Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:58:45 AM, on 5/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\WINDOWS\system32\nvsvc32.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\internet explorer\iexplore.exe
C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\XV5IDTUJ\HiJackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {12465D45-0AF5-4144-813E-31C1717A3E6D} - C:\WINDOWS\system32\awttttSk.dll (file missing)
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O2 - BHO: (no name) - {54CC9E4F-8C8D-4D84-8095-ADF3DF499FFF} - C:\WINDOWS\system32\fccBUOEV.dll (file missing)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: {ca6b7795-81d9-a119-e474-5e19c1afbbb6} - {6bbbfa1c-91e5-474e-911a-9d185977b6ac} - C:\WINDOWS\system32\rlposcxm.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {89BB8E18-EDDA-437E-B3DB-9EA980E07966} - C:\WINDOWS\system32\xxywwvvt.dll
O2 - BHO: (no name) - {8FA43625-2881-4C5C-A366-93468DBF20E6} - C:\WINDOWS\system32\wvUkjJDU.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: (no name) - {C7BBC1FA-E415-4926-9A47-9AB58D0B3BC8} - C:\WINDOWS\system32\vtUkHaXP.dll
O2 - BHO: (no name) - {CFCFDA08-88EA-425D-AA70-0E7898F9C1C2} - C:\WINDOWS\system32\urqQiFUk.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BMc3c7b3ea] Rundll32.exe "C:\WINDOWS\system32\kreoluea.dll",s
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Owner\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.west.com
O15 - Trusted Zone: *.workathomeagent.com
O15 - Trusted Zone: *.workathomeagent.net
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/us/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {BE7DBB5F-6377-405E-9040-F8C95C6997B6} (ShowSetupObj6 Class) - https://invite.mshow.com/(chq4td55vhspks55uijha545)/ShowSetup6.cab
O16 - DPF: {D1D98C0F-A339-42AB-BD5F-EA0FF5D0E65F} (RockYou Image Uploader Control) - http://www.rockyou.com/RockYouImageUploader.cab
O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://westat.webex.com/client/T26L/webex/ieatgpc.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://livenj02.custhelp.com/8102-b424h/rnl/java/RntX.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5292/mcfscan.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: vtUkHaXP - C:\WINDOWS\SYSTEM32\vtUkHaXP.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 10663 bytes

 

ComboFix 08-05-12.1 - Owner 2008-05-14 10:30:25.5 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1033.18.104 [GMT -4:00]
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
 * Created a new restore point
 * Resident AV is active

[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\afqsslxq.ini
C:\WINDOWS\system32\dyriunpr.dll
C:\WINDOWS\system32\fclaxkmv.ini
C:\WINDOWS\system32\feeogkbp.ini
C:\WINDOWS\system32\foqrrblj.ini
C:\WINDOWS\system32\gtxsbbft.dll
C:\WINDOWS\system32\jsuqocfk.ini
C:\WINDOWS\system32\kUFiQqru.ini
C:\WINDOWS\system32\kUFiQqru.ini2
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\pbkgoeef.dll
C:\WINDOWS\system32\rpnuiryd.ini
C:\WINDOWS\system32\taxbxdie.ini
C:\WINDOWS\system32\uvEMVyay.ini
C:\WINDOWS\system32\uvEMVyay.ini2
C:\WINDOWS\system32\VEOUBccf.ini
C:\WINDOWS\system32\VEOUBccf.ini2
C:\WINDOWS\system32\XadggMoq.ini
C:\WINDOWS\system32\XadggMoq.ini2
C:\WINDOWS\system32\xoemqtwy.ini

.
(((((((((((((((((((((((((   Files Created from 2008-04-14 to 2008-05-14  )))))))))))))))))))))))))))))))
.

