Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop Ups All The Time! Please Help Us.


  • This topic is locked This topic is locked
9 replies to this topic

#1 chippie72

chippie72

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:11 PM

Posted 16 August 2007 - 08:59 PM

I was really surprised to find this site and it is amazing that there are still people out there willing/trying to help others. I have the same problem that many here have posted. Annoying pop ups telling me people are spying on my computer etc. My home page was taken over by some stupid site selling anti virus software and I couldn’t reset it. I did everything that was asked for in the instructions here to run a hijackthis report. My wife and I use this computer at home and since she works from home, this is all we have. Any help would be greatly appreciated.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:46:42 PM, on 8/16/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\FSI\F-Prot\fpavupdm.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\TwinMOS\Mobile Disk V3.0\MobMon.exe
C:\Program Files\TwinMOS\Mobile Disk V3.0\UsbTD.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\FSI\F-Prot\F-Sched.exe
C:\Program Files\FSI\F-Prot\F-StopW.EXE
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {34E6F97C-34E0-4CE5-B92B-F83634BEDC01} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [UFD Monitor] C:\Program Files\TwinMOS\Mobile Disk V3.0\MobMon.exe
O4 - HKLM\..\Run: [UFD Utility] C:\Program Files\TwinMOS\Mobile Disk V3.0\UsbTD.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [FRISK FP-Scheduler] C:\Program Files\FSI\F-Prot\F-Sched.exe STARTUP
O4 - HKLM\..\Run: [F-StopW] C:\Program Files\FSI\F-Prot\F-StopW.EXE
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Program Files\Video ActiveX Access\iesmn.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://supportsoft.adelphia.net/sdccommon/...ad/tgctlins.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O18 - Protocol: bw+0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: clinker - {a4029063-4fe3-422c-ac72-12905c09642a} - C:\WINDOWS\system32\xtsyynm.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: F-Prot Antivirus Update Monitor - FRISK Software - C:\Program Files\FSI\F-Prot\fpavupdm.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe

--
End of file - 20005 bytes

BC AdBot (Login to Remove)

 


#2 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 17 August 2007 - 05:54 AM

Welcome to the BleepingComputer HijackThis Logs and Analysis forum chippie72 :thumbsup:
My name is Richie and i'll be helping you to fix your problems.

Download SmitfraudFix (by S!Ri),to your desktop.
Reboot your computer into SAFE MODE using the F8 method.
To do this,restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly.
A menu will appear with several options.
Use the arrow keys on your keyboard to navigate and select the option to run Windows in "Safe Mode".

Double click on Smitfraudfix.cmd
Select #2 and hit Enter to delete the infected files.
You will be prompted: 'Do you want to clean the registry?' answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.
The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): 'Replace infected file ?' answer Y (yes) and hit Enter to restore a clean file.
A reboot may be needed to finish the cleaning process.
The report can be found at the root of the system drive, usually at C:\rapport.txt

Post the smitfraudfix report into your next reply.

--------------------------------------------------

Download Combofix and save to your desktop:
Note:
It is important that it is saved directly to your desktop

Close any open browsers.
Double click on combofix.exe and follow the prompts.
When it's finished it will produce a log.
Post the entire contents of C:\ComboFix.txt into your next reply.
Note:
Do not mouseclick combofix's window while it's running.
That may cause the program to freeze/hang.

Do NOT post the ComboFix-quarantined-files.txt unless I ask.

Also post a new Hijackthis log please.
Posted Image
Posted Image

#3 chippie72

chippie72
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:11 PM

Posted 17 August 2007 - 09:58 PM

Richie - thank you so much for your time and help!

SmitFraudFix v2.212

Scan done at 21:55:32.43, Fri 08/17/2007
Run from C:\Documents and Settings\Shannon\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{a4029063-4fe3-422c-ac72-12905c09642a}"="clinker"

[HKEY_CLASSES_ROOT\CLSID\{a4029063-4fe3-422c-ac72-12905c09642a}\InProcServer32]
@="C:\WINDOWS\system32\xtsyynm.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{a4029063-4fe3-422c-ac72-12905c09642a}\InProcServer32]
@="C:\WINDOWS\system32\xtsyynm.dll"


»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

C:\WINDOWS\system32\xtsyynm.dll -> Hoax.Win32.Renos.gen.o
C:\WINDOWS\system32\xtsyynm.dll -> Deleted


