1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Yuppers w32.Myzor.FK@yf Infected me also

Discussion in 'Windows - Virus and spyware problems' started by JaiQwan, Oct 7, 2006.

  1. JaiQwan

    JaiQwan Guest

    Hello all, after doing some searching on this Frelled up infection here, I came across this lovely forum, but im not sure if i need to follow the same steps as others on here. I would greatly appreciate any help I can get with this issue.

    thanks much
    Dre

    Okay below is the log file I got from SmitfraudFix, I also downloaded avgas-setup-7.5.0.47 from this web site link http://www.ewido.net/en/download/. I have not installed it yet, Im not sure if I will need to, but I got it just incase. And I also downloaded KillBox just incase.

    SmitFraudFix v2.105

    Scan done at 17:01:29.89, Sat 10/07/2006
    Run from C:\Documents and Settings\Patty\Desktop\SmitfraudFix
    OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
    Fix run in normal mode

    »»»»»»»»»»»»»»»»»»»»»»»» C:\


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

    C:\WINDOWS\system32\httge.dll FOUND !

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Patty


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Patty\Application Data


    »»»»»»»»»»»»»»»»»»»»»»»» Start Menu

    C:\DOCUME~1\ALLUSE~1\STARTM~1\Online Security Guide.url FOUND !
    C:\DOCUME~1\ALLUSE~1\STARTM~1\Security Troubleshooting.url FOUND !

    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Patty\FAVORI~1


    »»»»»»»»»»»»»»»»»»»»»»»» Desktop

    C:\DOCUME~1\ALLUSE~1\Desktop\Online Security Guide.url FOUND !
    C:\DOCUME~1\ALLUSE~1\Desktop\Security Troubleshooting.url FOUND !

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

    C:\Program Files\VirusBurster\ FOUND !

    »»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


    »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="My Current Home Page"


    »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    "{7be183d2-a42d-4915-bf60-ec86fbf002cf}"="horologium"

    [HKEY_CLASSES_ROOT\CLSID\{7be183d2-a42d-4915-bf60-ec86fbf002cf}\InProcServer32]
    @="C:\WINDOWS\system32\httge.dll"

    [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{7be183d2-a42d-4915-bf60-ec86fbf002cf}\InProcServer32]
    @="C:\WINDOWS\system32\httge.dll"



    »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
    !!!Attention, following keys are not inevitably infected!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"="4APPINITSOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\WindowsAppInit_DLLs,wbsys.dll"


    »»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32


    »»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


    »»»»»»»»»»»»»»»»»»»»»»»» End
     
    JaiQwan, Oct 7, 2006
    #1
  2. Niobis

    Niobis Active member

    Joined:
    Jan 30, 2005
    Messages:
    2,326
    Likes Received:
    0
    Trophy Points:
    66
    Hello JaiQwan, welcome to Afterdawn! Hopefully, we won't need KillBox, but I like the thinking ahead. Saves us some time. :)

    First download HijackThis.
    Create a folder in C: for it.
    Extract the file to the new folder.
    Do not run it until after cleaning.

    Install and update AVG Anti-spyware.
    Reboot your computer in Safe Mode (before the Windows icon appears, tap the F8 key continually)

    * Double-click smitfraudfix.cmd
    * Select 2 and hit Enter to delete infect files.
    * You will be prompted: Do you want to clean the registry ? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.
    * The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): Replace infected file ? answer Y (yes) and hit Enter to restore a clean file.
    * A reboot may be needed to finish the cleaning process. The report can be found at the root of the system drive, usually at C:\rapport.txt.

    In safe mode run a complete system scan with AVG AS. When it finishes, set all items to "quarantine" then click "Apply all actions".
    Click "Save report" and save it to the desktop.

    Restart in normal mode and open HijackThis.exe.
    Click "Do a system scan and save a log file".

    Post the contents of rapport.txt, the AVG report and the HijackThis log.
     