2008-05-14 09:54 . 2008-05-14 09:54 <DIR> d-------- C:\Program Files\CCleaner
2008-05-14 09:50 . 2008-05-14 09:50 2,112 --a------ C:\WINDOWS\system32\cwusdymu.exe
2008-05-14 09:43 . 2008-05-14 09:43 90,288 --a------ C:\WINDOWS\system32\kreoluea.dll
2008-05-14 00:37 . 2008-05-14 00:37 2,112 --a------ C:\WINDOWS\system32\fyxktxoo.exe
2008-05-14 00:31 . 2008-05-14 00:31 99,008 --a------ C:\WINDOWS\system32\bftmkrom.dll
2008-05-14 00:25 . 2008-05-14 00:25 90,304 --a------ C:\WINDOWS\system32\hqqhhayb.dll
2008-05-13 23:43 . 2008-05-13 23:43 106 --a------ C:\delete.bat
2008-05-13 23:37 . 2008-05-13 23:37 <DIR> d-------- C:\Program Files\PCPitstop
2008-05-13 22:55 . 2008-05-13 22:55 2,112 --a------ C:\WINDOWS\system32\bdggubvk.exe
2008-05-13 22:49 . 2008-05-13 22:49 99,008 --a------ C:\WINDOWS\system32\jjjioqvu.dll
2008-05-13 21:54 . 2008-05-13 21:54 2,112 --a------ C:\WINDOWS\system32\xrkysoys.exe
2008-05-13 21:46 . 2008-05-13 21:46 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-13 21:43 . 2008-05-13 21:43 90,304 --a------ C:\WINDOWS\system32\xdylqjmm.dll
2008-05-13 21:35 . 2008-05-13 21:35 90,304 --a------ C:\WINDOWS\system32\deyjclnw.dll
2008-05-13 20:14 . 2008-05-13 20:14 99,008 --a------ C:\WINDOWS\system32\hfyasgse.dll
2008-05-13 20:11 . 2008-05-13 20:11 2,112 --a------ C:\WINDOWS\system32\ecuibspc.exe
2008-05-13 19:59 . 2008-05-13 19:59 90,304 --a------ C:\WINDOWS\system32\gwyfqetm.dll
2008-05-13 18:54 . 2008-05-14 10:37 4,914 --a------ C:\WINDOWS\system32\Config.MPF
2008-05-13 18:48 . 2006-03-03 11:07 143,360 --a------ C:\WINDOWS\system32\dunzip32.dll
2008-05-13 18:45 . 2007-06-25 10:57 37,480 --a------ C:\WINDOWS\system32\drivers\mfesmfk.sys
2008-05-13 18:45 . 2007-06-25 10:57 34,184 --a------ C:\WINDOWS\system32\drivers\mfebopk.sys
2008-05-13 18:45 . 2007-06-25 10:57 32,008 --a------ C:\WINDOWS\system32\drivers\mferkdk.sys
2008-05-13 18:44 . 2008-02-06 09:51 171,400 --a------ C:\WINDOWS\system32\drivers\mfehidk.sys
2008-05-13 18:44 . 2007-03-02 14:16 109,608 --a------ C:\WINDOWS\system32\drivers\Mpfp.sys
2008-05-13 18:44 . 2007-06-25 14:54 71,496 --a------ C:\WINDOWS\system32\drivers\mfeavfk.sys
2008-05-13 17:08 . 2008-05-13 17:08 99,008 --a------ C:\WINDOWS\system32\ifkvffha.dll
2008-05-13 17:08 . 2008-05-13 17:08 2,112 --a------ C:\WINDOWS\system32\myrixdoi.exe
2008-05-13 17:07 . 2008-05-13 17:07 90,304 --a------ C:\WINDOWS\system32\aaygikgg.dll
2008-05-13 16:41 . 2008-05-13 16:41 <DIR> d-------- C:\Deckard
2008-05-13 16:34 . 2008-05-13 16:34 99,008 --a------ C:\WINDOWS\system32\jdmjylso.dll
2008-05-13 16:32 . 2008-05-13 16:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-13 16:31 . 2008-05-13 16:31 2,112 --a------ C:\WINDOWS\system32\bufrpgkb.exe
2008-05-13 16:29 . 2008-05-13 16:29 90,304 --a------ C:\WINDOWS\system32\lokyrjci.dll