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{C9D4CF9A-32D2-4378-AB37-DD0258F21EDF}: DhcpNameServer=68.87.68.162 68.87.74.162
HKLM\SYSTEM\CS1\Services\Tcpip\..\{C9D4CF9A-32D2-4378-AB37-DD0258F21EDF}: DhcpNameServer=68.87.68.162 68.87.74.162
HKLM\SYSTEM\CS3\Services\Tcpip\..\{C9D4CF9A-32D2-4378-AB37-DD0258F21EDF}: DhcpNameServer=68.87.68.162 68.87.74.162
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=68.87.68.162 68.87.74.162
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=68.87.68.162 68.87.74.162
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=68.87.68.162 68.87.74.162


»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» End




ComboFix 07-08-17.2 - "Shannon" 2007-08-17 22:22:00.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.42 [GMT -4:00]
* Created a new restore point


((((((((((((((((((((((((( Files Created from 2007-07-18 to 2007-08-18 )))))))))))))))))))))))))))))))


2007-08-17 22:18 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-17 21:55 3,816 --a------ C:\WINDOWS\SYSTEM32\tmp.reg
2007-08-17 21:48 786,432 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2007-08-17 21:48 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic
2007-08-17 21:48 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Jasc Software Inc
2007-08-17 21:39 53,248 --a------ C:\WINDOWS\SYSTEM32\Process.exe
2007-08-17 21:39 51,200 --a------ C:\WINDOWS\SYSTEM32\dumphive.exe
2007-08-17 21:39 288,417 --a------ C:\WINDOWS\SYSTEM32\SrchSTS.exe
2007-08-16 21:45 <DIR> d-------- C:\Program Files\Trend Micro
2007-08-15 23:45 60,496 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\Teefer.sys
2007-08-15 23:45 21,075 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\wpsdrvnt.sys
2007-08-15 23:45 14,568 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\wg6n.sys
2007-08-15 23:45 14,568 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\wg5n.sys
2007-08-15 23:45 14,568 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\wg4n.sys
2007-08-15 23:45 14,568 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\wg3n.sys
2007-08-15 23:42 83,096 --a------ C:\WINDOWS\SYSTEM32\SSSensor.dll
2007-08-15 23:39 <DIR> d-------- C:\Program Files\Sygate
2007-08-13 23:17 <DIR> d-------- C:\Program Files\SonicWallES
2007-08-13 16:59 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-08-13 16:26 <DIR> d-------- C:\Program Files\Lavasoft
2007-08-13 16:26 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
2007-08-13 16:22 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-08-12 13:58 512 --a------ C:\ScanSectorLog.dat
2007-08-12 12:52 <DIR> d-------- C:\DOCUME~1\Shannon\APPLIC~1\MailFrontier
2007-08-12 12:23 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
2007-08-12 12:21 4,212 ---h----- C:\WINDOWS\SYSTEM32\zllictbl.dat
2007-08-12 12:20 75,932 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\klick.dat
2007-08-12 12:20 75,248 --a------ C:\WINDOWS\zllsputility.exe
2007-08-12 12:20 74,396 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\klin.dat
2007-08-12 12:20 11,264 --a------ C:\WINDOWS\SYSTEM32\SpOrder.dll
2007-08-12 12:18 2,903,072 --ahs---- C:\WINDOWS\SYSTEM32\DRIVERS\fidbox.dat
2007-08-12 12:14 110,360 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\kl1.sys
2007-08-12 12:13 1,086,952 --a------ C:\WINDOWS\SYSTEM32\zpeng24.dll
2007-08-12 12:13 <DIR> d-------- C:\WINDOWS\SYSTEM32\ZoneLabs
2007-08-12 11:16 <DIR> d-------- C:\WINDOWS\Internet Logs
2007-08-11 23:10 626,688 --a------ C:\WINDOWS\SYSTEM32\msvcr80.dll
2007-08-11 22:36 <DIR> d-a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-17 22:13 --------- d-------- C:\DOCUME~1\Shannon\APPLIC~1\Skype
2007-08-17 21:44 39956 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2007-06-26 11:13 851968 --------- C:\WINDOWS\system32\dllcache\vgx.dll
2007-06-26 10:09 658944 --------- C:\WINDOWS\system32\dllcache\wininet.dll
2007-06-26 02:08 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-26 02:08 1104896 --------- C:\WINDOWS\system32\dllcache\msxml3.dll
2007-06-19 09:31 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-06-19 09:31 282112 --------- C:\WINDOWS\system32\dllcache\gdi32.dll
2007-06-14 14:09 96256 --------- C:\WINDOWS\system32\dllcache\inseng.dll
2007-06-14 14:09 615424 --------- C:\WINDOWS\system32\dllcache\urlmon.dll
2007-06-14 14:09 55808 --------- C:\WINDOWS\system32\dllcache\extmgr.dll
2007-06-14 14:09 532480 --------- C:\WINDOWS\system32\dllcache\mstime.dll
2007-06-14 14:09 474112 --------- C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-06-14 14:09 449024 --------- C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-06-14 14:09 39424 --------- C:\WINDOWS\system32\dllcache\pngfilt.dll
2007-06-14 14:09 357888 --------- C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-06-14 14:09 3058688 --------- C:\WINDOWS\system32\dllcache\mshtml.dll
2007-06-14 14:09 251392 --------- C:\WINDOWS\system32\dllcache\iepeers.dll
2007-06-14 14:09 205312 --------- C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-06-14 14:09 16384 --------- C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-06-14 14:09 151040 --------- C:\WINDOWS\system32\dllcache\cdfview.dll
2007-06-14 14:09 1494528 --------- C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-06-14 14:09 146432 --------- C:\WINDOWS\system32\dllcache\msrating.dll
2007-06-14 14:09 1054208 --------- C:\WINDOWS\system32\dllcache\danim.dll
2007-06-14 14:09 1023488 --------- C:\WINDOWS\system32\dllcache\browseui.dll
2007-06-14 10:07 18432 --------- C:\WINDOWS\system32\dllcache\iedw.exe
2007-06-13 06:23 1033216 --a------ C:\WINDOWS\explorer.exe
2007-06-13 06:23 1033216 --------- C:\WINDOWS\system32\dllcache\explorer.exe