    Niobis, Oct 7, 2006
    #2
  3. JaiQwan

    JaiQwan Guest

    Niobis Hello and thank you for your quick reply.
    Okay here we go, a day later but nonethe less here we go, I was getting tired yesterday and needed to get some sleep, seeing as I had to be in work for 2300 last night, But I did finish everything and hope it all looks good, and I must say that my system seems to be running much better so far.

    And now for the Drummer Roll,,,,,,,,,,,,,
    Also I have Hijackthis open still.

    SmitFraudFix v2.105

    Scan done at 18:22:11.79, Sat 10/07/2006
    Run from C:\Documents and Settings\Patty\Desktop\SmitfraudFix
    OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
    Fix run in safe mode

    »»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    "{7be183d2-a42d-4915-bf60-ec86fbf002cf}"="horologium"

    [HKEY_CLASSES_ROOT\CLSID\{7be183d2-a42d-4915-bf60-ec86fbf002cf}\InProcServer32]
    @="C:\WINDOWS\system32\httge.dll"

    [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{7be183d2-a42d-4915-bf60-ec86fbf002cf}\InProcServer32]
    @="C:\WINDOWS\system32\httge.dll"


    »»»»»»»»»»»»»»»»»»»»»»»» Killing process


    »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

    GenericRenosFix by S!Ri

    C:\WINDOWS\system32\httge.dll -> Hoax.Win32.Renos.gen.e
    C:\WINDOWS\system32\httge.dll -> Deleted


    »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

    C:\DOCUME~1\ALLUSE~1\Desktop\Online Security Guide.url Deleted
    C:\DOCUME~1\ALLUSE~1\Desktop\Security Troubleshooting.url Deleted
    C:\DOCUME~1\ALLUSE~1\STARTM~1\Online Security Guide.url Deleted
    C:\DOCUME~1\ALLUSE~1\STARTM~1\Security Troubleshooting.url Deleted
    C:\Program Files\VirusBurster\ Deleted

    »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


    »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

    Registry Cleaning done.

    »»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll


    »»»»»»»»»»»»»»»»»»»»»»»» End

    ---------------------------------------------------------
    AVG Anti-Spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 10:57:51 AM 10/8/2006

    + Scan result:



    C:\Program Files\Screensavers.com\Installer\bin\ScreensaversInst.dll -> Adware.Comet : Cleaned with backup (quarantined).
    HKU\S-1-5-21-117609710-1960408961-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{479FD0CF-5BE9-4C63-8CDA-B6D371C67BD5} -> Adware.Generic : Cleaned with backup (quarantined).
    HKU\S-1-5-21-117609710-1960408961-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5929CD6E-2062-44A4-B2C5-2C7E78FBAB38} -> Adware.Generic : Cleaned with backup (quarantined).
    C:\Program Files\iWon\iWonBar\6.bin\IWONBAR.DLL -> Adware.IWon : Cleaned with backup (quarantined).
    D:\New Briefcase\My Downloads\iwon\iWonPMSetup_12_1,0,2,5.exe -> Adware.IWon : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\ScreensaversInstaller.Installer -> Adware.Screensavers : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\ScreensaversInstaller.Installer.1 -> Adware.Screensavers : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\ScreensaversInstaller.Installer\CLSID -> Adware.Screensavers : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\ScreensaversInstaller.Installer\CurVer -> Adware.Screensavers : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\ScreensaversInstaller.Sinstaller -> Adware.Screensavers : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\ScreensaversInstaller.Sinstaller.1 -> Adware.Screensavers : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\ScreensaversInstaller.Sinstaller\CLSID -> Adware.Screensavers : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\ScreensaversInstaller.Sinstaller\CurVer -> Adware.Screensavers : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ScreensaversInstaller -> Adware.Screensavers : Cleaned with backup (quarantined).
    D:\New Briefcase\My Downloads\Games\Hitman\Hitman2SilentAssassinSetup-dm.exe -> Adware.Trymedia : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{45339580-F825-4A70-BB2A-DAD917310C9F}\RP534\A0240771.dll -> Downloader.Agent.ayq : Cleaned with backup (quarantined).
    C:\Documents and Settings\Andre\AOW_DEMO_EURO\actofwar.exe -> Heuristic.Win32.Backdoor.IrcBot : Cleaned with backup (quarantined).
    D:\Demo Games\Act Of War\AOW_DEMO_EURO\actofwar.exe -> Heuristic.Win32.Backdoor.IrcBot : Cleaned with backup (quarantined).
    C:\WINDOWS\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.Downloader.Win32.PopCap.b : Cleaned with backup (quarantined).
    C:\Documents and Settings\Patty\Cookies\patty@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
    :mozilla.20:C:\Documents and Settings\Patty\Application Data\Mozilla\Firefox\Profiles\isst7tc5.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.24:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.25:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.26:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.27:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.28:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.29:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.30:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.31:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.32:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@educationsuccess.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@onlythebest.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@aia.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@buildabear.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@chicagosuntimes.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@cnn.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@logodesignpros.122.2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@pch.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@usatoday1.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@buildabear.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@cnn.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@entrepreneur.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@ford.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@giftscom.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@incredimailltd.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@journalregistercompany.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@redcats.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@dssatlascreditgroup.aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@getmusicfree.aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@grouplotto.aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@usap.aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@admarketplace[2].txt -> TrackingCookie.Admarketplace : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@admarketplace[2].txt -> TrackingCookie.Admarketplace : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.55:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
    :mozilla.56:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
    :mozilla.81:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.82:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.83:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@servedby.advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@adviva[2].txt -> TrackingCookie.Adviva : Cleaned.
    :mozilla.139:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.15:C:\Documents and Settings\Patty\Application Data\Mozilla\Firefox\Profiles\isst7tc5.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.95:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Bfast : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@bfast[1].txt -> TrackingCookie.Bfast : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@bfast[1].txt -> TrackingCookie.Bfast : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@ads12.bpath[1].txt -> TrackingCookie.Bpath : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@citi.bridgetrack[1].txt -> TrackingCookie.Bridgetrack : Cleaned.
    :mozilla.42:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies-1.txt -> TrackingCookie.Burstbeacon : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@centrport[1].txt -> TrackingCookie.Centrport : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@cz5.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@cz7.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@vip.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@cz5.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@cz7.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@com[1].txt -> TrackingCookie.Com : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@com[1].txt -> TrackingCookie.Com : Cleaned.