2008-05-13 12:56 . 2008-05-13 12:56 2,112 --a------ C:\WINDOWS\system32\rnitoxhy.exe
2008-05-13 12:50 . 2008-05-13 16:24 414 ---hs---- C:\WINDOWS\system32\kegnneaf.ini
2008-05-13 12:48 . 2008-05-13 12:48 99,008 --a------ C:\WINDOWS\system32\tyer!!!t.dll
2008-05-13 12:48 . 2008-05-13 12:48 90,304 --a------ C:\WINDOWS\system32\flruqonk.dll
2008-05-13 11:57 . 2008-05-13 11:57 2,112 --a------ C:\WINDOWS\system32\vedwwkmg.exe
2008-05-13 11:51 . 2008-05-13 11:51 98,928 --a------ C:\WINDOWS\system32\yxidrgwe.dll
2008-05-12 11:26 . 2008-05-12 11:34 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-12 11:26 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-05-12 11:26 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-05-12 09:43 . 2008-05-12 11:36 83,008 --------- C:\WINDOWS\system32\fdcewtcs.dll
2008-05-12 09:32 . 2008-05-12 09:32 98,896 --a------ C:\WINDOWS\system32\wplpmulj.dll
2008-05-12 09:30 . 2008-05-12 11:36 90,176 --------- C:\WINDOWS\system32\bwecnwoh.dll
2008-05-12 09:07 . 2008-05-12 09:07 98,896 --a------ C:\WINDOWS\system32\dgiveuox.dll
2008-05-12 09:05 . 2008-05-12 09:05 90,176 --a------ C:\WINDOWS\system32\iwwuahnm.dll
2008-05-12 08:08 . 2008-05-12 08:08 98,896 --a------ C:\WINDOWS\system32\rwppbove.dll
2008-05-12 08:04 . 2008-05-12 08:04 90,176 --a------ C:\WINDOWS\system32\yvrgnyot.dll
2008-05-12 00:19 . 2008-05-12 00:19 98,912 --a------ C:\WINDOWS\system32\kdvenepd.dll
2008-05-12 00:16 . 2008-05-12 00:16 90,208 --a------ C:\WINDOWS\system32\hryygbke.dll
2008-05-11 23:00 . 2008-05-11 23:00 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Malwarebytes
2008-05-11 23:00 . 2008-05-11 23:00 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-11 22:38 . 2008-05-11 22:38 98,912 --a------ C:\WINDOWS\system32\myiughqo.dll
2008-05-11 22:35 . 2008-05-11 23:07 83,024 --------- C:\WINDOWS\system32\fhdtttmn.dll
2008-05-11 22:29 . 2008-05-11 23:07 90,208 --------- C:\WINDOWS\system32\injbqjda.dll
2008-05-11 21:33 . 2008-05-11 21:33 98,912 --a------ C:\WINDOWS\system32\oalglrwc.dll
2008-05-11 21:33 . 2008-05-11 21:33 90,208 --a------ C:\WINDOWS\system32\lllukvwi.dll
2008-05-11 18:40 . 2008-05-11 18:40 98,912 --a------ C:\WINDOWS\system32\lxkyvuln.dll
2008-05-11 18:28 . 2008-05-11 18:28 90,208 --a------ C:\WINDOWS\system32\vhcwlsff.dll
2008-05-11 17:30 . 2008-05-11 17:30 90,208 --a------ C:\WINDOWS\system32\fcikvjjc.dll
2008-05-11 15:21 . 2008-05-13 18:43 <DIR> d-------- C:\Program Files\McAfee.com
2008-05-11 15:20 . 2008-05-13 18:48 <DIR> d-------- C:\Program Files\Common Files\McAfee
2008-05-11 15:19 . 2008-05-13 21:03 <DIR> d-------- C:\Program Files\McAfee
2008-05-11 10:31 . 2008-05-11 21:33 <DIR> d-------- C:\Program Files\Panda Security
2008-05-11 10:00 . 2008-05-11 10:00 98,912 --a------ C:\WINDOWS\system32\pnslejwc.dll