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [2004-04-11 21:15]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 21:29]
"MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2006-01-11 15:05]
"MMTray"="C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe" [2006-01-17 16:03]
"UFD Monitor"="C:\Program Files\TwinMOS\Mobile Disk V3.0\MobMon.exe" [2002-11-28 15:41]
"UFD Utility"="C:\Program Files\TwinMOS\Mobile Disk V3.0\UsbTD.exe" [2002-12-04 11:37]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 19:18]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-09-20 13:35]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-09-20 13:32]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-09-20 13:36]
"FRISK FP-Scheduler"="C:\Program Files\FSI\F-Prot\F-Sched.exe" [2006-01-06 13:35]
"F-StopW"="C:\Program Files\FSI\F-Prot\F-StopW.EXE" [2006-01-06 13:35]
"mmtask"="C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe" [2006-01-17 16:03]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-04-06 13:42]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-03-14 19:05]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 21:54]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 19:40]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 11:09]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2006-03-04 01:47]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2006-10-13 18:20]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00]

C:\Documents and Settings\Shannon\Start Menu\Programs\Startup\
DESKTOP.INI [2004-08-10 14:04:12]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DESKTOP.INI [2004-08-10 14:04:12]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2004-10-09 15:39:22]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2006-03-04 01:47:40]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\KEM.exe [2005-11-01 01:37:18]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 02:01:04]

R0 FPA_RTP;FPA_RTP;C:\WINDOWS\system32\Drivers\FSTOPW.SYS
S2 BNBMOYOC;BNBMOYOC;\??\C:\WINDOWS\system32\bnbmoyoc.itb
S3 AlcrFilt;Alcor Micro Corp;\??\C:\WINDOWS\System32\Drivers\AlcrFilt.sys
S3 CCCP106;CIF USB Camera (2110A);C:\WINDOWS\system32\DRIVERS\cccp106.sys
S3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver;C:\WINDOWS\system32\DRIVERS\L8042mou.Sys


Contents of the 'Scheduled Tasks' folder
2007-08-11 13:32:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
2004-11-27 21:09:55 C:\WINDOWS\Tasks\ISP signup reminder 1.job - C:\WINDOWS\system32\OOBE\OOBEBALN.EXE

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-17 22:32:44
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-08-17 22:39:11