    :mozilla.154:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@twci.coremetrics[1].txt -> TrackingCookie.Coremetrics : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@test.coremetrics[1].txt -> TrackingCookie.Coremetrics : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@twci.coremetrics[1].txt -> TrackingCookie.Coremetrics : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@www.directnetadvertising[1].txt -> TrackingCookie.Directnetadvertising : Cleaned.
    :mozilla.16:C:\Documents and Settings\Patty\Application Data\Mozilla\Firefox\Profiles\isst7tc5.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
    :mozilla.18:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
    :mozilla.79:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@e-2dj6wfk4qjd5seo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@e-2dj6wjl4qkazmko.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@e-2dj6wjloepc5obp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@e-2dj6wfkyohdzmaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@e-2dj6wfloujczicp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@e-2dj6wjk4wncjwko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@e-2dj6wjl4widzodo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@e-2dj6wjlygjazseo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@e-2dj6wjlyqgd5afq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@sel.as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@media.fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@media.fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.155:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Gamershell : Cleaned.
    :mozilla.156:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Gamershell : Cleaned.
    :mozilla.38:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.40:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.105:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.123:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.59:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.60:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.85:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@ehg-aha.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@ehg-gamespot.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@ehg-globalgamingleague.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@ehg-hollywood.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@ehg-newegg.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@ehg-newscientist.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@ehg-chrysler.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@ehg-corusentertainment.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@ehg-dig.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@ehg-foxmovies.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@ehg-hasbro.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@ehg-leapfrog.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@ehg-legacy.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@ehg-legonewyorkinc.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@ehg-lowermybills.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@ehg-melbourneit.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@ehg-sonycomputer.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@ehg-sonymusic.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@ehg-ushumanesociety.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@ehg.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@hg1.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@ehg-adteractive.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@ehg-clearchannel.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@ehg-dig.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@ehg-etoys.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@ehg-mobizzo.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@ehg-nestleusainc.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@ehg-pennwell.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@hg1.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@counter2.hitslink[1].txt -> TrackingCookie.Hitslink : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@counter.hitslink[2].txt -> TrackingCookie.Hitslink : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@counter2.hitslink[2].txt -> TrackingCookie.Hitslink : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@hotlog[1].txt -> TrackingCookie.Hotlog : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@linksynergy[2].txt -> TrackingCookie.Linksynergy : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@sales.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@sales.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
    :mozilla.19:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
    :mozilla.20:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@www.myaffiliateprogram[2].txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned.
    :mozilla.10:C:\Documents and Settings\Patty\Application Data\Mozilla\Firefox\Profiles\isst7tc5.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.11:C:\Documents and Settings\Patty\Application Data\Mozilla\Firefox\Profiles\isst7tc5.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.52:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.53:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.8:C:\Documents and Settings\Patty\Application Data\Mozilla\Firefox\Profiles\isst7tc5.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@data1.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@overture[2].txt -> TrackingCookie.Overture : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@data1.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@data2.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@data4.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@overture[2].txt -> TrackingCookie.Overture : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@data4.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@overture[2].txt -> TrackingCookie.Overture : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@paycounter[1].txt -> TrackingCookie.Paycounter : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@paycounter[1].txt -> TrackingCookie.Paycounter : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.21:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
