fakeeoghan

The message still appears and I cannot find that soundtaskmgr in the task manager's list of processes. Here's the new HJT Log. Logfile of HijackThis v1.99.1 Scan saved at 17:43:46, on 10/11/2005 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss[Caution: ExecutableFile] C:\WINNT\system32\winlogon[Caution: ExecutableFile] C:\WINNT\system32\services[Caution: ExecutableFile] C:\WINNT\system32\lsass[Caution: ExecutableFile] C:\WINNT\system32\ibmpmsvc[Caution: ExecutableFile] C:\WINNT\system32\svchost[Caution: ExecutableFile] C:\WINNT\System32\svchost[Caution: ExecutableFile] C:\WINNT\system32\spoolsv[Caution: ExecutableFile] C:\WINNT\system32\Ati2evxx[Caution: ExecutableFile] C:\Program Files\AVPersonal\AVWUPSRV[Caution: ExecutableFile] C:\WINNT\system32\CTsvcCDA[Caution: ExecutableFile] C:\Program Files\ewido\security suite\ewidoctrl[Caution: ExecutableFile] c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr[Caution: ExecutableFile] C:\WINNT\Explorer[Caution: ExecutableFile] C:\WINNT\System32\NTME\METHWNT[Caution: ExecutableFile] C:\WINNT\System32\NTME\brad32[Caution: ExecutableFile] C:\Program Files\Kodak\Kodak EasyShare software\bin\ptssvc[Caution: ExecutableFile] C:\WINNT\System32\QCONSVC[Caution: ExecutableFile] C:\WINNT\system32\MSTask[Caution: ExecutableFile] C:\WINNT\system32\ScsiAccess[Caution: ExecutableFile] C:\WINNT\System32\WBEM\WinMgmt[Caution: ExecutableFile] C:\WINNT\System32\mspmspsv[Caution: ExecutableFile] C:\WINNT\system32\svchost[Caution: ExecutableFile] C:\WINNT\system32\tp4serv[Caution: ExecutableFile] C:\WINNT\system32\atiptaxx[Caution: ExecutableFile] C:\WINNT\LTSMMSG[Caution: ExecutableFile] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR[Caution: ExecutableFile] C:\WINNT\system32\PRPCUI[Caution: ExecutableFile] C:\PROGRA~1\ThinkPad\UTILIT~1\TP98TRAY[Caution: ExecutableFile] C:\Program Files\AVPersonal\AVSched32[Caution: ExecutableFile] C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile] C:\WINNT\AGRSMMSG[Caution: ExecutableFile] C:\PROGRA~1\Sony\SONICS~1\SsAAD[Caution: ExecutableFile] C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile] C:\Program Files\QuickTime\qttask[Caution: ExecutableFile] C:\WINNT\ConnectionStatus\Microsoft\services[Caution: ExecutableFile] C:\WINNT\system32\internat[Caution: ExecutableFile] C:\Program Files\Creative\MediaSource\Detector\CTDetect[Caution: ExecutableFile] C:\Program Files\Spyware Doctor\swdoctor[Caution: ExecutableFile] C:\Program Files\MSN Messenger\msnmsgr[Caution: ExecutableFile] C:\Program Files\a-squared\a2guard[Caution: ExecutableFile] C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile] C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV[Caution: ExecutableFile] C:\Program Files\Mozilla Firefox\firefox[Caution: ExecutableFile] C:\2003\AUSTIN\Eoghan\runescape stuff\runescape[Caution: ExecutableFile] C:\Documents and Settings\Admin\Desktop\Hijack\HijackThis[Caution: ExecutableFile] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,(Default) = http://66.250.171.137/dpindex.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\about.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=proxy.aon.at:8080;http=proxy.aon.at:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.aon.at;*.jet2web.net; F2 - REG:system.ini: UserInit=C:\WINNT\system32\Userinit[Caution: ExecutableFile] O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [TrackPointSrv] tp4serv[Caution: ExecutableFile] O4 - HKLM\..\Run: [AtiPTA] atiptaxx[Caution: ExecutableFile] O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG[Caution: ExecutableFile] O4 - HKLM\..\Run: [synchronization Manager] mobsync[Caution: ExecutableFile] /logon O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR[Caution: ExecutableFile] O4 - HKLM\..\Run: [TP4EX] tp4ex[Caution: ExecutableFile] O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI[Caution: ExecutableFile] O4 - HKLM\..\Run: [TPTRAY] C:\PROGRA~1\ThinkPad\UTILIT~1\TP98TRAY[Caution: ExecutableFile] O4 - HKLM\..\Run: [ConfigSafe] C:\CFGSAFE\NTFSCLUP[Caution: ExecutableFile] O4 - HKLM\..\Run: [CSScheduleCheck] C:\CFGSAFE\SCHWIZEX[Caution: ExecutableFile] -CHECK O4 - HKLM\..\Run: [AVSCHED32] C:\Program Files\AVPersonal\AVSched32[Caution: ExecutableFile] /min O4 - HKLM\..\Run: [sbar] "C:\WINNT\regit[Caution: ExecutableFile]" C:\WINNT O4 - HKLM\..\Run: [sountskmanager] sountaskmgr O4 - HKLM\..\Run: [AspConfig] C:\WINNT\AspConfig[Caution: ExecutableFile] O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile]" -osboot O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG[Caution: ExecutableFile] O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO[Caution: ExecutableFile] O4 - HKLM\..\Run: [iHP-100] C:\Program Files\iRiver\iHP100\iHPDetect[Caution: ExecutableFile] O4 - HKLM\..\Run: [ssAAD[Caution: ExecutableFile]] C:\PROGRA~1\Sony\SONICS~1\SsAAD[Caution: ExecutableFile] O4 - HKLM\..\Run: [ WinINet] C:\WINNT\ConnectionStatus\services[Caution: ExecutableFile] O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile]" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]" -atboottime O4 - HKLM\..\Run: [ WinCheck] C:\WINNT\ConnectionStatus\Microsoft\services[Caution: ExecutableFile] O4 - HKLM\..\RunServices: [sountskmanager] sountaskmgr O4 - HKCU\..\Run: [internat[Caution: ExecutableFile]] internat[Caution: ExecutableFile] O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect[Caution: ExecutableFile] /R O4 - HKCU\..\Run: [spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor[Caution: ExecutableFile]" /Q O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [_WinINet] C:\WINNT\ConnectionStatus\services[Caution: ExecutableFile] O4 - HKCU\..\Run: [_WinCheck] C:\WINNT\ConnectionStatus\Microsoft\services[Caution: ExecutableFile] O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard[Caution: ExecutableFile]" O4 - Global Startup: Download Demon.lnk = C:\Program Files\Netzip Download Demon\Netzip Download Demon[Caution: ExecutableFile] O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA[Caution: ExecutableFile] O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare[Caution: ExecutableFile] O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL[Caution: ExecutableFile]/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b27571.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b30149.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b27571.cab O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) - https://webresponse.one.microsoft.com/o ... winrep.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4126470871 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005 ... scan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b27571.cab O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promot ... WebAAS.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZI ... b34246.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.ne ... tector.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/zuma/defaul ... der_v6.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ECO-CEE.at.schneider-electric.com O17 - HKLM\System\CCS\Services\Tcpip\..\{339C5575-6924-44D2-A335-9B73A7F4FDC4}: NameServer = 195.3.96.67 195.3.96.68 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ECO-CEE.at.schneider-electric.com O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = ECO-CEE.at.schneider-electric.com O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Filter: text/html - {5C13EB45-8423-4758-A45C-4FF84011705D} - C:\Documents and Settings\Admin\Local Settings\Application Data\microsoft\internet explorer\V0.26.dat O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAM FILES\AVPERSONAL\AVGUARD[Caution: ExecutableFile] O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx[Caution: ExecutableFile] O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV[Caution: ExecutableFile] O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNT\system32\CTsvcCDA[Caution: ExecutableFile] O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin[Caution: ExecutableFile] O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl[Caution: ExecutableFile] O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINNT\system32\ibmpmsvc[Caution: ExecutableFile] O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT[Caution: ExecutableFile] O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile] O23 - Service: Mouse Button Monitor (mousebm) - Unknown owner - C:\WINNT\system32\mousebm[Caution: ExecutableFile] (file missing) O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV[Caution: ExecutableFile] O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr[Caution: ExecutableFile]" -sSQLEXPRESS (file missing) O23 - Service: netinfo - Unknown owner - C:\WINNT\netinfo[Caution: ExecutableFile] (file missing) O23 - Service: Network Associates Management Agent - Network Associates - C:\WINNT\System32\NTME\METHWNT[Caution: ExecutableFile] O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR[Caution: ExecutableFile] O23 - Service: ptssvc - KODAK - C:\Program Files\Kodak\Kodak EasyShare software\bin\ptssvc[Caution: ExecutableFile] O23 - Service: QCONSVC - Unknown owner - C:\WINNT\System32\QCONSVC[Caution: ExecutableFile] O23 - Service: ScsiAccess - Unknown owner - C:\WINNT\system32\ScsiAccess[Caution: ExecutableFile] O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV[Caution: ExecutableFile] O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV[Caution: ExecutableFile] O23 - Service: System Messenger Service (WINSMSC) - Unknown owner - C:\WINNT\smsc[Caution: ExecutableFile] (file missing)