--- E O F ---

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:47:39 PM, on 8/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\FSI\F-Prot\fpavupdm.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\TwinMOS\Mobile Disk V3.0\MobMon.exe
C:\Program Files\TwinMOS\Mobile Disk V3.0\UsbTD.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\FSI\F-Prot\F-Sched.exe
C:\Program Files\FSI\F-Prot\F-StopW.EXE
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [UFD Monitor] C:\Program Files\TwinMOS\Mobile Disk V3.0\MobMon.exe
O4 - HKLM\..\Run: [UFD Utility] C:\Program Files\TwinMOS\Mobile Disk V3.0\UsbTD.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [FRISK FP-Scheduler] C:\Program Files\FSI\F-Prot\F-Sched.exe STARTUP
O4 - HKLM\..\Run: [F-StopW] C:\Program Files\FSI\F-Prot\F-StopW.EXE
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://supportsoft.adelphia.net/sdccommon/...ad/tgctlins.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O18 - Protocol: bw+0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: F-Prot Antivirus Update Monitor - FRISK Software - C:\Program Files\FSI\F-Prot\fpavupdm.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe

--
End of file - 19530 bytes

#4 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 18 August 2007 - 10:03 AM

Copy and paste the following blue text in the Quote box below into Notepad.
Click on File(in the menu at the top)>Save as../Save as Type: 'All Files' /File name: fix.reg to your desktop.
Then double click on the fix.reg file on your desktopPosted Imageand agree to merge the imformation into the registry,then restart your pc.

REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{a4029063-4fe3-422c-ac72-12905c09642a}"=-
[-HKEY_CLASSES_ROOT\CLSID\{a4029063-4fe3-422c-ac72-12905c09642a}\InProcServer32]
[-HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{a4029063-4fe3-422c-ac72-12905c09642a}\InProcServer32]

--------------------------------------------------

You have F-Stop/F-Prot and Mcafee installed.
Not a good idea to have more than one antivirus program installed on your computer.
Each program may interpret the actions of the other as viral, therefore giving you false virus warnings about virus-related activities.
It could also lead to system slowdowns and other problems within the operating system,due to the two conflicting with each other.
You should uninstall one or the other,then restart your pc.

You also have two third party firewalls installed,remove/uninstall one of them:
Sygate Personal Firewall
Zone Alarm


--------------------------------------------------

Download\install 'SuperAntiSpyware Home Edition Free Version' from here:
http://www.superantispyware.com/downloadfi...ANTISPYWAREFREE

Launch SuperAntiSpyware and click on 'Check for updates'.
Once the updates have been installed,exit SuperAntiSpyware.

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting 'Fix checked'.
Make sure all browser and all Windows Explorer windows are closed before fixing:
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)

Exit Hijackthis.

Start SuperAntiSpyware.
On the main screen click on 'Scan your computer'.
Check: 'Perform Complete Scan'.
Click 'Next' to start the scan.

Superantispyware will now scan your computer,when it's finished it will list all/any infections found.
Make sure everything found has a checkmark next to it,then press 'Next'.
Click on 'Finish' when you've done.

It's possible that the program will ask you to reboot in order to delete some files.

Obtain the SuperAntiSpyware log as follows:
Click on 'Preferences'.
Click on the 'Statistics/Logs' tab.
Under 'Scanner Logs' double click on 'SuperAntiSpyware Scan Log'.
It will then open in your default text editor,such as Notepad.
Copy and paste the contents of that report into your next reply.
Also post a new Hijackthis log,let me know how your pc is running now.

Posted Image
Posted Image

#5 chippie72

chippie72
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:11 PM

Posted 18 August 2007 - 01:28 PM

Richie - things seem to be much better, faster. superantispywear detected many infected files. The logs are attached. I still get a box that pops up right when I start the computer, but it is unrelated I guess since it has been popping up since before things went bad. It reads: RUNNER ERROR. Runner file name (logitechdesktopmessenger.exe) lacks a '-' (the app ID separator). Thanks again for your help - don't know what I would have done without you!!

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/18/2007 at 02:14 PM

Application Version : 3.9.1008

Core Rules Database Version : 3289
Trace Rules Database Version: 1300

Scan type : Complete Scan
Total Scan Time : 00:32:32

Memory items scanned : 413
Memory threats detected : 0
Registry items scanned : 5759
Registry threats detected : 0
File items scanned : 34588
File threats detected : 596

