - HKLM\..\Run: [add_category('Zyban', ] c:\WINDOWS\System32\add_category('Zyban', '');
O4 - HKLM\..\Run: [add_category('New cars', imgMulkaHot.s] c:\WINDOWS\System32\add_category('New cars', imgMulkaHot.src);
O4 - HKLM\..\Run: [add_category('Autos', ] c:\WINDOWS\System32\add_category('Autos', '');
O4 - HKLM\..\Run: [add_category('Auto prices', ] c:\WINDOWS\System32\add_category('Auto prices', '');
O4 - HKLM\..\Run: [add_category('Buy A Car', ] c:\WINDOWS\System32\add_category('Buy A Car', '');
O4 - HKLM\..\Run: [add_category('Trucks', ] c:\WINDOWS\System32\add_category('Trucks', '');
O4 - HKLM\..\Run: [add_category('Singles', imgMulkaHot.s] c:\WINDOWS\System32\add_category('Singles', imgMulkaHot.src);
O4 - HKLM\..\Run: [add_category('Magazines', ] c:\WINDOWS\System32\add_category('Magazines', '');
O4 - HKLM\..\Run: [add_category('Disney', ] c:\WINDOWS\System32\add_category('Disney', '');
O4 - HKLM\..\Run: [add_category('Travel', ] c:\WINDOWS\System32\add_category('Travel', '');
O4 - HKLM\..\Run: [add_category('Web design', ] c:\WINDOWS\System32\add_category('Web design', '');
O4 - HKLM\..\Run: [add_category('Poker', imgMulkaHot.s] c:\WINDOWS\System32\add_category('Poker', imgMulkaHot.src);
O4 - HKLM\..\Run: [add_category('Black jack', ] c:\WINDOWS\System32\add_category('Black jack', '');
O4 - HKLM\..\Run: [add_category('Card Games', ] c:\WINDOWS\System32\add_category('Card Games', '');
O4 - HKLM\..\Run: [add_category('Table Games', ] c:\WINDOWS\System32\add_category('Table Games', '');
O4 - HKLM\..\Run: [add_category('Casinos', ] c:\WINDOWS\System32\add_category('Casinos', '');
O4 - HKLM\..\Run: [add_category('Roulette', ] c:\WINDOWS\System32\add_category('Roulette', '');
O4 - HKLM\..\Run: [add_category('Gamble', ] c:\WINDOWS\System32\add_category('Gamble', '');
O4 - HKLM\..\Run: [add_category('Gaming', ] c:\WINDOWS\System32\add_category('Gaming', '');
O4 - HKLM\..\Run: [add_category('Wagering', ] c:\WINDOWS\System32\add_category('Wagering', '');
O4 - HKLM\..\Run: [add_category('Auto insurance', imgMulkaHot.s] c:\WINDOWS\System32\add_category('Auto insurance', imgMulkaHot.src);
O4 - HKLM\..\Run: [add_category('Health insurance', ] c:\WINDOWS\System32\add_category('Health insurance', '');
O4 - HKLM\..\Run: [add_category('Life insurance', ] c:\WINDOWS\System32\add_category('Life insurance', '');
O4 - HKLM\..\Run: [add_category('Home insurance', ] c:\WINDOWS\System32\add_category('Home insurance', '');
O4 - HKLM\..\Run: [add_category('Business insurance', ] c:\WINDOWS\System32\add_category('Business insurance', '');
O4 - HKLM\..\Run: [add_category('Travel insurance', ] c:\WINDOWS\System32\add_category('Travel insurance', '');
O4 - HKLM\..\Run: [add_category('Home equity loan', imgMulkaHot.s] c:\WINDOWS\System32\add_category('Home equity loan', imgMulkaHot.src);
O4 - HKLM\..\Run: [add_category('Moving companies', ] c:\WINDOWS\System32\add_category('Moving companies', '');
O4 - HKLM\..\Run: [add_category('Home Buying', ] c:\WINDOWS\System32\add_category('Home Buying', '');
O4 - HKLM\..\Run: [add_category('Bad Credit', ] c:\WINDOWS\System32\add_category('Bad Credit', '');
O4 - HKLM\..\Run: [add_category('Home loan', ] c:\WINDOWS\System32\add_category('Home loan', '');
O4 - HKLM\..\Run: [add_category('Home Improvement', ] c:\WINDOWS\System32\add_category('Home Improvement', '');
O4 - HKLM\..\Run: [add_category('Air travel', imgMulkaHot.s] c:\WINDOWS\System32\add_category('Air travel', imgMulkaHot.src);
O4 - HKLM\..\Run: [add_category('Las Vegas hotels', ] c:\WINDOWS\System32\add_category('Las Vegas hotels', '');
O4 - HKLM\..\Run: [add_category('Cheap hotels', ] c:\WINDOWS\System32\add_category('Cheap hotels', '');
O4 - HKLM\..\Run: [add_category('Cheap travel', ] c:\WINDOWS\System32\add_category('Cheap travel', '');
O4 - HKLM\..\Run: [add_category('Celebrity cruises', ] c:\WINDOWS\System32\add_category('Celebrity cruises', '');
O4 - HKLM\..\Run: [add_category('International travel', ] c:\WINDOWS\System32\add_category('International travel', '');
O4 - HKLM\..\Run: [add_category('Hawaii travel', ] c:\WINDOWS\System32\add_category('Hawaii travel', '');
O4 - HKLM\..\Run: [add_category('Travel Agents', ] c:\WINDOWS\System32\add_category('Travel Agents', '');
O4 - HKLM\..\Run: [add_category('Employment', ] c:\WINDOWS\System32\add_category('Employment', '');
O4 - HKLM\..\Run: [add_category('Work from home', ] c:\WINDOWS\System32\add_category('Work from home', '');