Ok I'm thinking about buy this computer. I don't need anything ridiculous but I'd like to be able to play all currently released games as well as have multiple programs running at the same time. This is one that my cousin found for me. It costs 820euro. It's from a german site but you should understand everything. Is it worth the money? ÃÆââââ‰â¬ÅÃâê AMD GameSolution X3200 - ASUS SLI - AMD Athlon64 3200+ - 1 GB DDR RAM - 200GB - DVD-Writer - ATI X800GT AMD Athlon 64 3200+ Venice Kern S.939 - 1GB DDR RAM PC400 Markenspeicher - 200 GB Maxtor 8MB Cache 7200rpm - DVD-BRENNER LG4167b DualLayer 16X +/- - ATI Radeon X800GT 256MB DVI TV-out - ASUS A8N-SLI Deluxe / NVIDIA nForce 4 SLI Chipset / HT 1000 Support / Dual Ch. / SATA II 4xSATA RAID 5 / 6xUSB2.0 / Dual GigaBit Network / 6 Kanal Audio / 2x IDE / AI N.O.S / PEG Link / Dual PCI-ex16 - Goldadler Multimedia Tower - 400W POWER NT

I'm sorry, what O4 line? and what about this soundtaskmgr thing? Do I forget that? Got to sleep noe but I'll check back tomorrow

I don't have a C:\WINDOWS\System32 but I do have C:\WINNT\System32. I checked that folder and there's no soundtaskmgr. Where else should I look or do I have to run a search on my whole computer?