Adware.Tracking Cookie
C:\Documents and Settings\Shannon\Cookies\shannon@atdmt[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@adopt.euroclick[3].txt
C:\Documents and Settings\Shannon\Cookies\shannon@adserving.autotrader[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@casalemedia[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@mediaplex[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@doubleclick[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@bluestreak[3].txt
C:\Documents and Settings\Shannon\Cookies\shannon@advertising[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@2o7[3].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ads.cnn[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@msnportal.112.2o7[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@questionmarket[1].txt
C:\Documents and Settings\Anton\Cookies\anton@drivecleaner[2].txt
C:\Documents and Settings\Anton\Cookies\anton@go.drivecleaner[1].txt
C:\Documents and Settings\Anton\Local Settings\Temp\Cookies\anton@1.adbrite[1].txt
C:\Documents and Settings\Anton\Local Settings\Temp\Cookies\anton@adbrite[2].txt
C:\Documents and Settings\Anton\Local Settings\Temp\Cookies\anton@ads.pgatour[2].txt
C:\Documents and Settings\Anton\Local Settings\Temp\Cookies\anton@ads.pga[2].txt
C:\Documents and Settings\Anton\Local Settings\Temp\Cookies\anton@atdmt[2].txt
C:\Documents and Settings\Anton\Local Settings\Temp\Cookies\anton@casalemedia[2].txt
C:\Documents and Settings\Anton\Local Settings\Temp\Cookies\anton@doubleclick[1].txt
C:\Documents and Settings\Anton\Local Settings\Temp\Cookies\anton@drivecleaner[2].txt
C:\Documents and Settings\Anton\Local Settings\Temp\Cookies\anton@questionmarket[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@2o7[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@2o7[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@3.adbrite[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@a.websponsors[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ad.acceleratorusa[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ad.adtegrity[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ad.interclick[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ad.thewheelof[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ad.xplusone[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@adbrite[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@adopt.euroclick[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ads.adbrite[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ads.as4x.tmcs.ticketmaster[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ads.as4x.tmcs[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ads.cnn[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ads.expedia[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ads.ft[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ads.golfsurround[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ads.mediamayhemcorp[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ads.monster[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ads.morpheus[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ads.pgatour[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ads.pga[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ads.pointroll[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ads.pricescan[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ads.shopthescene[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ads.topix[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ads.us.e-planning[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ads.worldgolfchampionships[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ads.worldgolf[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@adserver.sassybella[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@adserver2.teracent[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@adserver[3].txt
C:\Documents and Settings\Shannon\Cookies\shannon@adserving.autotrader[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@adv.ecape[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@adv.medscape[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@adv.webmd[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@anad.tacoda[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@analytics.clickpathmedia[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@anat.tacoda[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@apmebf[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@atdmt[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@azoogleads[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@bizrate.co[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@bluestreak[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@click2houston[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@clickbank[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@clicksector[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@clickshift[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@clicksor[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@clicktime[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@clicktracks.aristotle[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@countercentral[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@couponcodes.tripod[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@creview.adbureau[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@dealtime.co[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@doubleclick[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@drivecleaner[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wak4ghdzmgq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wak4gjajelp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wak4ooajihp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wak4wocpmgp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wakoclazwaq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wakyohcpsho.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wal4endzaap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wal4wjdjmkq.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6waliagdpmfp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6walicidpckq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6waligjdzcgp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6waligpajseq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6walikjd5ebo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6waliwmcjggo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6walogjc5gho.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6walygidpcdo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6walygodpckp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6walykocjicp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6walykodpokp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wamiagajecp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wamispdpcfp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wamyqmdzaeo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wbk4wmdzicq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wbkyalazcfq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wbkywjczokq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wbl4kgc5ceo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wbliaod5okq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wblocgc5oep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wblocpczcdp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wblounczcep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wblowhazkbp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wblycocjoeq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wckickdpakq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfk4apdjcfo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfk4clcjilq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfk4enazclp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfk4goc5olo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfk4oicjecp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfk4omcjodq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfk4qiczkap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfk4qlazwlo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfk4sjajago.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfk4sndzafo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfk4wjdpeko.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkiclcjwcp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkicld5sdo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkiegdzkgq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkiejajglo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkigicjwho.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkigmajoap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkiklcjcbo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkiopdjiao.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkiopdjobo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkiqpazceq.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkishc5gep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkisjazccq.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkoaiczwlo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkoamdzsfp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkoaocjcap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkocpdjwgo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkokgazkep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkokjajicq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkoqlczego.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkoqodpccp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkoqpdzibp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkosocjcap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkouldjgap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkouod5obp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkowid5cdo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkownazmeq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkyokdzsho.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfkywjd5gfo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfl4agd5wcq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfl4coczmhp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfl4khdziho.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfl4kjcjofo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfl4klcjmap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfl4omdzoho.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfl4oncpwho.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfl4opazofo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfl4qiajego.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfl4umdpwlp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfliaod5kbo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wflicic5kap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfliemczaco.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfligicjmkp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfliogcjkfq.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfliojdjaap.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfliqkcjadp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wflisicjifq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfliukd5edq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfliwmajeko.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfloenczilo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wflognczkbo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfloogcjekp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfloold5gko.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfloqiczgbo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfloqlc5map.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfloupczwho.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wflyohajocq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wflyumd5sap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfmialazccp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfmikhajalo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfmikhd5olo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfmikic5kfp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfmioidjchq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfmishazgho.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfmislcpwhq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfmismczwep.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfmisoazedo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfmiujcjoao.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfmiupcpmkp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfmykhd5idp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfmyokczeap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfmyoldjggp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfmyopdjceo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wfmyuhdzckp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgk4agcjagp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgk4apczmcp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgk4cpcjgeo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgk4qlajglq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgk4qnc5aep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgk4ulajgko.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkiaicpilq.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkiamdzslp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkiehc5okp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkiehd5maq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkieidjgeo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkieoazoap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkigiczilo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkigmczeap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkikndzscp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkiqlcjghq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkiqocpeco.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkiqoczihq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkiskdjobq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkiuicjebp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkiujczaap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkiulajmho.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkoapazmgp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkochazolp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkoejc5whp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkogiazgeo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkogldzigp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkokid5obo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkokpcjgbp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkosldzigp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkouoajigq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkowlazobp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkowoajeap.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkyehdpaco.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkygiajehq.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkykodjcao.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkysldjsbq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkyunc5mgp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgkyuoazcho.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgl4cmcpwcq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgl4epcjolq.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgl4uoczcgq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgligpdjcdo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgliuhd5ocp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgloujd5kfo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgmiegdjagp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgmieocpolo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgmigld5wap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgmisiazabp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgmisld5sep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgmycmc5ceq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgmycndpkao.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgmykidjiep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgmyqmczcbq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wgmyqocjgko.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whk4umajagp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whkiagajkko.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whkikidzmbq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whkiolc5olp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whkoemdpmgp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whkouhczkcp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whkyaoczmdq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whkywgc5efo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whl4omdpmgo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whliejdjihp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whliqidpmbo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whlokpczadp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whloumdpilp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whlyghdzeap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whlygkazkfo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whlykid5ekp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whlyqkczmeo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whlyskdpkko.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whlyukazoep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whmiaidjodq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whmiqpdpmeo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whmiwkajgeo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whmiwkczsdq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whmycldzcbq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whmycocpwbp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whmycpdjgkp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whmyejcpklo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6whmysndjigo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4aodpiap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4cgajabp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4cidjmao.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4cldzmbq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4cndzwep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4epdjohq.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4ggc5wgp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4ghdpskp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4gjdjsfo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4gjdzoco.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4gkdjohq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4gmcjmkp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4gpc5sep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4khdzghq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4kmczccp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4ohczolo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4ojcpkbq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4ojd5clo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4okdzgcq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4opd5ceq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4qmdzwkp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4qndjmfp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4sgazskp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4sic5mdo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4uid5wko.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4uidzmco.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4undjadq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4undpgbo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4widjifq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjk4wlazwlo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkoakcpkko.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkoaldjagq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkocgc5ggq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkocjazcap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkoehajcgq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkoeidzodo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkoenajodp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkoepazmgo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkoepdjwao.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkokjcpwdp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkoklcpslq.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkokmdpago.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkokpcjaho.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkoondzsao.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkoooczihp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkoopczodp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkoqicjchp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkoqicjebp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkoqlc5gbq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkoqnczodo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkosicpkgo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkosndpobp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkouiajmco.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkowldzago.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkowmajwco.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkowndjwbp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkowodzcbq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkyajajoco.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkyajazkcp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkyalajsep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkyaocjmeq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkycgajwgq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkycgdpkdq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkycidzebp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkycmc5elp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkycmcjwdp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkycmcpebp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkycocpkcp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkyemajeep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkyenczwhp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkyggdzobp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkygiazkeq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkykgczodq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkykoc5wao.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkyogdzkdp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkyojazgbp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkyokajglo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkyomdjghq.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkyonc5wbo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkyoncjclq.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkyqpazafp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkysidjscq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkyslajwlp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkyulcpakp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkyuldjskp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkyumazakp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjkywldpgfp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjl4apczafo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjl4kjdpckp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjl4kkc5elo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjl4sgdpofp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjl4sic5efq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjl4umdjeho.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjl4uoczibp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjl4whcjieo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjl4wiczckp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjl4widpwco.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjliahdzgfo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjliajczolp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjliakazgdo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjliancpibp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlichdjedp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjliclajcep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjliegdjkeq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlieidpwbp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjliekdjcgo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjliencpsko.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlienczafo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlighajkap.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjligjd5wbo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlikmczckq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlikmd5mko.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlikndzgco.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjliqpazocp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlisgcpoeq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlisoajmho.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlisocjibp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlisocpklp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjliugdjedq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjliuidpchq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjliwldjmeo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjloalcjggp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjloandzmcp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjloaoc5ocq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjloapazmao.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlocgdjsep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlocjc5gko.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlockdpwfq.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjloejazgho.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjloemdpabp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlokidpohq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjloojc5ibo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjloqic5wdp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjloqpd5sdq.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlosgazcao.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjloskdpelo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjloslazmgp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlouocpaap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlowgcpwco.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlyaidpalo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlyalcjcfq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlyamdpoep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlyclazmhp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlyegdzwhp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlyeicjwcq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlyelczaao.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlygpazskp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlykgcjgco.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlykocjohq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlyogd5mdo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlyoidjgdo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlyoidpwbp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlyqidpwlo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlyqjd5ccp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlyqmazkcp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlysgczmfp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlysjazskp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjlysnd5mgo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjmichcjadp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjmicmajkhq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjmicpcjkep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjmiklcjccq.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjmiopd5ekp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjmisid5ghq.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjmiskczwgo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjmisncjodq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjmiwnczaap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjmyaic5ekp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjmyamc5wdo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjmyancjafq.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjmyapc5ido.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjmyapc5keq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjmyehdpkcp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjmyeocpoap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjmyopajolo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjmywnc5ico.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjny-1gcpob.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjny-1iczak.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjny-1idzca.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjny-1jajcb.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjny-1jc5ed.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjny-1kdpoc.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjny-1lcjke.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjny-1mazwk.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjny-1ndpob.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjny-1pcjwa.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjny-1pdjcg.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjny-1sdjoc.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyagd5kep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyalcjaho.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyalcpohp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyalcpsho.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyamdpokp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyancpmcp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyaoc5igo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyaocjwaq.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyaodpoaq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyapc5gdo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyapd5eeq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnychazslq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnycjc5ako.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyclajekp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyclcjkep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnycmdjafp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnycpdzkdo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyehc5mdp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyeiczkeo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyeidjago.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyekdzeco.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyelczmhp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyeldzibp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyemcjsep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyemczehp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyggajslq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyggcpeco.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnygmajgbo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnygncjsfo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnygpc5keo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyogd5kgo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyogdjodq.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyohd5alp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyohd5iap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyohdpggq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyoldpmbo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyomcpkcq.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyqgcpmeo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyqhd5ilo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyqicjgbq.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyqldpggp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyqmdzibo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyqncpeep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyqocjogo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyqoczakq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyqodjgep.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyqpdpiap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyqpdpibo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyshdzcbo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnysiajmco.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnysiczkap.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnysid5sdo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnysidzwgo.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnysjc5shp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnysmcpwho.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnysmdjoao.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnysnajwbp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyujczabo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyujdzmfo.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyulazehp.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnyumdpkap.stats.esomniture[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnywgdpwfq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnywlcpwgq.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnywndpkhp.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@e-2dj6wjnywoc5mho.stats.esomniture[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@easy-hit-counters[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@eclicknetwork[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@ehg-optionsxpress.hitbox[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@findwhat[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@go.drivecleaner[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@go.winantivirus[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@hollywoodteenmovies.freestats[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@icc.intellisrv[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@indexstats[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@interclick[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@kanoodle[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@media3.sitebrand[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@media6.sitebrand[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@medianewsgroup[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@members.tripod[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@partner2profit[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@pointroll[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@popundersupply[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@primedia.us.intellitxt[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@psocci.freestats[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@qnsr[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@questionmarket[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@refinish-antiques.tripod[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@reztrack[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@rfis1.tripod[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@rmbclick[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@s.clickability[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@secretsexguide[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@specificclick[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@Stats[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@tacoda[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@thinkmedia[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@toutmedia[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@track.bestbuy[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@track.engineworks[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@track.searchignite[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@track.websitetrafficreport[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@tracker.espsoftware[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@tracker.myspacemaps[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@tracking.foxnews[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@tracking.homeportfolio[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@track[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@tremor.adbureau[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@tripod[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@valueclick[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@vhost.oddcast[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@weborama[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@winantivirus[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@www.click2houston[1].txt
C:\Documents and Settings\Shannon\Cookies\shannon@www.eliteatlanta[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@www.eztrackz[2].txt
C:\Documents and Settings\Shannon\Cookies\shannon@www.mediabakery[1].txt