    :mozilla.22:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@qksrv[2].txt -> TrackingCookie.Qksrv : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@qksrv[2].txt -> TrackingCookie.Qksrv : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@web4.realtracker[1].txt -> TrackingCookie.Realtracker : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@revenue[1].txt -> TrackingCookie.Revenue : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@revenue[2].txt -> TrackingCookie.Revenue : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@revenue[1].txt -> TrackingCookie.Revenue : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@sexlist[2].txt -> TrackingCookie.Sexlist : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@counter10.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@counter11.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@counter12.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@counter13.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@counter15.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@counter2.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@counter3.sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@counter4.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@counter6.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@counter7.sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@counter12.sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@counter13.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@counter2.sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@counter4.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@counter7.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@counter9.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@spylog[2].txt -> TrackingCookie.Spylog : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@spylog[1].txt -> TrackingCookie.Spylog : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@h.starware[2].txt -> TrackingCookie.Starware : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@try.starware[1].txt -> TrackingCookie.Starware : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@www.starware[1].txt -> TrackingCookie.Starware : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@h.starware[2].txt -> TrackingCookie.Starware : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@try.starware[1].txt -> TrackingCookie.Starware : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@www.starware[1].txt -> TrackingCookie.Starware : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@anat.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@focusin.ads.targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@login.tracking101[1].txt -> TrackingCookie.Tracking101 : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.12:C:\Documents and Settings\Patty\Application Data\Mozilla\Firefox\Profiles\isst7tc5.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.13:C:\Documents and Settings\Patty\Application Data\Mozilla\Firefox\Profiles\isst7tc5.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.14:C:\Documents and Settings\Patty\Application Data\Mozilla\Firefox\Profiles\isst7tc5.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.54:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@a.tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@valueclick[2].txt -> TrackingCookie.Valueclick : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@vegasred[1].txt -> TrackingCookie.Vegasred : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@www.vegasred[1].txt -> TrackingCookie.Vegasred : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@web-stat[1].txt -> TrackingCookie.Web-stat : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@web-stat[2].txt -> TrackingCookie.Web-stat : Cleaned.
    :mozilla.36:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
    :mozilla.37:C:\Documents and Settings\Andre\Application Data\Mozilla\Firefox\Profiles\hzzmkk3o.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@xxxcounter[2].txt -> TrackingCookie.Xxxcounter : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
    C:\Documents and Settings\Andre\Cookies\andre@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
    C:\Documents and Settings\Angie n Sammie\Cookies\angie n sammie@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
    C:\Documents and Settings\Patty\Cookies\patty@zedo[1].txt -> TrackingCookie.Zedo : Cleaned.
    C:\System Volume Information\_restore{45339580-F825-4A70-BB2A-DAD917310C9F}\RP534\A0240785.dll -> Worm.Bagle.fd : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{45339580-F825-4A70-BB2A-DAD917310C9F}\RP534\A0240792.exe -> Worm.Bagle.fe : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{45339580-F825-4A70-BB2A-DAD917310C9F}\RP534\A0240793.exe -> Worm.Bagle.fe : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{45339580-F825-4A70-BB2A-DAD917310C9F}\RP534\A0240794.exe -> Worm.Bagle.fe : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{45339580-F825-4A70-BB2A-DAD917310C9F}\RP534\A0240795.exe -> Worm.Bagle.fe : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{45339580-F825-4A70-BB2A-DAD917310C9F}\RP534\A0240796.exe -> Worm.Bagle.fe : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{45339580-F825-4A70-BB2A-DAD917310C9F}\RP534\A0240797.exe -> Worm.Bagle.fe : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{45339580-F825-4A70-BB2A-DAD917310C9F}\RP534\A0240798.exe -> Worm.Bagle.fe : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{45339580-F825-4A70-BB2A-DAD917310C9F}\RP534\A0240776.exe -> Worm.Bagle.ff : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{45339580-F825-4A70-BB2A-DAD917310C9F}\RP534\A0240777.exe -> Worm.Bagle.ff : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{45339580-F825-4A70-BB2A-DAD917310C9F}\RP534\A0240778.exe -> Worm.Bagle.ff : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{45339580-F825-4A70-BB2A-DAD917310C9F}\RP534\A0240779.exe -> Worm.Bagle.ff : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{45339580-F825-4A70-BB2A-DAD917310C9F}\RP534\A0240780.exe -> Worm.Bagle.ff : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{45339580-F825-4A70-BB2A-DAD917310C9F}\RP534\A0240781.exe -> Worm.Bagle.ff : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{45339580-F825-4A70-BB2A-DAD917310C9F}\RP534\A0240782.exe -> Worm.Bagle.ff : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{45339580-F825-4A70-BB2A-DAD917310C9F}\RP534\A0240783.exe -> Worm.Bagle.ff : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{45339580-F825-4A70-BB2A-DAD917310C9F}\RP534\A0240784.exe -> Worm.Bagle.ff : Cleaned with backup (quarantined).