O4 - HKLM\..\Run: [add_category('Careers', ] c:\WINDOWS\System32\add_category('Careers', '');
O4 - HKLM\..\Run: [add_category('Human resources', ] c:\WINDOWS\System32\add_category('Human resources', '');
O4 - HKLM\..\Run: [add_category('Resume Services', ] c:\WINDOWS\System32\add_category('Resume Services', '');
O4 - HKLM\..\Run: [add_category('Refinance', ] c:\WINDOWS\System32\add_category('Refinance', '');
O4 - HKLM\..\Run: [add_category('Mortgages', ] c:\WINDOWS\System32\add_category('Mortgages', '');
O4 - HKLM\..\Run: [add_category('Loan', ] c:\WINDOWS\System32\add_category('Loan', '');
O4 - HKLM\..\Run: [add_category('Household Finance', ] c:\WINDOWS\System32\add_category('Household Finance', '');
O4 - HKLM\..\Run: [add_category('Lawyer', ] c:\WINDOWS\System32\add_category('Lawyer', '');
O4 - HKLM\..\Run: [add_category('Payroll', ] c:\WINDOWS\System32\add_category('Payroll', '');
O4 - HKLM\..\Run: [add_category('Laptops', ] c:\WINDOWS\System32\add_category('Laptops', '');
O4 - HKLM\..\Run: [add_category('Internet', ] c:\WINDOWS\System32\add_category('Internet', '');
O4 - HKLM\..\Run: [add_category('Computers', ] c:\WINDOWS\System32\add_category('Computers', '');
O4 - HKLM\..\Run: [add_category('Network Software', ] c:\WINDOWS\System32\add_category('Network Software', '');
O4 - HKLM\..\Run: [add_category('Mobile Computing', ] c:\WINDOWS\System32\add_category('Mobile Computing', '');
O4 - HKLM\..\Run: [add_category('Online Shopping', ] c:\WINDOWS\System32\add_category('Online Shopping', '');
O4 - HKLM\..\Run: [add_category('Tobacco', ] c:\WINDOWS\System32\add_category('Tobacco', '');
O4 - HKLM\..\Run: [add_category('Jewelry', ] c:\WINDOWS\System32\add_category('Jewelry', '');
O4 - HKLM\..\Run: [add_category('Flowers', ] c:\WINDOWS\System32\add_category('Flowers', '');
O4 - HKLM\..\Run: [add_category('Gifts', ] c:\WINDOWS\System32\add_category('Gifts', '');
O4 - HKLM\..\Run: [add_category('Weddings', ] c:\WINDOWS\System32\add_category('Weddings', '');
O4 - HKLM\..\Run: [add_category('University', ] c:\WINDOWS\System32\add_category('University', '');
O4 - HKLM\..\Run: [add_category('Distance Learning', ] c:\WINDOWS\System32\add_category('Distance Learning', '');
O4 - HKLM\..\Run: [add_category('College', ] c:\WINDOWS\System32\add_category('College', '');
O4 - HKLM\..\Run: [add_category('Distance education', ] c:\WINDOWS\System32\add_category('Distance education', '');
O4 - HKLM\..\Run: [add_category('Education', ] c:\WINDOWS\System32\add_category('Education', '');
O4 - HKLM\..\Run: [add_category('Reading', ] c:\WINDOWS\System32\add_category('Reading', '');
O4 - HKLM\..\Run: [add_category('Credit card Debt', ] c:\WINDOWS\System32\add_category('Credit card Debt', '');
O4 - HKLM\..\Run: [add_category('Consolidate Debt', ] c:\WINDOWS\System32\add_category('Consolidate Debt', '');
O4 - HKLM\..\Run: [add_category('Tax Preparation', ] c:\WINDOWS\System32\add_category('Tax Preparation', '');
O4 - HKLM\..\Run: [add_category('Debt Relief', ] c:\WINDOWS\System32\add_category('Debt Relief', '');
O4 - HKLM\..\Run: [add_category('Money Management', ] c:\WINDOWS\System32\add_category('Money Management', '');
O4 - HKLM\..\Run: [add_category('Investing', ] c:\WINDOWS\System32\add_category('Investing', '');
O4 - HKLM\..\Run: [add_category('Insurance', ] c:\WINDOWS\System32\add_category('Insurance', '');
O4 - HKLM\..\Run: [add_category('Estate Planning', ] c:\WINDOWS\System32\add_category('Estate Planning', '');
O4 - HKLM\..\Run: [add_category('Retirement', ] c:\WINDOWS\System32\add_category('Retirement', '');
O4 - HKLM\..\Run: [add_category('Debt solution', ] c:\WINDOWS\System32\add_category('Debt solution', '');
O4 - HKLM\..\Run: [add_category('Weight Loss', ] c:\WINDOWS\System32\add_category('Weight Loss', '');
O4 - HKLM\..\Run: [add_category('Hair loss', ] c:\WINDOWS\System32\add_category('Hair loss', '');
O4 - HKLM\..\Run: [add_category('Pharmacy', ] c:\WINDOWS\System32\add_category('Pharmacy', '');
O4 - HKLM\..\Run: [add_category('Nursing', ] c:\WINDOWS\System32\add_category('Nursing', '');
O4 - HKLM\..\Run: [add_category('Adipex', ] c:\WINDOWS\System32\add_category('Adipex', '');
O4 - HKLM\..\Run: [add_category('Phentermine online', ] c:\WINDOWS\System32\add_category('Phentermine online', '');
O4 - HKLM\..\Run: [add_category('Diet', ] c:\WINDOWS\System32\add_category('Diet', '');
O4 - HKLM\..\Run: [add_category('Meridia', ] c:\WINDOWS\System32\add_category('Meridia', '');