Trojan.Unknown Origin
C:\DOCUMENTS AND SETTINGS\ANTON\LOCAL SETTINGS\TEMP\LAF4.EXE

Trojan.Media-Codec/V3
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP845\A0087342.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP845\A0087990.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP845\A0088008.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP846\A0088209.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP846\A0089006.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP847\A0089059.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP847\A0089068.EXE

Malware.VirusProtectPro
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP845\A0087968.EXE

Trojan.Smitfraud Variant
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP852\A0091596.DLL




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:26:45 PM, on 8/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\TwinMOS\Mobile Disk V3.0\MobMon.exe
C:\Program Files\TwinMOS\Mobile Disk V3.0\UsbTD.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [UFD Monitor] C:\Program Files\TwinMOS\Mobile Disk V3.0\MobMon.exe
O4 - HKLM\..\Run: [UFD Utility] C:\Program Files\TwinMOS\Mobile Disk V3.0\UsbTD.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://supportsoft.adelphia.net/sdccommon/...ad/tgctlins.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O18 - Protocol: bw+0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {59ABAC97-F60B-4540-A32C-5638BB95CD96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

--
End of file - 18756 bytes

#6 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 18 August 2007 - 02:02 PM

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting 'Fix checked'.
Make sure all browser and all Windows Explorer windows are closed before fixing:
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)

Other than the above your log is clean,hows your pc running now.
Posted Image
Posted Image

#7 chippie72

chippie72
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:11 PM

Posted 18 August 2007 - 02:38 PM

Richie - All looks fine. The computer is running faster and everything seems normal. You have been great - I really appreciate all your help.

#8 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 18 August 2007 - 04:52 PM

Your log is clean :thumbsup:
If all's ok,please do the following.

Find and delete:
SmitfraudFix.exe
fix.reg
Combofix.exe

C:\rapport.txt
C:\Qoobox

Download ATF Cleaner by Atribune:
http://www.atribune.org/ccount/click.php?id=1

Double-click ATF-Cleaner.exe to run the program.
Click 'Select All' found at the bottom of the list.
Click the 'Empty Selected' button.

If you use Firefox browser, do this also:
Click Firefox at the top and choose 'Select All' from the list.
Click the 'Empty Selected' button.
NOTE:
If you would like to keep your saved passwords,please click 'No' at the prompt.

If you use Opera browser,do this also:
Click Opera at the top and choose 'Select All' from the list.
Click the 'Empty Selected' button.
NOTE:
If you would like to keep your saved passwords,please click 'No' at the prompt.

Click 'Exit' on the Main menu to close the program.

--------------------------------------------------

Click on Start/All Programs/Accessories/System Tools/System Restore.
In the 'System Restore' window,click on the 'Create a Restore Point' button,then click 'Next'.
In the window that appears,enter a description\name for the Restore Point,then click on 'Create',wait,then click 'Close'.
The date and time will be created automatically.

Next click on Start/All Programs/Accessories/System Tools/Disk Cleanup.
The 'Select Drive' box will appear,click on Ok.
The 'Disk Cleanup for [C:]' box will appear,click on the 'More Options' tab.
At the bottom in the 'System Restore' window,click on the 'Clean up...' button.
A box will pop up 'Are you sure you want to delete all but the most recent restore point?',click on 'Yes'.
Click on 'Yes' at 'Are you sure you want to perform these actions?'.
Now wait until 'Disk Cleanup' finishes and the box disappears.

Read through the information found here,to help you prevent any possible future infections.
'How to prevent Malware' by miekiemoes:
http://users.telenet.be/bluepatchy/miekiem...prevention.html
Posted Image
Posted Image

#9 chippie72

chippie72
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:11 PM

Posted 18 August 2007 - 08:20 PM

did it all - thank you again :thumbsup:

#10 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 18 August 2007 - 08:47 PM

You're welcome :thumbsup:

This thread will now be closed.
If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you.
Include the address of this thread in your request.
If you should have a new issue, please start a new topic.
This applies only to the original topic starter.
Everyone else please begin a New Topic.
Posted Image
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users