Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

having problems doing my HijackThis log.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

having problems doing my HijackThis log.

Unread postby batesy » June 5th, 2006, 9:39 am

Hi, im new to all this, my norton antivirus run out a couple of weeks ago, and stupidly i didnt renew! So last night i found a free one on the internet (AVG). i downloaded it, and did a scan of my PC, The last i looked before going to bed it was at 8 trojan horses! when i checked this morning it had cleared all but 3 of them. So i found a trojan horse remover off the net, and run that, it says they are all gone. I could do with doing a hijackthis log, and have you experts look over it for me, as im sure theres lots that shouldnt be there, and obiously i have something somewhere which is allowing these viruses in.

So i found the part where it helps you with the log, i click on 'save'. then 'start', 'my documents', 'desktop', clicked on the 'hijack' icon, then 'run' .

Thats as far as i get becuase a box appears- 'winzip self extractor-hijackthis_sfx.exe.

Now im not at all clued up on this, so any help would be totally appreciated. thanks stef.
batesy
Regular Member
 
Posts: 17
Joined: June 5th, 2006, 6:29 am
Location: north east
Advertisement
Register to Remove

Unread postby 'KotaGuy » June 5th, 2006, 12:44 pm

That is a Self Extracting file. Extract the file to a folder on your Desktop. Then open that folder. HijackThis.exe should be inside it. Double click it to run it and click the Do a System Scan and save a Logfile button... notepad will open after a few moments.

Copy/paste the log as a reply to this thread.
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada

Unread postby batesy » June 5th, 2006, 1:41 pm

Thanks for your help , here it is....


Logfile of HijackThis v1.99.1
Scan saved at 18:40:12, on 05/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\PackethSvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Browser MOUSE\mouse32a.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIE.EXE
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Samsung\Digimax Viewer 1.0\DigimaxViewer.exe
C:\Program Files\blueyonder IST\bin\mpbtn.exe
C:\Program Files\eBay\eBay Toolbar\4.4.0.2\ebaytbar.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\INCRED~1\bin\ImNotfy.exe
C:\Documents and Settings\stephanie bate\My Documents\My Albums\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bounty.com/Community/Discuss ... btySubID=1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer Provided by blueyonder
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: eBay Helper Object - {001F2570-5DF5-11d3-B991-00A0C9BB0874} - C:\Program Files\eBay\eBay Toolbar\4.4.0.2\eBayBand.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.0002.1001\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.2001.0001\en-gb\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.2001.0001\en-gb\msntb.dll
O3 - Toolbar: eBay Toolbar - {46AE04C0-BCFA-4728-90E7-00EB4A8B3863} - C:\Program Files\eBay\eBay Toolbar\4.4.0.2\eBayBand.dll
O3 - Toolbar: (no name) - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Need2Find Bar - {4D1C4E89-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [EPSON Stylus C44 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C44 Series" /O6 "USB001" /M "Stylus C44"
O4 - HKLM\..\Run: [madeSafe Shield] C:\Program Files\solarSoft\madeSafe\smsh1.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SysUpd] C:\WINDOWS\sysupd.exe
O4 - HKLM\..\Run: [xmlvb] C:\WINDOWS\inf\xmlvb.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.0002.1001\en-gb\msnappau.exe"
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser MOUSE\mouse32a.exe
O4 - HKLM\..\Run: [*urls] C:\WINDOWS\inf\urls.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Ã
batesy
Regular Member
 
Posts: 17
Joined: June 5th, 2006, 6:29 am
Location: north east

Unread postby 'KotaGuy » June 5th, 2006, 1:58 pm

Run HijackThis... click the Misc Tools button... click the Uninstall Manager button... then the Save List button and save the file to your Desktop.