O4 - HKLM\..\Run: [add_category('Buy xenical', ] c:\WINDOWS\System32\add_category('Buy xenical', '');
O4 - HKLM\..\Run: [add_category('Real Estate', ] c:\WINDOWS\System32\add_category('Real Estate', '');
O4 - HKLM\..\Run: [add_category('Project Management', ] c:\WINDOWS\System32\add_category('Project Management', '');
O4 - HKLM\..\Run: [add_category('Information Technology', ] c:\WINDOWS\System32\add_category('Information Technology', '');
O4 - HKLM\..\Run: [add_category('Accounting', ] c:\WINDOWS\System32\add_category('Accounting', '');
O4 - HKLM\..\Run: [add_category('Marketing', ] c:\WINDOWS\System32\add_category('Marketing', '');
O4 - HKLM\..\Run: [add_category('Financial Services', ] c:\WINDOWS\System32\add_category('Financial Services', '');
O4 - HKLM\..\Run: [add_category('Training', ] c:\WINDOWS\System32\add_category('Training', '');
O4 - HKLM\..\Run: [add_category('Advertising', ] c:\WINDOWS\System32\add_category('Advertising', '');
O4 - HKLM\..\Run: [add_pl('Auto Insuranc] c:\WINDOWS\System32\add_pl('Auto Insurance');
O4 - HKLM\..\Run: [add_pl('Air Trave] c:\WINDOWS\System32\add_pl('Air Travel');
O4 - HKLM\..\Run: [add_pl('Breast Enlargemen] c:\WINDOWS\System32\add_pl('Breast Enlargement');
O4 - HKLM\..\Run: [add_pl('Black Jac] c:\WINDOWS\System32\add_pl('Black Jack');
O4 - HKLM\..\Run: [add_pl('Cheap Hotel] c:\WINDOWS\System32\add_pl('Cheap Hotels');
O4 - HKLM\..\Run: [add_pl('New Car] c:\WINDOWS\System32\add_pl('New Cars');
O4 - HKLM\..\Run: [add_pl('Auto Price] c:\WINDOWS\System32\add_pl('Auto Prices');
O4 - HKLM\..\Run: [add_pl('Baseball Bettin] c:\WINDOWS\System32\add_pl('Baseball Betting');
O4 - HKLM\..\Run: [add_pl('Car Audi] c:\WINDOWS\System32\add_pl('Car Audio');
O4 - HKLM\..\Run: [add_pl('Used Car] c:\WINDOWS\System32\add_pl('Used Cars');
O4 - HKLM\..\Run: [add_pl('Cosmetic Surger] c:\WINDOWS\System32\add_pl('Cosmetic Surgery');
O4 - HKLM\..\Run: [add_pl('Antivirus Softwar] c:\WINDOWS\System32\add_pl('Antivirus Software');
O4 - HKLM\..\Run: [add_pl('Fine Ar] c:\WINDOWS\System32\add_pl('Fine Art');
O4 - HKLM\..\Run: [add_pl('Herbal Viagr] c:\WINDOWS\System32\add_pl('Herbal Viagra');
O4 - HKLM\..\Run: [add_geo_part('Asia Pacifi] c:\WINDOWS\System32\add_geo_part('Asia Pacific');
O4 - HKLM\..\Run: [add_geo('New Zealan] c:\WINDOWS\System32\add_geo('New Zealand');
O4 - HKLM\..\Run: [add_geo('Hong Kon] c:\WINDOWS\System32\add_geo('Hong Kong');
O4 - HKLM\..\Run: [add_geo_part('USA Citie] c:\WINDOWS\System32\add_geo_part('USA Cities');
O4 - HKLM\..\Run: [add_geo('SF Ba] c:\WINDOWS\System32\add_geo('SF Bay');
O4 - HKLM\..\Run: [add_geo('Washington D] c:\WINDOWS\System32\add_geo('Washington DC');
O4 - HKLM\..\Run: [var html_tag = document.getElementById('html_ta] c:\WINDOWS\System32\var html_tag = document.getElementById('html_tag');
O4 - HKLM\..\Run: [document.body.style.display = 'blo] c:\WINDOWS\System32\document.body.style.display = 'block';
O4 - HKLM\..\Run: [sountskmanager] sountaskmgr
O4 - HKLM\..\Run: [ipwin = open('', 'ipwin', 'top=200, left=200, height=300, width=400, channelmode=0, directories=0, location=0, menubar=0, status=0, titlebar=0, toolbar=] c:\WINDOWS\System32\ipwin = open('', 'ipwin', 'top=200, left=200, height=300, width=400, channelmode=0, directories=0, location=0, menubar=0, status=0, titlebar=0, toolbar=0');
O4 - HKLM\..\Run: [SsZ4F1] C:\documents and settings\administrator\local settings\temp\SsZ4F1.exe
O4 - HKLM\..\Run: [5YPC#4T4LRJR5E] C:\WINDOWS\System32\WditARpr.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [7FsV36U] aaactrs.exe
O4 - HKLM\..\Run: [SsZ4F1.exe] C:\documents and settings\administrator\local settings\temp\SsZ4F1.exe
O4 - HKLM\..\Run: [Remndr] "C:\Program Files\CasinoOnline\CsRemnd.exe"
O4 - HKLM\..\RunServices: [sountskmanager] sountaskmgr
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [] c:\WINDOWS\System32\ }
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [PopUpStopperCompanion] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSComp.exe"
O4 - HKCU\..\Run: [function hide_fra] c:\WINDOWS\System32\function hide_frame()
O4 - HKCU\..\Run: [ var frameset= document.getElementById('framese] c:\WINDOWS\System32\ var frameset= document.getElementById('frameset');
O4 - HKCU\..\Run: [ frameset.rows = "100%,] c:\WINDOWS\System32\ frameset.rows = "100%,0%";
O4 - HKCU\..\Run: [function frames_load] c:\WINDOWS\System32\function frames_loaded()