2008-05-11 10:00 . 2008-05-11 10:00 90,208 --a------ C:\WINDOWS\system32\jxeddobb.dll
2008-05-11 09:32 . 2008-05-11 09:32 98,912 --a------ C:\WINDOWS\system32\fvvkipyf.dll
2008-05-11 09:25 . 2008-05-11 09:25 90,208 --a------ C:\WINDOWS\system32\jtyhnxch.dll
2008-05-11 09:19 . 2008-05-11 09:26 354 ---hs---- C:\WINDOWS\system32\uaxuggqw.ini
2008-05-10 22:42 . 2008-05-10 22:42 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-05-10 21:45 . 2008-05-10 21:45 1,433,272 --a------ C:\SDFix.exe
2008-05-10 21:45 . 2008-05-10 21:45 98,896 --a------ C:\WINDOWS\system32\qahymgqs.dll
2008-05-10 21:45 . 2008-05-10 21:45 90,304 --a------ C:\WINDOWS\system32\wjchtwxh.dll
2008-05-10 21:41 . 2008-05-10 21:41 98,896 --a------ C:\WINDOWS\system32\wisoupwu.dll
2008-05-10 21:40 . 2008-05-10 21:40 90,304 --a------ C:\WINDOWS\system32\kkvyuclg.dll
2008-05-10 19:05 . 2008-05-10 19:05 98,896 --a------ C:\WINDOWS\system32\ylasnmap.dll
2008-05-10 19:02 . 2008-05-10 19:02 90,304 --a------ C:\WINDOWS\system32\euyyckih.dll
2008-05-10 10:12 . 2008-05-10 10:12 98,896 --a------ C:\WINDOWS\system32\femynbjq.dll
2008-05-10 10:11 . 2008-05-14 10:41 109,845 --a------ C:\WINDOWS\BMc3c7b3ea.xml
2008-05-10 10:11 . 2008-05-10 10:11 90,304 --a------ C:\WINDOWS\system32\beesaiaq.dll
2008-05-10 09:53 . 2008-05-10 09:53 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Yahoo!
2008-05-10 09:53 . 2008-05-10 09:53 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\COMCASTTOOLBAR
2008-05-10 09:52 . 2008-05-10 09:52 25,728 --a------ C:\WINDOWS\system32\vtUkHaXP.dll
2008-05-10 09:52 . 2008-05-10 09:52 25,600 --a------ C:\WINDOWS\b2new.exe
2008-05-07 13:41 . 2008-04-24 08:10 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-05-07 13:41 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
2008-05-07 13:05 . 2008-05-07 13:05 <DIR> d-------- C:\VundoFix Backups
2008-05-07 10:00 . 2008-05-07 10:42 <DIR> d-------- C:\Program Files\CA Yahoo! Anti-Spy
2008-04-28 19:37 . 2008-04-28 19:37 230 --a------ C:\WINDOWS\system32\spupdsvc.inf
2008-04-23 11:29 . 2006-07-13 13:15 73,728 --a------ C:\WINDOWS\system32\lxczpwr.dll
2008-04-23 11:29 . 2006-07-13 13:28 69,632 --a------ C:\WINDOWS\system32\LXCZCU.DLL
2008-04-23 11:29 . 2002-11-13 15:40 40,960 --a------ C:\WINDOWS\system32\lxczvs.dll
2008-04-23 11:28 . 2008-04-23 11:28 <DIR> d-------- C:\Program Files\Lexmark 1200 Series
2008-04-20 14:21 . 2008-04-20 14:21 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Skype
2008-04-18 11:54 . 2008-04-18 11:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MumboJumbo
2008-04-15 15:05 . 2008-04-15 15:05 <DIR> d-------- C:\Lexmark
2008-04-15 14:52 . 2008-05-12 07:44 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Tibo Software
2008-04-15 14:52 . 2008-05-12 07:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Tibo Software