And here's the HJT log for after the ewido scan: Logfile of HijackThis v1.99.1 Scan saved at 16:49:23, on 08/11/2005 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss[Caution: ExecutableFile] C:\WINNT\system32\winlogon[Caution: ExecutableFile] C:\WINNT\system32\services[Caution: ExecutableFile] C:\WINNT\system32\lsass[Caution: ExecutableFile] C:\WINNT\system32\ibmpmsvc[Caution: ExecutableFile] C:\WINNT\system32\svchost[Caution: ExecutableFile] C:\WINNT\System32\svchost[Caution: ExecutableFile] C:\WINNT\system32\spoolsv[Caution: ExecutableFile] C:\WINNT\system32\Ati2evxx[Caution: ExecutableFile] C:\Program Files\AVPersonal\AVWUPSRV[Caution: ExecutableFile] C:\WINNT\system32\CTsvcCDA[Caution: ExecutableFile] c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr[Caution: ExecutableFile] C:\WINNT\Explorer[Caution: ExecutableFile] C:\WINNT\System32\NTME\METHWNT[Caution: ExecutableFile] C:\WINNT\System32\NTME\brad32[Caution: ExecutableFile] C:\Program Files\Kodak\Kodak EasyShare software\bin\ptssvc[Caution: ExecutableFile] C:\WINNT\System32\QCONSVC[Caution: ExecutableFile] C:\WINNT\system32\MSTask[Caution: ExecutableFile] C:\WINNT\system32\ScsiAccess[Caution: ExecutableFile] C:\WINNT\System32\WBEM\WinMgmt[Caution: ExecutableFile] C:\WINNT\System32\mspmspsv[Caution: ExecutableFile] C:\WINNT\system32\svchost[Caution: ExecutableFile] C:\WINNT\system32\tp4serv[Caution: ExecutableFile] C:\WINNT\system32\atiptaxx[Caution: ExecutableFile] C:\WINNT\LTSMMSG[Caution: ExecutableFile] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR[Caution: ExecutableFile] C:\WINNT\system32\PRPCUI[Caution: ExecutableFile] C:\PROGRA~1\ThinkPad\UTILIT~1\TP98TRAY[Caution: ExecutableFile] C:\Program Files\AVPersonal\AVSched32[Caution: ExecutableFile] C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile] C:\WINNT\AGRSMMSG[Caution: ExecutableFile] C:\PROGRA~1\Sony\SONICS~1\SsAAD[Caution: ExecutableFile] C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile] C:\Program Files\QuickTime\qttask[Caution: ExecutableFile] C:\WINNT\ConnectionStatus\Microsoft\services[Caution: ExecutableFile] C:\WINNT\system32\internat[Caution: ExecutableFile] C:\Program Files\Creative\MediaSource\Detector\CTDetect[Caution: ExecutableFile] C:\Program Files\Spyware Doctor\swdoctor[Caution: ExecutableFile] C:\Program Files\MSN Messenger\msnmsgr[Caution: ExecutableFile] C:\Program Files\a-squared\a2guard[Caution: ExecutableFile] C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile] C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV[Caution: ExecutableFile] C:\Program Files\ewido\security suite\ewidoctrl[Caution: ExecutableFile] C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR[Caution: ExecutableFile] C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex[Caution: ExecutableFile] C:\WINNT\system32\NOTEPAD[Caution: ExecutableFile] C:\Documents and Settings\Admin\Desktop\Hijack\HijackThis[Caution: ExecutableFile] C:\Program Files\Mozilla Firefox\firefox[Caution: ExecutableFile] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,(Default) = http://66.250.171.137/dpindex.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\about.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=proxy.aon.at:8080;http=proxy.aon.at:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.aon.at;*.jet2web.net; F2 - REG:system.ini: UserInit=C:\WINNT\system32\Userinit[Caution: ExecutableFile] O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [TrackPointSrv] tp4serv[Caution: ExecutableFile] O4 - HKLM\..\Run: [AtiPTA] atiptaxx[Caution: ExecutableFile] O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG[Caution: ExecutableFile] O4 - HKLM\..\Run: [synchronization Manager] mobsync[Caution: ExecutableFile] /logon O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR[Caution: ExecutableFile] O4 - HKLM\..\Run: [TP4EX] tp4ex[Caution: ExecutableFile] O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI[Caution: ExecutableFile] O4 - HKLM\..\Run: [TPTRAY] C:\PROGRA~1\ThinkPad\UTILIT~1\TP98TRAY[Caution: ExecutableFile] O4 - HKLM\..\Run: [ConfigSafe] C:\CFGSAFE\NTFSCLUP[Caution: ExecutableFile] O4 - HKLM\..\Run: [CSScheduleCheck] C:\CFGSAFE\SCHWIZEX[Caution: ExecutableFile] -CHECK O4 - HKLM\..\Run: [AVSCHED32] C:\Program Files\AVPersonal\AVSched32[Caution: ExecutableFile] /min O4 - HKLM\..\Run: [sbar] "C:\WINNT\regit[Caution: ExecutableFile]" C:\WINNT O4 - HKLM\..\Run: [sountskmanager] sountaskmgr O4 - HKLM\..\Run: [AspConfig] C:\WINNT\AspConfig[Caution: ExecutableFile] O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile]" -osboot O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG[Caution: ExecutableFile] O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO[Caution: ExecutableFile] O4 - HKLM\..\Run: [iHP-100] C:\Program Files\iRiver\iHP100\iHPDetect[Caution: ExecutableFile] O4 - HKLM\..\Run: [ssAAD[Caution: ExecutableFile]] C:\PROGRA~1\Sony\SONICS~1\SsAAD[Caution: ExecutableFile] O4 - HKLM\..\Run: [ WinINet] C:\WINNT\ConnectionStatus\services[Caution: ExecutableFile] O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile]" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]" -atboottime O4 - HKLM\..\Run: [ WinCheck] C:\WINNT\ConnectionStatus\Microsoft\services[Caution: ExecutableFile] O4 - HKLM\..\RunServices: [sountskmanager] sountaskmgr O4 - HKCU\..\Run: [internat[Caution: ExecutableFile]] internat[Caution: ExecutableFile] O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect[Caution: ExecutableFile] /R O4 - HKCU\..\Run: [spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor[Caution: ExecutableFile]" /Q O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [_WinINet] C:\WINNT\ConnectionStatus\services[Caution: ExecutableFile] O4 - HKCU\..\Run: [_WinCheck] C:\WINNT\ConnectionStatus\Microsoft\services[Caution: ExecutableFile] O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard[Caution: ExecutableFile]" O4 - Global Startup: Download Demon.lnk = C:\Program Files\Netzip Download Demon\Netzip Download Demon[Caution: ExecutableFile] O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA[Caution: ExecutableFile] O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare[Caution: ExecutableFile] O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL[Caution: ExecutableFile]/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b27571.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b30149.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b27571.cab O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) - https://webresponse.one.microsoft.com/o ... winrep.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4126470871 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005 ... scan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b27571.cab O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promot ... WebAAS.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZI ... b34246.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.ne ... tector.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/zuma/defaul ... der_v6.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ECO-CEE.at.schneider-electric.com O17 - HKLM\System\CCS\Services\Tcpip\..\{339C5575-6924-44D2-A335-9B73A7F4FDC4}: NameServer = 195.3.96.67 195.3.96.68 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ECO-CEE.at.schneider-electric.com O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = ECO-CEE.at.schneider-electric.com O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Filter: text/html - {5C13EB45-8423-4758-A45C-4FF84011705D} - C:\Documents and Settings\Admin\Local Settings\Application Data\microsoft\internet explorer\V0.26.dat O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAM FILES\AVPERSONAL\AVGUARD[Caution: ExecutableFile] O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx[Caution: ExecutableFile] O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV[Caution: ExecutableFile] O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNT\system32\CTsvcCDA[Caution: ExecutableFile] O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin[Caution: ExecutableFile] O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl[Caution: ExecutableFile] O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINNT\system32\ibmpmsvc[Caution: ExecutableFile] O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT[Caution: ExecutableFile] O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile] O23 - Service: Mouse Button Monitor (mousebm) - Unknown owner - C:\WINNT\system32\mousebm[Caution: ExecutableFile] (file missing) O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV[Caution: ExecutableFile] O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr[Caution: ExecutableFile]" -sSQLEXPRESS (file missing) O23 - Service: netinfo - Unknown owner - C:\WINNT\netinfo[Caution: ExecutableFile] (file missing) O23 - Service: Network Associates Management Agent - Network Associates - C:\WINNT\System32\NTME\METHWNT[Caution: ExecutableFile] O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR[Caution: ExecutableFile] O23 - Service: ptssvc - KODAK - C:\Program Files\Kodak\Kodak EasyShare software\bin\ptssvc[Caution: ExecutableFile] O23 - Service: QCONSVC - Unknown owner - C:\WINNT\System32\QCONSVC[Caution: ExecutableFile] O23 - Service: ScsiAccess - Unknown owner - C:\WINNT\system32\ScsiAccess[Caution: ExecutableFile] O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV[Caution: ExecutableFile] O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV[Caution: ExecutableFile] O23 - Service: System Messenger Service (WINSMSC) - Unknown owner - C:\WINNT\smsc[Caution: ExecutableFile] (file missing)