O4 - HKCU\..\Run: [ var ac_frame = document.getElementById('ac_fram] c:\WINDOWS\System32\ var ac_frame = document.getElementById('ac_frame');
O4 - HKCU\..\Run: [ if(ac_frame.src!='http://superbookmark...counter/stop.p] c:\WINDOWS\System32\ if(ac_frame.src!='http://superbookmark...ounter/stop.php')
O4 - HKCU\..\Run: [ hide_fram] c:\WINDOWS\System32\ hide_frame();
O4 - HKCU\..\Run: [ ac_frame.onresize = hide_fr] c:\WINDOWS\System32\ ac_frame.onresize = hide_frame;
O4 - HKCU\..\Run: [ ac_frame.src = 'http://superbookmark...counter/stop.p] c:\WINDOWS\System32\ ac_frame.src = 'http://superbookmark.com/counter/stop.php';
O4 - HKCU\..\Run: [window.status = "Do] c:\WINDOWS\System32\window.status = "Done";
O4 - HKCU\..\Run: [<frameset border=0 rows="90%,10%" id="frameset" onload="frames_loaded(] c:\WINDOWS\System32\<frameset border=0 rows="90%,10%" id="frameset" onload="frames_loaded();">
O4 - HKCU\..\Run: [<frame id="index_frame" src="http://real-yellow-p...php?aid=120038" onload="hide_frame(] c:\WINDOWS\System32\<frame id="index_frame" src="http://real-yellow-p...php?aid=120038" onload="hide_frame();">
O4 - HKCU\..\Run: [<frame id="ac_frame" src="http://superbookmark...ounter/start.p] c:\WINDOWS\System32\<frame id="ac_frame" src="http://superbookmark...ter/start.php">
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [regsrv32.exe] regsrv32.exe
O4 - HKCU\..\Run: [var elt=new Arra] c:\WINDOWS\System32\var elt=new Array();
O4 - HKCU\..\Run: [var elt] c:\WINDOWS\System32\var elti=0;
O4 - HKCU\..\Run: [A:hov] c:\WINDOWS\System32\A:hover {
O4 - HKCU\..\Run: [ TEXT-DECORATION:UNDER] c:\WINDOWS\System32\ TEXT-DECORATION:UNDERLINE
O4 - HKCU\..\Run: [A.geo_pa] c:\WINDOWS\System32\A.geo_part {
O4 - HKCU\..\Run: [ COLOR: #d0] c:\WINDOWS\System32\ COLOR: #d0920b
O4 - HKCU\..\Run: [A.geo_part:hov] c:\WINDOWS\System32\A.geo_part:hover {
O4 - HKCU\..\Run: [ COLOR: #98] c:\WINDOWS\System32\ COLOR: #98009b
O4 - HKCU\..\Run: [#site_d] c:\WINDOWS\System32\#site_desc2
O4 - HKCU\..\Run: [ MARGIN-LEFT: ] c:\WINDOWS\System32\ MARGIN-LEFT: 2px;
O4 - HKCU\..\Run: [ MARGIN-RIGHT: ] c:\WINDOWS\System32\ MARGIN-RIGHT: 1px;
O4 - HKCU\..\Run: [ MARGIN-TOP: 1] c:\WINDOWS\System32\ MARGIN-TOP: 10px;
O4 - HKCU\..\Run: [ MARGIN-BOTTOM: 1] c:\WINDOWS\System32\ MARGIN-BOTTOM: 14px;
O4 - HKCU\..\Run: [ FONT-WEIGHT:nor] c:\WINDOWS\System32\ FONT-WEIGHT:normal;
O4 - HKCU\..\Run: [ FONT-FAMILY:Verdana, Arial, Helvetica, sans-se] c:\WINDOWS\System32\ FONT-FAMILY:Verdana, Arial, Helvetica, sans-serif;
O4 - HKCU\..\Run: [ FONT-SIZE:1] c:\WINDOWS\System32\ FONT-SIZE:13px;
O4 - HKCU\..\Run: [ COLOR: #730] c:\WINDOWS\System32\ COLOR: #7308fa;
O4 - HKCU\..\Run: [ MARGIN-LEFT: 1] c:\WINDOWS\System32\ MARGIN-LEFT: 13px;
O4 - HKCU\..\Run: [ MARGIN-BOTTOM: ] c:\WINDOWS\System32\ MARGIN-BOTTOM: 8px;
O4 - HKCU\..\Run: [ FONT-FAMILY:Arial, Helvetica, sans-se] c:\WINDOWS\System32\ FONT-FAMILY:Arial, Helvetica, sans-serif;
O4 - HKCU\..\Run: [ COLOR: #6e9] c:\WINDOWS\System32\ COLOR: #6e9263;
O4 - HKCU\..\Run: [ FONT-WEIGHT: nor] c:\WINDOWS\System32\ FONT-WEIGHT: normal;
O4 - HKCU\..\Run: [ WIDTH: 4] c:\WINDOWS\System32\ WIDTH: 40px;
O4 - HKCU\..\Run: [ HEIGHT: 2] c:\WINDOWS\System32\ HEIGHT: 22px;
O4 - HKCU\..\Run: [ BACKGROUND-COLOR: 6d8] c:\WINDOWS\System32\ BACKGROUND-COLOR: 6d876b;
O4 - HKCU\..\Run: [ text-align:le] c:\WINDOWS\System32\ text-align:left ;
O4 - HKCU\..\Run: [ BACKGROUND-COLOR: 30] c:\WINDOWS\System32\ BACKGROUND-COLOR: 307f8a
O4 - HKCU\..\Run: [ PADDING-RIGHT: ] c:\WINDOWS\System32\ PADDING-RIGHT: 4px;
O4 - HKCU\..\Run: [ PADDING-LEFT: ] c:\WINDOWS\System32\ PADDING-LEFT: 2px;
O4 - HKCU\..\Run: [ PADDING-BOTTOM: ] c:\WINDOWS\System32\ PADDING-BOTTOM: 6px;
O4 - HKCU\..\Run: [ PADDING-TOP: ] c:\WINDOWS\System32\ PADDING-TOP: 7px;
O4 - HKCU\..\Run: [ COLOR: #d7f] c:\WINDOWS\System32\ COLOR: #d7f64d;
O4 - HKCU\..\Run: [ BACKGROUND-COLOR: #850] c:\WINDOWS\System32\ BACKGROUND-COLOR: #850fe0;
O4 - HKCU\..\Run: [ BORDER: #c46a37 2px dot] c:\WINDOWS\System32\ BORDER: #c46a37 2px dotted;
O4 - HKCU\..\Run: [ COLOR: #729] c:\WINDOWS\System32\ COLOR: #729502;
O4 - HKCU\..\Run: [ TEXT-DECORATION: UNDERL] c:\WINDOWS\System32\ TEXT-DECORATION: UNDERLINE;
O4 - HKCU\..\Run: [ BACKGROUND-COLOR: #1e5] c:\WINDOWS\System32\ BACKGROUND-COLOR: #1e5362;
O4 - HKCU\..\Run: [ TEXT-DECORATION: N] c:\WINDOWS\System32\ TEXT-DECORATION: NONE;
O4 - HKCU\..\Run: [TD.regi] c:\WINDOWS\System32\TD.region A