    ::Report end

    Logfile of HijackThis v1.99.1
    Scan saved at 11:04:42 AM, on 10/8/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Stardock\SDMCP.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
    C:\Program Files\RivaTuner v2.0 RC 15.8\RivaTuner.exe
    C:\Program Files\ASUS\Ai Booster\OverClk.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Logitech\G-series Software\LGDCore.exe
    C:\Program Files\Logitech\G-series Software\LCDMon.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Program Files\CursorXP\CursorXP.exe
    C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
    C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Hijackthis\HijackThis_v1.99.1.exe
    C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    C:\WINDOWS\system32\MsiExec.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://localhost;
    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
    O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
    O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: iWon Co-Pilot BHO - {C298FB42-E3E2-11D3-ADCD-0050DAC24E8F} - C:\Program Files\iWon\iWonBar\6.bin\IWONBAR.DLL (file missing)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
    O3 - Toolbar: i&Won Co-Pilot - {CA0B9B71-C2AF-11D3-B376-0800460222F0} - C:\Program Files\iWon\iWonBar\6.bin\IWONBAR.DLL (file missing)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
    O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\Asus\Asus Probe\AsusProb.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [RivaTuner] "C:\Program Files\RivaTuner v2.0 RC 15.8\RivaTuner.exe" /T
    O4 - HKLM\..\Run: [Launch Ai Booster] "C:\Program Files\ASUS\Ai Booster\OverClk.exe"
    O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
    O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"
    O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
    O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
    O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
    O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
    O4 - Startup: BJ Status Monitor Canon MP760 Series Printer.lnk = C:\Documents and Settings\Patty\cnmss Canon MP760 Series Printer (Local).exe
    O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSYYYYYYYYUS
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
    O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
    O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-30.cab
    O16 - DPF: {4EE301F2-2A6A-4BE0-9FBD-97CDAA40E3E4} - http://i1img.com/images/nocache/copilot/i1initialsetup1.0.0.5.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1116848227076
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1145031782109
    O16 - DPF: {82202BE7-C56A-487E-9E55-D84BDC1A5776} - http://install.anark.com/client/version1/windows-ie/en/AMClient.cab
    O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://cdn.messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
    O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
    O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.7) - http://gameadvisor.futuremark.com/global/msc37.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
    O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www5.incredimail.com/contents/setup/downloader_t2/imloader.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15021/CTPID.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - AppInit_DLLs: 4APPINITSOFTWARE\Microsoft\Windows NT\CurrentVersion\WindowsAppInit_DLLs,wbsys.dll
    O20 - Winlogon Notify: MCPClient - C:\Program Files\Common Files\Stardock\mcpstub.dll
    O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\wbsrv.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
     
    JaiQwan, Oct 8, 2006
    #3
  4. Niobis

    Niobis Active member

    Joined:
    Jan 30, 2005
    Messages:
    2,326
    Likes Received:
    0
    Trophy Points:
    66
    Turn off System Restore.
    Right click My Computer > Properties > Sysytem Restore tab > check "Turn off System Restore".
    Click OK.

    Run a scan only with HijackThis, check these(if there):

    [bold]R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)

    O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)

    O2 - BHO: iWon Co-Pilot BHO - {C298FB42-E3E2-11D3-ADCD-0050DAC24E8F} - C:\Program Files\iWon\iWonBar\6.bin\IWONBAR.DLL (file missing)

    O3 - Toolbar: i&Won Co-Pilot - {CA0B9B71-C2AF-11D3-B376-0800460222F0} - C:\Program Files\iWon\iWonBar\6.bin\IWONBAR.DLL (file missing)

    O3 - Toolbar: i&Won Co-Pilot - {CA0B9B71-C2AF-11D3-B376-0800460222F0} - C:\Program Files\iWon\iWonBar\6.bin\IWONBAR.DLL (file missing)

    O16 - DPF: {4EE301F2-2A6A-4BE0-9FBD-97CDAA40E3E4} - http://i1img.com/images/nocache/copilot/i1initialsetup1.0.0.5.cab [/bold]

    Close all windows except HijackThis then click "Fix checked"
    Close HijackThis.

    Go here and download [bold]CCleaner[/bold].

    [bold]Note[/bold]: If you do not want Yahoo! Toolbar uncheck the option when installing.

    Close all windows.
    Open CCleaner.
    Click "Run Cleaner".

    Java is out of date.
    Go here and download [bold]Java Runtime Environment 5.0 Update 9[/bold].
    Uninstall all previous versions of JRE via Add/Remove Programs.
    Restart and install Update 9.

    How are things?
     
    Niobis, Oct 8, 2006
    #4
  5. JaiQwan

    JaiQwan Guest

    Excuse the delayed reply, I must have slept closae to 12 hrs after I got home yesterday, but its all done.

    I did as you stated in your last reply, and all is working very good, Thank you Much for your help, If you need me to post any of the reports just let me know okay.

    Thank again Niobis.

    Dre
     
    JaiQwan, Oct 9, 2006
    #5
  6. Niobis

    Niobis Active member

    Joined:
    Jan 30, 2005
    Messages:
    2,326
    Likes Received:
    0
    Trophy Points:
    66
    Glad to hear that and you're welcome.

    Good luck! :)
     
    Niobis, Oct 9, 2006
    #6

Share This Page