I did the ewido scan and deleted everything it found. The log is below. I then ran HJT and that log is in the following post --------------------------------------------------------- ewido security suite - Scan report --------------------------------------------------------- + Created on: 16:48:06, 08/11/2005 + Report-Checksum: D1829270 + Scan result: HKLM\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\TypeLib\\ -> Spyware.180Solutions : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{43E2DBE5-8C8A-4519-9684-8CD7F39A5147} -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{43E2DBE5-8C8A-4519-9684-8CD7F39A5147}\TypeLib\\ -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{4CEBBC6B-5CEE-4644-80CF-38980BAE93F6} -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{4CEBBC6B-5CEE-4644-80CF-38980BAE93F6}\TypeLib\\ -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} -> Spyware.GameSpyArcade : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{DA3609D1-3E96-4726-A17F-30F46AE89726} -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{DA3609D1-3E96-4726-A17F-30F46AE89726}\TypeLib\\ -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\DLMaxDll.DLMaxDllObj -> Spyware.BetterInternet : Cleaned with backup HKLM\SOFTWARE\Classes\DLMaxDll.DLMaxDllObj\CLSID -> Spyware.BetterInternet : Cleaned with backup HKLM\SOFTWARE\Classes\DLMaxDll.DLMaxDllObj\CLSID\\ -> Spyware.VX2 : Cleaned with backup HKLM\SOFTWARE\Classes\DLMaxDll.DLMaxDllObj\CurVer -> Spyware.BetterInternet : Cleaned with backup HKLM\SOFTWARE\Classes\DLMaxDll.DLMaxDllObj.1 -> Spyware.BetterInternet : Cleaned with backup HKLM\SOFTWARE\Classes\DLMaxDll.DLMaxDllObj.1\CLSID\\ -> Spyware.VX2 : Cleaned with backup HKLM\SOFTWARE\Classes\GSDA.GSDACtl\CLSID\\ -> Spyware.GameSpyArcade : Cleaned with backup HKLM\SOFTWARE\Classes\GSDA.GSDACtl.1\CLSID\\ -> Spyware.GameSpyArcade : Cleaned with backup HKLM\SOFTWARE\Classes\IExplorr23.clsDW\Clsid\\ -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\IExplorr23.clsIS\Clsid\\ -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\IExplorr24.clsDW -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\IExplorr24.clsDW\Clsid -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\IExplorr24.clsDW\Clsid\\ -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\IExplorr24.clsIS\Clsid\\ -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{338F1D89-A419-4C40-96E3-C29C978A7DF6} -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{338F1D89-A419-4C40-96E3-C29C978A7DF6}\TypeLib\\ -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{C08175C6-B2B2-47FC-AF1A-32F77A6CB673} -> Spyware.VX2 : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{C08175C6-B2B2-47FC-AF1A-32F77A6CB673}\TypeLib\\ -> Spyware.VX2 : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{CBD7E8BE-0E1E-441D-B133-E26F5636CCCF} -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{CBD7E8BE-0E1E-441D-B133-E26F5636CCCF}\TypeLib\\ -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{E41774F1-63E7-44ED-A03A-FF8422F9AFF0} -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{E41774F1-63E7-44ED-A03A-FF8422F9AFF0}\TypeLib\\ -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\TypeLib\\ -> Spyware.180Solutions : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{FC385F81-0109-4FA8-AAD0-53B4A9A5DD2B} -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{FC385F81-0109-4FA8-AAD0-53B4A9A5DD2B}\TypeLib\\ -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\MediaAccess.Installer -> Spyware.WinAd : Cleaned with backup HKLM\SOFTWARE\Classes\MediaAccess.Installer\CLSID -> Spyware.WinAd : Cleaned with backup HKLM\SOFTWARE\Classes\MediaAccess.Installer\CurVer -> Spyware.WinAd : Cleaned with backup HKLM\SOFTWARE\Classes\MediaAccX.Installer -> Spyware.WinAd : Cleaned with backup HKLM\SOFTWARE\Classes\MediaAccX.Installer\CLSID -> Spyware.WinAd : Cleaned with backup HKLM\SOFTWARE\Classes\TypeLib\{1620D17D-F2B5-43BE-8ED4-6B22E321D2A3} -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\TypeLib\{22CBCB4C-E9DF-4D25-86BC-FFDA4DF8FC06} -> Spyware.InetSpeak : Cleaned with backup HKLM\SOFTWARE\Classes\TypeLib\{230C3786-1C2C-45BD-9D2D-9D277FCE6289} -> Spyware.VX2 : Cleaned with backup HKLM\SOFTWARE\Classes\WinAdToolsX.Installer -> Spyware.BlazeFind : Cleaned with backup HKLM\SOFTWARE\Classes\WinAdToolsX.Installer\CLSID -> Spyware.BlazeFind : Cleaned with backup HKLM\SOFTWARE\Classes\WinAdToolsX.Installer\CLSID\\ -> Spyware.WinFavorites : Cleaned with backup HKLM\SOFTWARE\Classes\WinCommX.Installer -> Spyware.BlazeFind : Cleaned with backup HKLM\SOFTWARE\Classes\WinCommX.Installer\CLSID -> Spyware.BlazeFind : Cleaned with backup HKLM\SOFTWARE\Classes\WinCommX.Installer\CLSID\\ -> Spyware.WinFavorites : Cleaned with backup HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} -> Spyware.GameSpyArcade : Cleaned with backup HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/BM2.dll\\.Owner -> Spyware.VX2 : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/BM2.dll\\{DDFFA75A-E81D-4454-89FC-B9FD0631E726} -> Spyware.VX2 : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/CONFLICT.1/HDPlugin1019.dll\\.Owner -> Spyware.Gator : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/CONFLICT.1/HDPlugin1019.dll\\{DBAE7000-01EC-4162-8FEB-8A27AC937CA0} -> Spyware.Gator : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/gsda.dll\\.Owner -> Spyware.GameSpyArcade : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/gsda.dll\\{70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} -> Spyware.GameSpyArcade : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/HDPlugin1018.dll\\.Owner -> Spyware.Gator : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/HDPlugin1018.dll\\{DBAE7000-01EC-4162-8FEB-8A27AC937CA0} -> Spyware.Gator : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/HDPlugin1019.dll\\.Owner -> Spyware.Gator : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/HDPlugin1019.dll\\{DBAE7000-01EC-4162-8FEB-8A27AC937CA0} -> Spyware.Gator : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/Install.dll\\.Owner -> Spyware.CnsMin : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/Install.dll\\{205FF73B-CA67-11D5-99DD-444553540006} -> Spyware.CnsMin : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/ISTactivex.dll\\.Owner -> Spyware.ISTBar : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/ISTactivex.dll\\{12398DD6-40AA-4C40-A4EC-A42CFC0DE797} -> Spyware.ISTBar : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/MediaTicketsInstaller.ocx\\.Owner -> Spyware.PurityScan : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/MediaTicketsInstaller.ocx\\{9EB320CE-BE1D-4304-A081-4B4665414BEF} -> Spyware.PurityScan : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/WinAdCtlX.dll\\.Owner -> Spyware.WinFavorites : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/WinAdCtlX.dll\\{15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -> Spyware.WinFavorites : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/WinAdToolsX.dll\\.Owner -> Spyware.WinFavorites : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/WinAdToolsX.dll\\{15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -> Spyware.WinFavorites : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/WinCommX.dll\\.Owner -> Spyware.WinFavorites : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/WinCommX.dll\\{15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -> Spyware.WinFavorites : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/YSBactivex.dll\\.Owner -> Spyware.YourSiteBar : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/Downloaded Program Files/YSBactivex.dll\\{771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} -> Spyware.YourSiteBar : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/system32/mfc42.dll\\{9EB320CE-BE1D-4304-A081-4B4665414BEF} -> Spyware.PurityScan : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/system32/msvcrt.dll\\{9EB320CE-BE1D-4304-A081-4B4665414BEF} -> Spyware.PurityScan : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINNT/system32/olepro32.dll\\{9EB320CE-BE1D-4304-A081-4B4665414BEF} -> Spyware.PurityScan : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\AMeOpt -> Spyware.InternetOptimizer : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Kapabout -> Spyware.InternetOptimizer : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Rotue -> Spyware.InternetOptimizer : Cleaned with backup HKLM\SOFTWARE\WildMedia -> Spyware.MidAddle : Cleaned with backup HKLM\SOFTWARE\WildMedia\LicenseStores -> Spyware.MidAddle : Cleaned with backup HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Spyware.Alexa : Cleaned with backup HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC} -> Spyware.MyWay : Cleaned with backup HKU\S-1-5-21-527237240-764733703-1343024091-1000\Software\DLMax -> Spyware.BetterInternet : Cleaned with backup HKU\S-1-5-21-527237240-764733703-1343024091-1000\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Spyware.Alexa : Cleaned with backup HKU\S-1-5-21-527237240-764733703-1343024091-1000\Software\Microsoft\Windows\CurrentVersion\Policies\AMeOpt -> Spyware.InternetOptimizer : Cleaned with backup C:\WINNT\system\UpdInstall[Caution: ExecutableFile] -> Spyware.VX2 : Cleaned with backup C:\WINNT\Explor[Caution: ExecutableFile] -> Heuristic.Win32.Dialer : Cleaned with backup C:\WINNT\CPU_[Caution: ExecutableFile] -> Dialer.Generic : Cleaned with backup C:\WINNT\iLookup -> Adware.eZula : Cleaned with backup C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> Spyware.Cookie.Hyperbanner : Cleaned with backup C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\BDAOUUFH\screen_photo[1].RB0/Screen_Photo.jpeg-graphic1[Caution: ExecutableFile] -> TrojanDropper.VB.iv : Cleaned with backup C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\5WOJDXCT\screen_photo[1].RB0/Screen_Photo.jpeg-graphic1[Caution: ExecutableFile] -> TrojanDropper.VB.iv : Cleaned with backup C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\6LRO9S7E\screen_photo[1].RB0/Screen_Photo.jpeg-graphic1[Caution: ExecutableFile] -> TrojanDropper.VB.iv : Cleaned with backup C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\SV1FAQB1\mm[1].js -> Spyware.Chitika : Cleaned with backup C:\Documents and Settings\Admin\Cookies\[email protected][2].