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-14 03:37 --------- d-----w C:\Program Files\Common Files\Scanner
2008-05-14 03:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-05-14 01:47 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-05-14 01:46 --------- d-----w C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
2008-05-13 22:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2008-05-13 21:53 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-05-13 21:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-12 11:47 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-12 11:44 --------- d-----w C:\Program Files\Yahoo! Games
2008-05-12 01:33 --------- d-----w C:\Program Files\Enigma Software Group
2008-05-11 22:29 3,940 ----a-w C:\WINDOWS\system32\tmp.reg
2008-05-10 14:05 --------- d-----w C:\Documents and Settings\Owner\Application Data\WeatherBug
2008-05-05 13:55 --------- d-----w C:\Documents and Settings\Owner\Application Data\AdobeUM
2008-05-04 17:22 --------- d-----w C:\Documents and Settings\Owner\Application Data\LimeWire
2008-04-19 04:17 --------- d-----w C:\Documents and Settings\Owner\Application Data\Arcsoft
2008-04-18 19:01 --------- d-----w C:\Documents and Settings\Owner\Application Data\IMVU
2008-04-18 13:06 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-18 12:12 --------- d--h--r C:\Documents and Settings\Owner\Application Data\yahoo!
2008-04-18 12:12 --------- d-----w C:\Program Files\Yahoo!
2008-04-18 12:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-04-18 12:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\yahoo!
2008-04-13 16:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-03-29 11:52 --------- d-----w C:\Documents and Settings\Owner\Application Data\webex
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-18 16:55 81 ----a-w C:\CTX.DAT
2008-03-17 23:37 2,022 ----a-w C:\Documents and Settings\Owner\Application Data\wklnhst.dat
2008-02-25 00:18 47,360 ----a-w C:\Documents and Settings\Owner\Application Data\pcouffin.sys
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-16 08:59 659,456 ----a-w C:\WINDOWS\system32\wininet.dll
2008-01-20 07:13 5,761 ----a-w C:\Program Files\install.log
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{058F751D-974A-4C19-911F-E340FDE9B892}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{12465D45-0AF5-4144-813E-31C1717A3E6D}]
   C:\WINDOWS\system32\awttttSk.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4A9D9A1C-E991-453C-B93D-C4C140406168}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{54CC9E4F-8C8D-4D84-8095-ADF3DF499FFF}]
   C:\WINDOWS\system32\fccBUOEV.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6bbbfa1c-91e5-474e-911a-9d185977b6ac}]
   C:\WINDOWS\system32\rlposcxm.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{89BB8E18-EDDA-437E-B3DB-9EA980E07966}]
2008-05-14 10:43 314448 --a------ C:\WINDOWS\system32\xxywwvvt.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8FA43625-2881-4C5C-A366-93468DBF20E6}]
   C:\WINDOWS\system32\wvUkjJDU.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C7BBC1FA-E415-4926-9A47-9AB58D0B3BC8}]
2008-05-10 09:52 25728 --a------ C:\WINDOWS\system32\vtUkHaXP.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CFCFDA08-88EA-425D-AA70-0E7898F9C1C2}]
   C:\WINDOWS\system32\urqQiFUk.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-03-01 22:11 4670968]
"Weather"="C:\Program Files\AWS\WeatherBug\Weather.exe" [2006-04-07 17:02 1343488]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 07:24 286720]
"NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-06-04 00:51 131072]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2004-07-12 05:50 81920]
"hpqSRMon"="C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 17:31 80896]
"Lexmark 1200 Series"="C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" [2006-07-13 13:22 57344]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-07-12 05:50 4112384]
"c0f48076"="C:\WINDOWS\system32\dyriunpr.dll" [ ]
"combofix"="C:\WINDOWS\system32\CF30263.exe" [2004-08-04 15:00 388608]
"BMc3c7b3ea"="C:\WINDOWS\system32\kreoluea.dll" [2008-05-14 09:43 90288]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{C7BBC1FA-E415-4926-9A47-9AB58D0B3BC8}"= C:\WINDOWS\system32\vtUkHaXP.dll [2008-05-10 09:52 25728]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtUkHaXP]
vtUkHaXP.dll 2008-05-10 09:52 25728 C:\WINDOWS\system32\vtUkHaXP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ    msv1_0 C:\WINDOWS\system32\xxywwvvt