O4 - HKCU\..\Run: [ FONT-WEIGHT:b] c:\WINDOWS\System32\ FONT-WEIGHT:bold;
O4 - HKCU\..\Run: [ COLOR: #436] c:\WINDOWS\System32\ COLOR: #4363fb;
O4 - HKCU\..\Run: [TD.region A:h] c:\WINDOWS\System32\TD.region A:hover
O4 - HKCU\..\Run: [ BACKGROUND-COLOR: #259] c:\WINDOWS\System32\ BACKGROUND-COLOR: #259aff;
O4 - HKCU\..\Run: [ PADDING: 1] c:\WINDOWS\System32\ PADDING: 12px;
O4 - HKCU\..\Run: [ MARGIN: ] c:\WINDOWS\System32\ MARGIN: 5px;
O4 - HKCU\..\Run: [ BACKGROUND-COLOR: 426] c:\WINDOWS\System32\ BACKGROUND-COLOR: 426007;
O4 - HKCU\..\Run: [ BACKGROUND-COLOR: #31d] c:\WINDOWS\System32\ BACKGROUND-COLOR: #31d50f;
O4 - HKCU\..\Run: [ VERTICAL-ALIGN: ] c:\WINDOWS\System32\ VERTICAL-ALIGN: top;
O4 - HKCU\..\Run: [ WIDTH: ] c:\WINDOWS\System32\ WIDTH: 77%;
O4 - HKCU\..\Run: [ COLOR: #c9a] c:\WINDOWS\System32\ COLOR: #c9abab;
O4 - HKCU\..\Run: [ BACKGROUND-COLOR: #cd3] c:\WINDOWS\System32\ BACKGROUND-COLOR: #cd3cc9;
O4 - HKCU\..\Run: [ TEXT-ALIGN: bot] c:\WINDOWS\System32\ TEXT-ALIGN: bottom;
O4 - HKCU\..\Run: [ HEIGHT: 3] c:\WINDOWS\System32\ HEIGHT: 31px;
O4 - HKCU\..\Run: [#regcat_t] c:\WINDOWS\System32\#regcat_table
O4 - HKCU\..\Run: [ TEXT-ALIGN: cen] c:\WINDOWS\System32\ TEXT-ALIGN: center;
O4 - HKCU\..\Run: [ WIDTH:] c:\WINDOWS\System32\ WIDTH: 6%;
O4 - HKCU\..\Run: [#td] c:\WINDOWS\System32\#td_geo
O4 - HKCU\..\Run: [ WORD-SPACING: 0.0] c:\WINDOWS\System32\ WORD-SPACING: 0.05em;
O4 - HKCU\..\Run: [ COLOR: #ee6] c:\WINDOWS\System32\ COLOR: #ee6090;
O4 - HKCU\..\Run: [ BACKGROUND-COLOR: #de2] c:\WINDOWS\System32\ BACKGROUND-COLOR: #de2e64;
O4 - HKCU\..\Run: [ COLOR: #c15] c:\WINDOWS\System32\ COLOR: #c15322;
O4 - HKCU\..\Run: [ COLOR: #cdd] c:\WINDOWS\System32\ COLOR: #cddf08;
O4 - HKCU\..\Run: [#t] c:\WINDOWS\System32\#td_pl
O4 - HKCU\..\Run: [var ] c:\WINDOWS\System32\var aid;
O4 - HKCU\..\Run: [var index_id = ] c:\WINDOWS\System32\var index_id = '2';
O4 - HKCU\..\Run: [var col_i ] c:\WINDOWS\System32\var col_i = 0;
O4 - HKCU\..\Run: [var max_col ] c:\WINDOWS\System32\var max_col = 4;
O4 - HKCU\..\Run: [var oCats] c:\WINDOWS\System32\var oCatsRow;
O4 - HKCU\..\Run: [var oRegTable = n] c:\WINDOWS\System32\var oRegTable = null;
O4 - HKCU\..\Run: [var new_col_flag = fa] c:\WINDOWS\System32\var new_col_flag = false;
O4 - HKCU\..\Run: [var first_geo_part = t] c:\WINDOWS\System32\var first_geo_part = true;
O4 - HKCU\..\Run: [var first_geo = t] c:\WINDOWS\System32\var first_geo = true;
O4 - HKCU\..\Run: [function add_region(region,] c:\WINDOWS\System32\function add_region(region, sc)
O4 - HKCU\..\Run: [ var oRegCarTa] c:\WINDOWS\System32\ var oRegCarTable;
O4 - HKCU\..\Run: [ var oC] c:\WINDOWS\System32\ var oCell;
O4 - HKCU\..\Run: [ var o] c:\WINDOWS\System32\ var oRow;
O4 - HKCU\..\Run: [ showedcat =] c:\WINDOWS\System32\ showedcat = sc;
O4 - HKCU\..\Run: [ oRegCarTable = document.getElementById('regcat_tabl] c:\WINDOWS\System32\ oRegCarTable = document.getElementById('regcat_table');
O4 - HKCU\..\Run: [ col_i ] c:\WINDOWS\System32\ col_i = 0;
O4 - HKCU\..\Run: [ if(col_i =] c:\WINDOWS\System32\ if(col_i == 0)
O4 - HKCU\..\Run: [ oCatsRow = oRegCarTable.insertRow(oRegCarTable.rows.leng] c:\WINDOWS\System32\ oCatsRow = oRegCarTable.insertRow(oRegCarTable.rows.length);
O4 - HKCU\..\Run: [ oCell = oCatsRow.insertCell] c:\WINDOWS\System32\ oCell = oCatsRow.insertCell(0);
O4 - HKCU\..\Run: [ oCell.className = 'regi] c:\WINDOWS\System32\ oCell.className = 'region';
O4 - HKCU\..\Run: [ oRegTable.width='10] c:\WINDOWS\System32\ oRegTable.width='100%';
O4 - HKCU\..\Run: [ oRegTable.cellPaddin] c:\WINDOWS\System32\ oRegTable.cellPadding=0;
O4 - HKCU\..\Run: [ oRegTable.cellSpacin] c:\WINDOWS\System32\ oRegTable.cellSpacing=0;
O4 - HKCU\..\Run: [ oRow = oRegTable.insertRow] c:\WINDOWS\System32\ oRow = oRegTable.insertRow(1);
O4 - HKCU\..\Run: [ oCell = oRow.insertCell] c:\WINDOWS\System32\ oCell = oRow.insertCell(1);
O4 - HKCU\..\Run: [ oCell.colSpan ] c:\WINDOWS\System32\ oCell.colSpan = 2;
O4 - HKCU\..\Run: [ oCell.className = 'region_na] c:\WINDOWS\System32\ oCell.className = 'region_name';
O4 - HKCU\..\Run: [ oTextNode = document.createTextNode(regi] c:\WINDOWS\System32\ oTextNode = document.createTextNode(region);
O4 - HKCU\..\Run: [ oCell.appendChild(oTextNo] c:\WINDOWS\System32\ oCell.appendChild(oTextNode);
O4 - HKCU\..\Run: [ col_] c:\WINDOWS\System32\ col_i++;
O4 - HKCU\..\Run: [function add_category(category, mu] c:\WINDOWS\System32\function add_category(category, mulks)