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\Admin\Cookies\admin@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Cleaned with backup C:\Documents and Settings\Admin\Cookies\admin@casalemedia[1].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup C:\Documents and Settings\Admin\Cookies\[email protected][2].txt -> Spyware.Cookie.Pointroll : Cleaned with backup C:\Documents and Settings\Admin\Cookies\[email protected][1].txt -> Spyware.Cookie.Masterstats : Cleaned with backup C:\Documents and Settings\Admin\Cookies\admin@advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup C:\Documents and Settings\Admin\Cookies\[email protected][2].txt -> Spyware.Cookie.Advertising : Cleaned with backup C:\Documents and Settings\Admin\Cookies\admin@oewabox[1].txt -> Spyware.Cookie.Oewabox : Cleaned with backup C:\Documents and Settings\Admin\Cookies\admin@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup :mozilla.10:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup :mozilla.11:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup :mozilla.12:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup :mozilla.13:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup :mozilla.14:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup :mozilla.15:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup :mozilla.25:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup :mozilla.26:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup :mozilla.27:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup :mozilla.28:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup :mozilla.29:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup :mozilla.30:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup :mozilla.31:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup :mozilla.37:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup :mozilla.44:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup :mozilla.45:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup :mozilla.46:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup :mozilla.59:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup :mozilla.60:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup :mozilla.61:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup :mozilla.62:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup :mozilla.63:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup :mozilla.64:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup :mozilla.65:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup :mozilla.66:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup :mozilla.67:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup :mozilla.68:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup :mozilla.69:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup :mozilla.70:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup :mozilla.71:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup :mozilla.72:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup :mozilla.73:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup :mozilla.74:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup :mozilla.75:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup :mozilla.76:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup :mozilla.77:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup :mozilla.78:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup :mozilla.79:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup :mozilla.80:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.81:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.82:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.83:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.84:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.85:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.86:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.87:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.88:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.89:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.90:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.91:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.92:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.93:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.94:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.95:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.96:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.97:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.98:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.99:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.100:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.101:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.102:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.103:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.104:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.105:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.106:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.107:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.108:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.109:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.110:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.111:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.112:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.113:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.114:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.115:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.116:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.117:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.118:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.119:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.120:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.121:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.122:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.123:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.124:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.125:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.126:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.127:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.142:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Oewabox : Cleaned with backup :mozilla.154:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup :mozilla.169:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Etracker : Cleaned with backup :mozilla.170:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup :mozilla.171:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup :mozilla.172:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup :mozilla.173:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup :mozilla.174:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup :mozilla.175:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup :mozilla.176:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup :mozilla.177:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup :mozilla.179:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup :mozilla.180:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup :mozilla.181:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup :mozilla.183:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup :mozilla.185:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup :mozilla.186:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup :mozilla.187:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup :mozilla.188:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup :mozilla.189:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup :mozilla.190:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup :mozilla.191:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup :mozilla.192:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup :mozilla.193:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup :mozilla.194:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup :mozilla.195:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup :mozilla.196:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup :mozilla.214:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup :mozilla.215:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup :mozilla.216:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup :mozilla.217:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup :mozilla.218:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup :mozilla.219:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup :mozilla.220:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup :mozilla.221:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup :mozilla.222:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup :mozilla.224:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.225:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.226:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.243:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup :mozilla.255:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup :mozilla.256:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup :mozilla.257:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup :mozilla.258:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup :mozilla.259:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup :mozilla.260:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup :mozilla.268:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup :mozilla.269:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup :mozilla.270:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup :mozilla.303:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup :mozilla.312:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.320:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup :mozilla.324:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup :mozilla.327:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Spylog : Cleaned with backup :mozilla.342:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Xxxtoolbar : Cleaned with backup :mozilla.348:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Euroclick : Cleaned with backup :mozilla.349:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Euroclick : Cleaned with backup :mozilla.350:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Euroclick : Cleaned with backup :mozilla.354:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Masterstats : Cleaned with backup :mozilla.356:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup :mozilla.376:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Ivwbox : Cleaned with backup :mozilla.378:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup :mozilla.379:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup :mozilla.380:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup :mozilla.381:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup :mozilla.382:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup :mozilla.436:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup :mozilla.444:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup :mozilla.462:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.463:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.470:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.472:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.486:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup :mozilla.487:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup :mozilla.488:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup :mozilla.489:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup :mozilla.496:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.497:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.510:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup :mozilla.511:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup :mozilla.512:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup :mozilla.513:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup :mozilla.514:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup :mozilla.515:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup :mozilla.516:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup :mozilla.518:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup :mozilla.547:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup :mozilla.571:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup :mozilla.572:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup :mozilla.573:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup :mozilla.574:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup :mozilla.575:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup :mozilla.576:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup :mozilla.605:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Popularix : Cleaned with backup :mozilla.607:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.654:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup :mozilla.655:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup :mozilla.656:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup :mozilla.657:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup :mozilla.659:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup :mozilla.667:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup :mozilla.668:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup :mozilla.709:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup :mozilla.716:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup :mozilla.717:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup :mozilla.718:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup :mozilla.719:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup :mozilla.756:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup :mozilla.760:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.763:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.780:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.781:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.811:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup :mozilla.813:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup :mozilla.814:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup :mozilla.815:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup :mozilla.816:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup :mozilla.824:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.825:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.826:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.827:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.861:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Adviva : Cleaned with backup :mozilla.866:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Trafic : Cleaned with backup :mozilla.886:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.889:C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkidzyj9.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup C:\Documents and Settings\Admin\Complete\SWAT 4 + patch1.1.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Splinter Cell - Chaos Theory.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\10 Secrets To Great Sex - Secret 3.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Age of Mythology The Titans.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Symantec Norton Ghost 10.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Paris Dakar Rally.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\BlackICE PC Protection 3.6com.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\SWAT 4.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Transporter 2.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Trend Micro Pattern File 2.773.00.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Camtasia Studio 3.01.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\DEKSI Network Inventory 4.4.2.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Splinter Cell Pandora Tommorow.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Adobe Premier Pro 7.0.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Doom (2005) The.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\MP3 Audio Sound Recorder 1.32.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Avast Antivirus Pro 4.6.691.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\PC-Cillin Internet Security 2006.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Symantec Norton Mega Pack.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Auto MP3 Player 1.26.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\BeFaster 3.55.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\McAfee Virus Definitions 4555.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\3d Studio Max 8.0.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Elizabethtown.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Delta Force Xtreme + patch 1.6.5.0.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\The Myth (2005).RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Powerdvd Copy 1.0.0.701.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Aurora Video VCDDVD Converter&Crea.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Aurora Media Workshop 2.4.16.1.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Power Video Converter 1.4.11.1.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Plato DVD Ripper 1.30.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Archivarius 3000 3.23.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Easy DVD Clone 3.0.4.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Absolute Video Converter 2.5.6.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Game XP 1.5.8.10.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\NewsReactor 1.0.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\Easy GIF Animator 3.1.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\ImTOO DVD Audio Ripper 2.0.55.801.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\ImTOO 3GP Video Converter 2.1.50.810b.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Documents and Settings\Admin\Complete\ImTOO AVI MPEG Converter 2.1.50.810b.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup C:\Program Files\Media Access -> Adware.MediaAccess : Cleaned with backup C:\Program Files\Media Access\MediaAccess[Caution: ExecutableFile] -> Adware.MediaAccess : Cleaned with backup C:\Program Files\Media Access\Info.txt -> Adware.MediaAccess : Cleaned with backup C:\Program Files\AVPersonal\INFECTED\MSBB[Caution: ExecutableFile].VIR -> Spyware.180Solutions : Cleaned with backup C:\Program Files\AVPersonal\INFECTED\ANI[1].ANR.VIR -> TrojanDownloader.Ani.c : Cleaned with backup C:\Program Files\AVPersonal\INFECTED\M11[1].JPG.VIR/y.bat -> Trojan.Zapchast : Cleaned with backup C:\Program Files\winupdates\a.RB0/Setup[Caution: ExecutableFile] -> Worm.VB.an : Cleaned with backup ::Report End