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BigFix.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BigFix.lnk
backup=C:\WINDOWS\pss\BigFix.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Updater.lnk
backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\am]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Spyware Protection]
--a------ 2004-03-19 18:17 78960 C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
--a------ 2008-02-22 11:33 72192 C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMc3c7b3ea]
--a------ 2008-05-12 00:16 90208 C:\WINDOWS\system32\hryygbke.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c0f48076]
C:\WINDOWS\system32\msswflfo.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2004-07-12 05:50 4112384 C:\WINDOWS\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2003-10-31 23:42 32768 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-09-25 02:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunKistEM]
--a------ 2004-10-18 18:05 135168 C:\Program Files\Digital Media Reader\shwiconem.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
--a------ 2008-02-29 16:03 1481968 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2007-03-01 22:11 4670968 C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
"C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=

R2 ACDaemon;ArcSoft Connect Daemon;C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2008-02-22 11:33]
S3 ICAM3NT5;Intel USB Video Camera III;C:\WINDOWS\system32\Drivers\Icam3.sys [2001-08-17 15:05]

.
Contents of the 'Scheduled Tasks' folder
"2008-05-13 22:43:50 C:\WINDOWS\Tasks\McDefragTask.job"
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe
"2008-05-13 22:43:49 C:\WINDOWS\Tasks\McQcTask.job"
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-14 10:38:36
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\WINDOWS\system32\tvvwwyxx.ini 347 bytes
C:\WINDOWS\system32\tvvwwyxx.ini2 347 bytes
C:\WINDOWS\system32\xxywwvvt.dll 314448 bytes executable

scan completed successfully
hidden files: 3

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\vtUkHaXP.dll
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~1\COMMON~1\McAfee\MNA\McNASvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe
C:\PROGRA~1\COMMON~1\McAfee\RedirSvc\RedirSvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MpfSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
C:\WINDOWS\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2008-05-14 10:48:40 - machine was rebooted
ComboFix-quarantined-files.txt  2008-05-14 14:48:29
ComboFix2.txt  2008-05-12 12:01:58

Pre-Run: 19,013,328,896 bytes free
Post-Run: 18,987,180,032 bytes free

316 --- E O F --- 2008-05-14 02:45:48
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/14/2008 at 10:17 AM

Application Version : 4.0.1154

Core Rules Database Version : 3460
Trace Rules Database Version: 1451

Scan type       : Quick Scan
Total Scan Time : 00:14:13

Memory items scanned      : 485
Memory threats detected   : 3
Registry items scanned    : 416
Registry threats detected : 8
File items scanned        : 6115
File threats detected     : 6

Adware.Vundo Variant/Resident
 C:\WINDOWS\SYSTEM32\FCCBUOEV.DLL
 C:\WINDOWS\SYSTEM32\FCCBUOEV.DLL
 C:\WINDOWS\SYSTEM32\QOMGGDAX.DLL
 C:\WINDOWS\SYSTEM32\QOMGGDAX.DLL

Trojan.Downloader-NewJuan/VM
 C:\WINDOWS\SYSTEM32\RLPOSCXM.DLL
 C:\WINDOWS\SYSTEM32\RLPOSCXM.DLL

Adware.Vundo-Variant
 HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05745F5D-7628-4DBA-9606-40F413CFE92D}
 HKCR\CLSID\{05745F5D-7628-4DBA-9606-40F413CFE92D}
 HKCR\CLSID\{05745F5D-7628-4DBA-9606-40F413CFE92D}\InprocServer32
 HKCR\CLSID\{05745F5D-7628-4DBA-9606-40F413CFE92D}\InprocServer32#ThreadingModel
 HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2938A35D-20D3-4131-855B-A7FF71C21CB1}
 HKCR\CLSID\{2938A35D-20D3-4131-855B-A7FF71C21CB1}
 HKCR\CLSID\{2938A35D-20D3-4131-855B-A7FF71C21CB1}\InprocServer32
 HKCR\CLSID\{2938A35D-20D3-4131-855B-A7FF71C21CB1}\InprocServer32#ThreadingModel

Adware.Tracking Cookie
 C:\Documents and Settings\Owner\Cookies\owner@clickbank[2].txt
 C:\Documents and Settings\Owner\Cookies\owner@indextools[2].txt
 C:\Documents and Settings\Owner\Cookies\owner@82.98.235[1].txt

 

Hello