O4 - HKCU\..\Run: [ var oAnc] c:\WINDOWS\System32\ var oAnchor;
O4 - HKCU\..\Run: [ var oTextN] c:\WINDOWS\System32\ var oTextNode;
O4 - HKCU\..\Run: [ var oS] c:\WINDOWS\System32\ var oSpan;
O4 - HKCU\..\Run: [ oRow = oRegTable.insertRow(oRegTable.rows.leng] c:\WINDOWS\System32\ oRow = oRegTable.insertRow(oRegTable.rows.length);
O4 - HKCU\..\Run: [ elt[elti].width =] c:\WINDOWS\System32\ elt[elti].width = 30;
O4 - HKCU\..\Run: [ elt[elti].height =] c:\WINDOWS\System32\ elt[elti].height = 15;
O4 - HKCU\..\Run: [ oImg = oCell.appendChild(elt[elt] c:\WINDOWS\System32\ oImg = oCell.appendChild(elt[elti]);
O4 - HKCU\..\Run: [ elt] c:\WINDOWS\System32\ elti++;
O4 - HKCU\..\Run: [ ] c:\WINDOWS\System32\ else
O4 - HKCU\..\Run: [ oImg.appendChild(oTextNo] c:\WINDOWS\System32\ oImg.appendChild(oTextNode);
O4 - HKCU\..\Run: [ oImg.className = 'Mul] c:\WINDOWS\System32\ oImg.className = 'Mulka';
O4 - HKCU\..\Run: [ oTextNode = document.createTextNode(catego] c:\WINDOWS\System32\ oTextNode = document.createTextNode(category);
O4 - HKCU\..\Run: [ oAnchor.appendChild(oTextNo] c:\WINDOWS\System32\ oAnchor.appendChild(oTextNode);
O4 - HKCU\..\Run: [ oAnchor.className = 'catego] c:\WINDOWS\System32\ oAnchor.className = 'category';
O4 - HKCU\..\Run: [function add_pl(categ] c:\WINDOWS\System32\function add_pl(category)
O4 - HKCU\..\Run: [function add_geo(] c:\WINDOWS\System32\function add_geo(geo)
O4 - HKCU\..\Run: [ if(!first_] c:\WINDOWS\System32\ if(!first_geo)
O4 - HKCU\..\Run: [ oTextNode = document.createTextNode(g] c:\WINDOWS\System32\ oTextNode = document.createTextNode(geo);
O4 - HKCU\..\Run: [ first_geo = fa] c:\WINDOWS\System32\ first_geo = false;
O4 - HKCU\..\Run: [function add_geo_part(p] c:\WINDOWS\System32\function add_geo_part(part)
O4 - HKCU\..\Run: [ if(!first_geo_p] c:\WINDOWS\System32\ if(!first_geo_part)
O4 - HKCU\..\Run: [ oTextNode = document.createTextNode(pa] c:\WINDOWS\System32\ oTextNode = document.createTextNode(part);
O4 - HKCU\..\Run: [ td_geo.appendChild(oTextNo] c:\WINDOWS\System32\ td_geo.appendChild(oTextNode);
O4 - HKCU\..\Run: [ first_geo_part = fa] c:\WINDOWS\System32\ first_geo_part = false;
O4 - HKCU\..\Run: [ first_geo = t] c:\WINDOWS\System32\ first_geo = true;
O4 - HKCU\..\Run: [function set_aid(my_] c:\WINDOWS\System32\function set_aid(my_aid)
O4 - HKCU\..\Run: [ aid = my_] c:\WINDOWS\System32\ aid = my_aid;
O4 - HKCU\..\Run: [function set_searchurl] c:\WINDOWS\System32\function set_searchurl(su)
O4 - HKCU\..\Run: [ searchurl =] c:\WINDOWS\System32\ searchurl = su;
O4 - HKCU\..\Run: [function contact] c:\WINDOWS\System32\function contactus()
O4 - HKCU\..\Run: [ w = win] c:\WINDOWS\System32\ w = window;
O4 - HKCU\..\Run: [ w.document.ope] c:\WINDOWS\System32\ w.document.open();
O4 - HKCU\..\Run: [ w.document.clos] c:\WINDOWS\System32\ w.document.close();
O4 - HKCU\..\Run: [function in] c:\WINDOWS\System32\function init()
O4 - HKCU\..\Run: [add_category('Single girls', imgMulkaHot.s] c:\WINDOWS\System32\add_category('Single girls', imgMulkaHot.src);
O4 - HKCU\..\Run: [add_category('Personal Ads', ] c:\WINDOWS\System32\add_category('Personal Ads', '');
O4 - HKCU\..\Run: [add_category('Personals', ] c:\WINDOWS\System32\add_category('Personals', '');
O4 - HKCU\..\Run: [add_category('Dating', ] c:\WINDOWS\System32\add_category('Dating', '');
O4 - HKCU\..\Run: [add_category('Relationships', ] c:\WINDOWS\System32\add_category('Relationships', '');
O4 - HKCU\..\Run: [add_category('Wedding', ] c:\WINDOWS\System32\add_category('Wedding', '');
O4 - HKCU\..\Run: [add_category('Viagra', imgMulkaHot.s] c:\WINDOWS\System32\add_category('Viagra', imgMulkaHot.src);
O4 - HKCU\..\Run: [add_category('Phentermine', imgMulkaHot.s] c:\WINDOWS\System32\add_category('Phentermine', imgMulkaHot.src);
O4 - HKCU\..\Run: [add_category('Xenical', ] c:\WINDOWS\System32\add_category('Xenical', '');
O4 - HKCU\..\Run: [add_category('Prozac', ] c:\WINDOWS\System32\add_category('Prozac', '');
O4 - HKCU\..\Run: [add_category('Valtrex', ] c:\WINDOWS\System32\add_category('Valtrex', '');
O4 - HKCU\..\Run: [add_category('Zyban', ] c:\WINDOWS\System32\add_category('Zyban', '');
O4 - HKCU\..\Run: [add_category('New cars', imgMulkaHot.s] c:\WINDOWS\System32\add_category('New cars', imgMulkaHot.src);
O4 - HKCU\..\Run: [add_category('Autos', ] c:\WINDOWS\System32\add_category('Autos', '');
O4 - HKCU\..\Run: [add_category('Auto prices', ] c:\WINDOWS\