I will do this and post the new log tomorrow

I deleted those things. I am still getting a message whenever I try to open my antivirus or HJT that says: AntiVirus (thats the title) No Viruses, Trojans or Spyware found! Status: OK I have to leave that message open and then try open HJT or my antivirus again. If I click ok or x the message it will just keep coming up when I click on HJT or my antivirus. Here's my HJT Log once again: Logfile of HijackThis v1.99.1 Scan saved at 12:24:18, on 07/11/2005 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss[Caution: ExecutableFile] C:\WINNT\system32\winlogon[Caution: ExecutableFile] C:\WINNT\system32\services[Caution: ExecutableFile] C:\WINNT\system32\lsass[Caution: ExecutableFile] C:\WINNT\system32\ibmpmsvc[Caution: ExecutableFile] C:\WINNT\system32\svchost[Caution: ExecutableFile] C:\WINNT\System32\svchost[Caution: ExecutableFile] C:\WINNT\system32\spoolsv[Caution: ExecutableFile] C:\WINNT\system32\Ati2evxx[Caution: ExecutableFile] C:\Program Files\AVPersonal\AVWUPSRV[Caution: ExecutableFile] C:\WINNT\system32\CTsvcCDA[Caution: ExecutableFile] c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr[Caution: ExecutableFile] C:\WINNT\System32\NTME\METHWNT[Caution: ExecutableFile] C:\WINNT\System32\NTME\brad32[Caution: ExecutableFile] C:\Program Files\Kodak\Kodak EasyShare software\bin\ptssvc[Caution: ExecutableFile] C:\WINNT\System32\QCONSVC[Caution: ExecutableFile] C:\WINNT\system32\MSTask[Caution: ExecutableFile] C:\WINNT\system32\ScsiAccess[Caution: ExecutableFile] C:\WINNT\System32\WBEM\WinMgmt[Caution: ExecutableFile] C:\WINNT\Explorer[Caution: ExecutableFile] C:\WINNT\System32\mspmspsv[Caution: ExecutableFile] C:\WINNT\system32\svchost[Caution: ExecutableFile] C:\WINNT\system32\tp4serv[Caution: ExecutableFile] C:\WINNT\system32\atiptaxx[Caution: ExecutableFile] C:\WINNT\LTSMMSG[Caution: ExecutableFile] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR[Caution: ExecutableFile] C:\WINNT\system32\PRPCUI[Caution: ExecutableFile] C:\PROGRA~1\ThinkPad\UTILIT~1\TP98TRAY[Caution: ExecutableFile] C:\Program Files\AVPersonal\AVSched32[Caution: ExecutableFile] C:\WINNT\regit[Caution: ExecutableFile] C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile] C:\WINNT\AGRSMMSG[Caution: ExecutableFile] C:\PROGRA~1\Sony\SONICS~1\SsAAD[Caution: ExecutableFile] C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile] C:\Program Files\QuickTime\qttask[Caution: ExecutableFile] C:\WINNT\ConnectionStatus\Microsoft\services[Caution: ExecutableFile] C:\WINNT\system32\internat[Caution: ExecutableFile] C:\Program Files\Creative\MediaSource\Detector\CTDetect[Caution: ExecutableFile] C:\Program Files\Spyware Doctor\swdoctor[Caution: ExecutableFile] C:\Program Files\MSN Messenger\msnmsgr[Caution: ExecutableFile] C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile] C:\Program Files\a-squared\a2guard[Caution: ExecutableFile] C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV[Caution: ExecutableFile] C:\Program Files\Real\RealPlayer\RealPlay[Caution: ExecutableFile] C:\Documents and Settings\Admin\Desktop\Hijack\HijackThis[Caution: ExecutableFile] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,(Default) = http://66.250.171.137/dpindex.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\about.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=proxy.aon.at:8080;http=proxy.aon.at:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.aon.at;*.jet2web.net; F2 - REG:system.ini: UserInit=C:\WINNT\system32\Userinit[Caution: ExecutableFile] O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [TrackPointSrv] tp4serv[Caution: ExecutableFile] O4 - HKLM\..\Run: [AtiPTA] atiptaxx[Caution: ExecutableFile] O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG[Caution: ExecutableFile] O4 - HKLM\..\Run: [synchronization Manager] mobsync[Caution: ExecutableFile] /logon O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR[Caution: ExecutableFile] O4 - HKLM\..\Run: [TP4EX] tp4ex[Caution: ExecutableFile] O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI[Caution: ExecutableFile] O4 - HKLM\..\Run: [TPTRAY] C:\PROGRA~1\ThinkPad\UTILIT~1\TP98TRAY[Caution: ExecutableFile] O4 - HKLM\..\Run: [ConfigSafe] C:\CFGSAFE\NTFSCLUP[Caution: ExecutableFile] O4 - HKLM\..\Run: [CSScheduleCheck] C:\CFGSAFE\SCHWIZEX[Caution: ExecutableFile] -CHECK O4 - HKLM\..\Run: [AVSCHED32] C:\Program Files\AVPersonal\AVSched32[Caution: ExecutableFile] /min O4 - HKLM\..\Run: [sbar] "C:\WINNT\regit[Caution: ExecutableFile]" C:\WINNT O4 - HKLM\..\Run: [sountskmanager] sountaskmgr O4 - HKLM\..\Run: [AspConfig] C:\WINNT\AspConfig[Caution: ExecutableFile] O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile]" -osboot O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG[Caution: ExecutableFile] O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO[Caution: ExecutableFile] O4 - HKLM\..\Run: [iHP-100] C:\Program Files\iRiver\iHP100\iHPDetect[Caution: ExecutableFile] O4 - HKLM\..\Run: [ssAAD[Caution: ExecutableFile]] C:\PROGRA~1\Sony\SONICS~1\SsAAD[Caution: ExecutableFile] O4 - HKLM\..\Run: [ WinINet] C:\WINNT\ConnectionStatus\services[Caution: ExecutableFile] O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile]" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]" -atboottime O4 - HKLM\..\Run: [ WinCheck] C:\WINNT\ConnectionStatus\Microsoft\services[Caution: ExecutableFile] O4 - HKLM\..\RunServices: [sountskmanager] sountaskmgr O4 - HKCU\..\Run: [internat[Caution: ExecutableFile]] internat[Caution: ExecutableFile] O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect[Caution: ExecutableFile] /R O4 - HKCU\..\Run: [spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor[Caution: ExecutableFile]" /Q O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [_WinINet] C:\WINNT\ConnectionStatus\services[Caution: ExecutableFile] O4 - HKCU\..\Run: [_WinCheck] C:\WINNT\ConnectionStatus\Microsoft\services[Caution: ExecutableFile] O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard[Caution: ExecutableFile]" O4 - Global Startup: Download Demon.lnk = C:\Program Files\Netzip Download Demon\Netzip Download Demon[Caution: ExecutableFile] O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA[Caution: ExecutableFile] O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare[Caution: ExecutableFile] O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL[Caution: ExecutableFile]/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b27571.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b30149.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b27571.cab O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) - https://webresponse.one.microsoft.com/o ... winrep.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4126470871 O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/softwar ... launch.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005 ... scan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b27571.cab O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promot ... WebAAS.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZI ... b34246.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.ne ... tector.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/zuma/defaul ... der_v6.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ECO-CEE.at.schneider-electric.com O17 - HKLM\System\CCS\Services\Tcpip\..\{339C5575-6924-44D2-A335-9B73A7F4FDC4}: NameServer = 195.3.96.67 195.3.96.68 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ECO-CEE.at.schneider-electric.com O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = ECO-CEE.at.schneider-electric.com O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Filter: text/html - {5C13EB45-8423-4758-A45C-4FF84011705D} - C:\Documents and Settings\Admin\Local Settings\Application Data\microsoft\internet explorer\V0.26.dat O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAM FILES\AVPERSONAL\AVGUARD[Caution: ExecutableFile] O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx[Caution: ExecutableFile] O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV[Caution: ExecutableFile] O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNT\system32\CTsvcCDA[Caution: ExecutableFile] O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin[Caution: ExecutableFile] O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINNT\system32\ibmpmsvc[Caution: ExecutableFile] O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT[Caution: ExecutableFile] O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile] O23 - Service: Mouse Button Monitor (mousebm) - Unknown owner - C:\WINNT\system32\mousebm[Caution: ExecutableFile] (file missing) O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV[Caution: ExecutableFile] O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr[Caution: ExecutableFile]" -sSQLEXPRESS (file missing) O23 - Service: netinfo - Unknown owner - C:\WINNT\netinfo[Caution: ExecutableFile] (file missing) O23 - Service: Network Associates Management Agent - Network Associates - C:\WINNT\System32\NTME\METHWNT[Caution: ExecutableFile] O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR[Caution: ExecutableFile] O23 - Service: ptssvc - KODAK - C:\Program Files\Kodak\Kodak EasyShare software\bin\ptssvc[Caution: ExecutableFile] O23 - Service: QCONSVC - Unknown owner - C:\WINNT\System32\QCONSVC[Caution: ExecutableFile] O23 - Service: ScsiAccess - Unknown owner - C:\WINNT\system32\ScsiAccess[Caution: ExecutableFile] O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV[Caution: ExecutableFile] O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV[Caution: ExecutableFile] O23 - Service: System Messenger Service (WINSMSC) - Unknown owner - C:\WINNT\smsc[Caution: ExecutableFile] (file missing)

You press the print screen button. Usually in the top right of the keyboard and abbreviated to PrtSc or something like that. then you paste it in paint or photoshop oor wherever.

I think the trojan is gone. Task manager is opening fine as well as my antivirus and HJT. Here is the new HJT Log: Logfile of HijackThis v1.99.1 Scan saved at 02:56:16, on 07/11/2005 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss[Caution: ExecutableFile] C:\WINNT\system32\winlogon[Caution: ExecutableFile] C:\WINNT\system32\services[Caution: ExecutableFile] C:\WINNT\system32\lsass[Caution: ExecutableFile] C:\WINNT\system32\ibmpmsvc[Caution: ExecutableFile] C:\WINNT\system32\svchost[Caution: ExecutableFile] C:\WINNT\System32\svchost[Caution: ExecutableFile] C:\WINNT\system32\spoolsv[Caution: ExecutableFile] C:\WINNT\system32\Ati2evxx[Caution: ExecutableFile] C:\WINNT\system32\CTsvcCDA[Caution: ExecutableFile] c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr[Caution: ExecutableFile] C:\WINNT\System32\NTME\METHWNT[Caution: ExecutableFile] C:\WINNT\System32\NTME\brad32[Caution: ExecutableFile] C:\Program Files\Kodak\Kodak EasyShare software\bin\ptssvc[Caution: ExecutableFile] C:\WINNT\System32\QCONSVC[Caution: ExecutableFile] C:\WINNT\system32\MSTask[Caution: ExecutableFile] C:\WINNT\system32\ScsiAccess[Caution: ExecutableFile] C:\WINNT\System32\WBEM\WinMgmt[Caution: ExecutableFile] C:\WINNT\System32\mspmspsv[Caution: ExecutableFile] C:\WINNT\system32\svchost[Caution: ExecutableFile] C:\WINNT\Explorer[Caution: ExecutableFile] C:\WINNT\system32\tp4serv[Caution: ExecutableFile] C:\WINNT\system32\atiptaxx[Caution: ExecutableFile] C:\WINNT\LTSMMSG[Caution: ExecutableFile] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR[Caution: ExecutableFile] C:\WINNT\system32\PRPCUI[Caution: ExecutableFile] C:\PROGRA~1\ThinkPad\UTILIT~1\TP98TRAY[Caution: ExecutableFile] C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile] C:\WINNT\AGRSMMSG[Caution: ExecutableFile] C:\Program Files\Media Access\MediaAccess[Caution: ExecutableFile] C:\Program Files\Java\jre1.5.0_04\bin\jusched[Caution: ExecutableFile] C:\PROGRA~1\Sony\SONICS~1\SsAAD[Caution: ExecutableFile] C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile] C:\Program Files\QuickTime\qttask[Caution: ExecutableFile] C:\WINNT\system32\internat[Caution: ExecutableFile] C:\Program Files\Creative\MediaSource\Detector\CTDetect[Caution: ExecutableFile] C:\Program Files\Spyware Doctor\swdoctor[Caution: ExecutableFile] C:\Program Files\MSN Messenger\msnmsgr[Caution: ExecutableFile] C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile] C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV[Caution: ExecutableFile] C:\Program Files\a-squared\a2guard[Caution: ExecutableFile] C:\Program Files\Media Access\MediaAccK[Caution: ExecutableFile] C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR[Caution: ExecutableFile] C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex[Caution: ExecutableFile] C:\Program Files\AVPersonal\AVWUPSRV[Caution: ExecutableFile] C:\Program Files\AVPersonal\AVSched32[Caution: ExecutableFile] C:\Program Files\Mozilla Firefox\firefox[Caution: ExecutableFile] C:\Documents and Settings\Admin\Desktop\Hijack\HijackThis[Caution: ExecutableFile] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,(Default) = http://66.250.171.137/dpindex.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\about.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=proxy.aon.at:8080;http=proxy.aon.at:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.aon.at;*.jet2web.net; R3 - URLSearchHook: (no name) - _{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) F2 - REG:system.ini: UserInit=C:\WINNT\system32\Userinit[Caution: ExecutableFile] O1 - Hosts: 66.250.171.167 sitefinder.verisign.com O1 - Hosts: 66.250.171.167 sitefinder-idn.verisign.com O1 - Hosts: 66.250.57.9 view.atdmt.com O1 - Hosts: 66.250.57.9 click.atdmt.com O1 - Hosts: 66.250.57.9 leader.linkexchange.com O1 - Hosts: 66.250.57.9 pagead2.googlesyndication.com O2 - BHO: DLMaxObj Class - {00000000-59D4-4008-9058-080011001200} - C:\WINNT\dlmax.dll (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: iMeshBar BHO - {5345A7A1-805A-4923-B505-86B2FEBA3FE0} - C:\Program Files\iMeshBar\bar\1.bin\IMESHBAR.DLL (file missing) O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: SE-Toolbar - {691AFBC1-3C46-406D-AD22-EB3A0F665FC1} - C:\WINNT\system32\setoolbar.dll O3 - Toolbar: iMeshBar - {5345A7A9-805A-4923-B505-86B2FEBA3FE0} - C:\Program Files\iMeshBar\bar\1.bin\IMESHBAR.DLL (file missing) O4 - HKLM\..\Run: [TrackPointSrv] tp4serv[Caution: ExecutableFile] O4 - HKLM\..\Run: [AtiPTA] atiptaxx[Caution: ExecutableFile] O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG[Caution: ExecutableFile] O4 - HKLM\..\Run: [synchronization Manager] mobsync[Caution: ExecutableFile] /logon O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR[Caution: ExecutableFile] O4 - HKLM\..\Run: [TP4EX] tp4ex[Caution: ExecutableFile] O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI[Caution: ExecutableFile] O4 - HKLM\..\Run: [TPTRAY] C:\PROGRA~1\ThinkPad\UTILIT~1\TP98TRAY[Caution: ExecutableFile] O4 - HKLM\..\Run: [ConfigSafe] C:\CFGSAFE\NTFSCLUP[Caution: ExecutableFile] O4 - HKLM\..\Run: [CSScheduleCheck] C:\CFGSAFE\SCHWIZEX[Caution: ExecutableFile] -CHECK O4 - HKLM\..\Run: [AVSCHED32] C:\Program Files\AVPersonal\AVSched32[Caution: ExecutableFile] /min O4 - HKLM\..\Run: [sbar] "C:\WINNT\regit[Caution: ExecutableFile]" C:\WINNT O4 - HKLM\..\Run: [sountskmanager] sountaskmgr O4 - HKLM\..\Run: [AspConfig] C:\WINNT\AspConfig[Caution: ExecutableFile] O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile]" -osboot O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG[Caution: ExecutableFile] O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO[Caution: ExecutableFile] O4 - HKLM\..\Run: [paywxengtj] C:\WINNT\system32\hzemdl[Caution: ExecutableFile] O4 - HKLM\..\Run: [fweradggs] C:\WINNT\system32\fweradggs[Caution: ExecutableFile] O4 - HKLM\..\Run: [ntTJm] C:\WINNT\mwuxpcd[Caution: ExecutableFile] O4 - HKLM\..\Run: [iHP-100] C:\Program Files\iRiver\iHP100\iHPDetect[Caution: ExecutableFile] O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK[Caution: ExecutableFile] O4 - HKLM\..\Run: [wrstip] C:\WINNT\wrstip[Caution: ExecutableFile] O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched[Caution: ExecutableFile] O4 - HKLM\..\Run: [ntTJmÃÆÃâÃâú*ÃÆÃâÃâáaÃÆÃâÃâîÃÆââ¬Â¦ÃâþrgÃÆÃâÃâÃ

Is it a free podcast?

After doing this scan; http://www.windowsecurity.com/trojanscan/ I am left with a list of files on my computer. Are these files after being deleted or is this scan just telling me what is wrong with my computer. there is red link under the list of files saying "To clean your computer and stay protected, click here to download a-squared Personal now!" Do I have to click this for it to delete the viruses it found and if so, is it free??

Thanks alot coltm4carbine, your canned speech was just fine although the panda link did not work. I'm running the windowsecurity trojan scan atm and have already run adaware, spybot and the trend micro one. After running all of these (except the Trojan scan one) windows task manager would still not open. The trend micro one found some things that it "could not access". Maybe thats the problem? Anyway I'll finish up the scan that's running right now then post a new HJT log and we will see. Thanks again. This advice has been very useful and I do appreciate you taking your time to put it together.

I will do all of those scans. My desktop looks ok but I have not been able to open the task manager and the computer has been kind of slow for the last day or two.

http://www.rsbandb.com/ Go here and click on signatures (thats what the picture and/or text is after people's post). You then go to your Profile on forum.tip.it. It's at the top right of the screen. In there somewhere you edit your signature. at rsbandb they give a long piece of text that you paste into where forum.tip.it asks for your signature. Someone will probably give you a better explanation if mine is not written so well :D