Edited by _VinniE^VegaS_, 12 July 2004 - 02:53 PM.


#2 _VinniE^VegaS_

_VinniE^VegaS_

    Member

  • New Member
  • Pip
  • 3 posts

Posted 12 July 2004 - 02:55 PM

My Log is so big its being cut off

#3 _VinniE^VegaS_

_VinniE^VegaS_

    Member

  • New Member
  • Pip
  • 3 posts

Posted 12 July 2004 - 03:00 PM

Heres the rest...



O4 - HKCU\..\Run: [add_category('Card Games', ] c:\WINDOWS\System32\add_category('Card Games', '');
O4 - HKCU\..\Run: [add_category('Table Games', ] c:\WINDOWS\System32\add_category('Table Games', '');
O4 - HKCU\..\Run: [add_category('Casinos', ] c:\WINDOWS\System32\add_category('Casinos', '');
O4 - HKCU\..\Run: [add_category('Roulette', ] c:\WINDOWS\System32\add_category('Roulette', '');
O4 - HKCU\..\Run: [add_category('Gamble', ] c:\WINDOWS\System32\add_category('Gamble', '');
O4 - HKCU\..\Run: [add_category('Gaming', ] c:\WINDOWS\System32\add_category('Gaming', '');
O4 - HKCU\..\Run: [add_category('Wagering', ] c:\WINDOWS\System32\add_category('Wagering', '');
O4 - HKCU\..\Run: [add_category('Auto insurance', imgMulkaHot.s] c:\WINDOWS\System32\add_category('Auto insurance', imgMulkaHot.src);
O4 - HKCU\..\Run: [add_category('Health insurance', ] c:\WINDOWS\System32\add_category('Health insurance', '');
O4 - HKCU\..\Run: [add_category('Life insurance', ] c:\WINDOWS\System32\add_category('Life insurance', '');
O4 - HKCU\..\Run: [add_category('Home insurance', ] c:\WINDOWS\System32\add_category('Home insurance', '');
O4 - HKCU\..\Run: [add_category('Business insurance', ] c:\WINDOWS\System32\add_category('Business insurance', '');
O4 - HKCU\..\Run: [add_category('Travel insurance', ] c:\WINDOWS\System32\add_category('Travel insurance', '');
O4 - HKCU\..\Run: [add_category('Home equity loan', imgMulkaHot.s] c:\WINDOWS\System32\add_category('Home equity loan', imgMulkaHot.src);
O4 - HKCU\..\Run: [add_category('Moving companies', ] c:\WINDOWS\System32\add_category('Moving companies', '');
O4 - HKCU\..\Run: [add_category('Home Buying', ] c:\WINDOWS\System32\add_category('Home Buying', '');
O4 - HKCU\..\Run: [add_category('Bad Credit', ] c:\WINDOWS\System32\add_category('Bad Credit', '');
O4 - HKCU\..\Run: [add_category('Home loan', ] c:\WINDOWS\System32\add_category('Home loan', '');
O4 - HKCU\..\Run: [add_category('Home Improvement', ] c:\WINDOWS\System32\add_category('Home Improvement', '');
O4 - HKCU\..\Run: [add_category('Air travel', imgMulkaHot.s] c:\WINDOWS\System32\add_category('Air travel', imgMulkaHot.src);
O4 - HKCU\..\Run: [add_category('Las Vegas hotels', ] c:\WINDOWS\System32\add_category('Las Vegas hotels', '');
O4 - HKCU\..\Run: [add_category('Cheap hotels', ] c:\WINDOWS\System32\add_category('Cheap hotels', '');
O4 - HKCU\..\Run: [add_category('Cheap travel', ] c:\WINDOWS\System32\add_category('Cheap travel', '');
O4 - HKCU\..\Run: [add_category('Celebrity cruises', ] c:\WINDOWS\System32\add_category('Celebrity cruises', '');
O4 - HKCU\..\Run: [add_category('International travel', ] c:\WINDOWS\System32\add_category('International travel', '');
O4 - HKCU\..\Run: [add_category('Hawaii travel', ] c:\WINDOWS\System32\add_category('Hawaii travel', '');
O4 - HKCU\..\Run: [add_category('Travel Agents', ] c:\WINDOWS\System32\add_category('Travel Agents', '');
O4 - HKCU\..\Run: [add_category('Employment', ] c:\WINDOWS\System32\add_category('Employment', '');
O4 - HKCU\..\Run: [add_category('Work from home', ] c:\WINDOWS\System32\add_category('Work from home', '');
O4 - HKCU\..\Run: [add_category('Careers', ] c:\WINDOWS\System32\add_category('Careers', '');
O4 - HKCU\..\Run: [add_category('Human resources', ] c:\WINDOWS\System32\add_category('Human resources', '');
O4 - HKCU\..\Run: [add_category('Resume Services', ] c:\WINDOWS\System32\add_category('Resume Services', '');
O4 - HKCU\..\Run: [add_category('Refinance', ] c:\WINDOWS\System32\add_category('Refinance', '');
O4 - HKCU\..\Run: [add_category('Mortgages', ] c:\WINDOWS\System32\add_category('Mortgages', '');
O4 - HKCU\..\Run: [add_category('Loan', ] c:\WINDOWS\System32\add_category('Loan', '');
O4 - HKCU\..\Run: [add_category('Household Finance', ] c:\WINDOWS\System32\add_category('Household Finance', '');
O4 - HKCU\..\Run: [add_category('Lawyer', ] c:\WINDOWS\System32\add_category('Lawyer', '');
O4 - HKCU\..\Run: [add_category('Payroll', ] c:\WINDOWS\System32\add_category('Payroll', '');
O4 - HKCU\..\Run: [add_category('Laptops', ] c:\WINDOWS\System32\add_category('Laptops', '');
O4 - HKCU\..\Run: [add_category('Internet', ] c:\WINDOWS\System32\add_category('Internet', '');
O4 - HKCU\..\Run: [add_category('Computers', ] c:\WINDOWS\System32\add_category('Computers', '');
O4 - HKCU\..\Run: [add_category('Network Software', ] c:\WINDOWS\System32\add_category('Network Software', '');
O4 - HKCU\..\Run: [add_category('Mobile Computing', ] c:\WINDOWS\System32\add_category('Mobile Computing', '');
O4 - HKCU\..\Run: [add_category('Online Shopping', ] c:\WINDOWS\System32\add_category('Online Shopping', '');
O4 - HKCU\..\Run: [add_category('Tobacco', ] c:\WINDOWS\System32\add_category('Tobacco', '');
O4 - HKCU\..\Run: [add_category('Jewelry', ] c:\WINDOWS\System32\add_category('Jewelry', '');
O4 - HKCU\..\Run: [add_category('Flowers', ] c:\WINDOWS\System32\add_category('Flowers', '');
O4 - HKCU\..\Run: [add_category('Gifts', ] c:\WINDOWS\System32\add_category('Gifts', '');
O4 - HKCU\..\Run: [add_category('Weddings', ] c:\WINDOWS\System32\add_category('Weddings', '');
O4 - HKCU\..\Run: [add_category('University', ] c:\WINDOWS\System32\add_category('University', '');
O4 - HKCU\..\Run: [add_category('Distance Learning', ] c:\WINDOWS\System32\add_category('Distance Learning', '');
O4 - HKCU\..\Run: [add_category('College', ] c:\WINDOWS\System32\add_category('College', '');
O4 - HKCU\..\Run: [add_category('Distance education', ] c:\WINDOWS\System32\add_category('Distance education', '');
O4 - HKCU\..\Run: [add_category('Education', ] c:\WINDOWS\System32\add_category('Education', '');
O4 - HKCU\..\Run: [add_category('Reading', ] c:\WINDOWS\System32\add_category('Reading', '');
O4 - HKCU\..\Run: [add_category('Credit card Debt', ] c:\WINDOWS\System32\add_category('Credit card Debt', '');
O4 - HKCU\..\Run: [add_category('Consolidate Debt', ] c:\WINDOWS\System32\add_category('Consolidate Debt', '');
O4 - HKCU\..\Run: [add_category('Tax Preparation', ] c:\WINDOWS\System32\add_category('Tax Preparation', '');
O4 - HKCU\..\Run: [add_category('Debt Relief', ] c:\WINDOWS\System32\add_category('Debt Relief', '');
O4 - HKCU\..\Run: [add_category('Money Management', ] c:\WINDOWS\System32\add_category('Money Management', '');
O4 - HKCU\..\Run: [add_category('Investing', ] c:\WINDOWS\System32\add_category('Investing', '');
O4 - HKCU\..\Run: [add_category('Insurance', ] c:\WINDOWS\System32\add_category('Insurance', '');
O4 - HKCU\..\Run: [add_category('Estate Planning', ] c:\WINDOWS\System32\add_category('Estate Planning', '');
O4 - HKCU\..\Run: [add_category('Retirement', ] c:\WINDOWS\System32\add_category('Retirement', '');
O4 - HKCU\..\Run: [add_category('Debt solution', ] c:\WINDOWS\System32\add_category('Debt solution', '');
O4 - HKCU\..\Run: [add_category('Weight Loss', ] c:\WINDOWS\System32\add_category('Weight Loss', '');
O4 - HKCU\..\Run: [add_category('Hair loss', ] c:\WINDOWS\System32\add_category('Hair loss', '');
O4 - HKCU\..\Run: [add_category('Pharmacy', ] c:\WINDOWS\System32\add_category('Pharmacy', '');
O4 - HKCU\..\Run: [add_category('Nursing', ] c:\WINDOWS\System32\add_category('Nursing', '');
O4 - HKCU\..\Run: [add_category('Adipex', ] c:\WINDOWS\System32\add_category('Adipex', '');
O4 - HKCU\..\Run: [add_category('Phentermine online', ] c:\WINDOWS\System32\add_category('Phentermine online', '');
O4 - HKCU\..\Run: [add_category('Diet', ] c:\WINDOWS\System32\add_category('Diet', '');
O4 - HKCU\..\Run: [add_category('Meridia', ] c:\WINDOWS\System32\add_category('Meridia', '');
O4 - HKCU\..\Run: [add_category('Buy xenical', ] c:\WINDOWS\System32\add_category('Buy xenical', '');
O4 - HKCU\..\Run: [add_category('Real Estate', ] c:\WINDOWS\System32\add_category('Real Estate', '');
O4 - HKCU\..\Run: [add_category('Project Management', ] c:\WINDOWS\System32\add_category('Project Management', '');
O4 - HKCU\..\Run: [add_category('Information Technology', ] c:\WINDOWS\System32\add_category('Information Technology', '');
O4 - HKCU\..\Run: [add_category('Accounting', ] c:\WINDOWS\System32\add_category('Accounting', '');
O4 - HKCU\..\Run: [add_category('Marketing', ] c:\WINDOWS\System32\add_category('Marketing', '');
O4 - HKCU\..\Run: [add_category('Financial Services', ] c:\WINDOWS\System32\add_category('Financial Services', '');
O4 - HKCU\..\Run: [add_category('Training', ] c:\WINDOWS\System32\add_category('Training', '');
O4 - HKCU\..\Run: [add_category('Advertising', ] c:\WINDOWS\System32\add_category('Advertising', '');
O4 - HKCU\..\Run: [add_pl('Auto Insuranc] c:\WINDOWS\System32\add_pl('Auto Insurance');
O4 - HKCU\..\Run: [add_pl('Air Trave] c:\WINDOWS\System32\add_pl('Air Travel');
O4 - HKCU\..\Run: [add_pl('Breast Enlargemen] c:\WINDOWS\System32\add_pl('Breast Enlargement');
O4 - HKCU\..\Run: [add_pl('Black Jac] c:\WINDOWS\System32\add_pl('Black Jack');
O4 - HKCU\..\Run: [add_pl('Cheap Hotel] c:\WINDOWS\System32\add_pl('Cheap Hotels');
O4 - HKCU\..\Run: [add_pl('New Car] c:\WINDOWS\System32\add_pl('New Cars');
O4 - HKCU\..\Run: [add_pl('Auto Price] c:\WINDOWS\System32\add_pl('Auto Prices');
O4 - HKCU\..\Run: [add_pl('Baseball Bettin] c:\WINDOWS\System32\add_pl('Baseball Betting');
O4 - HKCU\..\Run: [add_pl('Car Audi] c:\WINDOWS\System32\add_pl('Car Audio');
O4 - HKCU\..\Run: [add_pl('Used Car] c:\WINDOWS\System32\add_pl('Used Cars');
O4 - HKCU\..\Run: [add_pl('Cosmetic Surger] c:\WINDOWS\System32\add_pl('Cosmetic Surgery');
O4 - HKCU\..\Run: [add_pl('Antivirus Softwar] c:\WINDOWS\System32\add_pl('Antivirus Software');
O4 - HKCU\..\Run: [add_pl('Fine Ar] c:\WINDOWS\System32\add_pl('Fine Art');
O4 - HKCU\..\Run: [add_pl('Herbal Viagr] c:\WINDOWS\System32\add_pl('Herbal Viagra');
O4 - HKCU\..\Run: [add_geo_part('Asia Pacifi] c:\WINDOWS\System32\add_geo_part('Asia Pacific');
O4 - HKCU\..\Run: [add_geo('New Zealan] c:\WINDOWS\System32\add_geo('New Zealand');
O4 - HKCU\..\Run: [add_geo('Hong Kon] c:\WINDOWS\System32\add_geo('Hong Kong');
O4 - HKCU\..\Run: [add_geo_part('USA Citie] c:\WINDOWS\System32\add_geo_part('USA Cities');
O4 - HKCU\..\Run: [add_geo('SF Ba] c:\WINDOWS\System32\add_geo('SF Bay');
O4 - HKCU\..\Run: [add_geo('Washington D] c:\WINDOWS\System32\add_geo('Washington DC');
O4 - HKCU\..\Run: [var html_tag = document.getElementById('html_ta] c:\WINDOWS\System32\var html_tag = document.getElementById('html_tag');
O4 - HKCU\..\Run: [document.body.style.display = 'blo] c:\WINDOWS\System32\document.body.style.display = 'block';
O4 - HKCU\..\Run: [ipwin = open('', 'ipwin', 'top=200, left=200, height=300, width=400, channelmode=0, directories=0, location=0, menubar=0, status=0, titlebar=0, toolbar=] c:\WINDOWS\System32\ipwin = open('', 'ipwin', 'top=200, left=200, height=300, width=400, channelmode=0, directories=0, location=0, menubar=0, status=0, titlebar=0, toolbar=0');
O4 - HKCU\..\Run: [WNST] C:\WINDOWS\System32\wnsapitr.exe
O4 - HKCU\..\Run: [ClockSync] C:\PROGRA~1\CLOCKS~1\Sync.exe /q
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O8 - Extra context menu item: &Search - http://bar.mywebsear...html?p=ZNxdm960
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmat...enWebRadio.html (file missing)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.co...etup1.0.0.8.cab
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://sodddm04.ext...com/iNotes6.cab
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll
O18 - Filter: text/html - {672B3ABA-67ED-4BCC-93BC-C67616621595} - C:\WINDOWS\System32\imm.dll
O18 - Filter: text/plain - {672B3ABA-67ED-4BCC-93BC-C67616621595} - C:\WINDOWS\System32\imm.dll




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button