Copy/paste that list into you next reply please.
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada

Unread postby batesy » June 5th, 2006, 2:15 pm

ABBYY FineReader 4.0 Sprint
Adobe Download Manager 2.0 (Remove Only)
Adobe Reader 7.0.7
AI RoboForm (All Users)
AOL UK
Avance AC'97 Audio
AVG Free Edition
blueyonder Instant Support Tool
Browser MOUSE
CC_ccStart
ccCommon
Clickable Card
Commandos, Beyond the Call of Duty
CompuServe 2000 Version 6
Conexant SoftK56 Modem(M)
Crush'Em 2.0
CueClub_Setup_032403
Digimax Viewer 1.0
EA SPORTS online 2004
eBay Toolbar
EPSON Attach To Email
EPSON Easy Photo Print
EPSON File Manager
EPSON PhotoQuicker3.4
EPSON Print CD
EPSON Printer Software
EPSON Scan Assistant
EPSON Web-To-Page
ESPR220 User's Guide
FloorPlan 3D v6
Focus Multimedia's Create Your Own Business Cards
Google Earth
Google Toolbar for Internet Explorer
HijackThis 1.99.1
IL-2 Sturmovik
ImageMixer VCD2
IncrediMail Xe
InstaFinderK
InterActual Player
J2SE Runtime Environment 5.0 Update 3
Jessops Print@Net v1.1.0.49
JJI-Joist Software
Klick Photopoint Online Print Wizard
KODAK EASYSHARE Gallery Upload ActiveX Control
Largo
LimeWire 4.10.0
LiveReg (Symantec Corporation)
LiveUpdate 3.0 (Symantec Corporation)
Macromedia Flash Player
Macromedia Flash Player 8
Macromedia Shockwave Player
MGI PhotoSuite III SE (Remove Only)
Microsoft AntiSpyware
Microsoft Data Access Components KB870669
Microsoft Money
Microsoft Money System Pack
Microsoft Works 7.0
MSN Messenger 7.5
MSN Toolbar
MSRedist
Multimedia Keyboard Driver Ver1.0 (KB-0108)
Need2Find Bar
Norton AntiVirus 2004
Norton AntiVirus 2004 (Symantec Corporation)
Norton AntiVirus Parent MSI
Norton AntiVirus SYMLT MSI
Norton WMI Update
NVIDIA Windows 2000/XP Display Drivers
Packard Bell Diamond 1200Plus v1.0
Picture Package
PIF DESIGNER
PowerDVD
Puzzl'Em 1.0 Beta2
QuickTime
RealPlayer
ScanToWeb
Search Relevancy
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Shockwave
SMP3 Tools v1.5a
Sony USB Driver
Space Invaders
Supercross Kings
Symantec Script Blocking Installer
SymNet
Tactical Manager 3
Tennis Antics
Tomb Raider III
Turbo Lister
TurboCAD Designer v7
TurboCAD v7 Audio Visual Training
TurboProject Express v.4
Ulead Photo Express 3.0 SE
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
USB Video/Audio Device Driver
Viewpoint Media Player (Remove Only)
Windows Backup Utility
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
Yahoo! Anti-Spy
Yahoo! Install Manager
Yahoo! Toolbar
ZoneAlarm
batesy
Regular Member
 
Posts: 17
Joined: June 5th, 2006, 6:29 am
Location: north east

Unread postby 'KotaGuy » June 5th, 2006, 3:08 pm

I noticed you are running both Norton AV and AVG... this isn't a good idea as having two active AV programs can cause conflicts. We will address that later though.

Print these instructions out for reference during the fix as for part of it you won't be able to access the internet.

I'm going to give a bit to do so go through the instructions slowly. If at any point you don't understand something or run into any problems... please post back with your questions.

Download and install Ewido Anti-Malware. When installing don't enable the Ewido Guard(its Real Time Protection)Update the program. Don't scan with it yet.

Download and install CCleaner. You don't need to install the Yahoo! Toolbar. Don't run the program yet.

OK... Click Start>Run type in appwiz.cpl and hit Enter. From the list uninstall:

InstaFinderK
J2SE Runtime Environment 5.0 Update 3
Need2Find Bar
Search Relevancy
Viewpoint Media Player


Go here and download and install JRE 5.0 Update 7. Click the link that says Download JRE 5.0 Update 7. You will then need to select Accept License Agreement and click the Continue button that is beside it. Then click the link that says Windows Offline Installation, Multi-language. Save it to your Desktop. Then go back to your Desktop and double click jre-1_5_0_07-windows-i586-p.exe to start the install.

Disable Microsoft Anti-Spyware's Real Time Protection as it may interfere with the fix.
  • Right-click on the Microsoft Anti-Spyware icon in the system tray [it's the one with the red and yellow bulls-eye].
  • Click on "Security Agents Status".
  • Click on "Disable real-time protection".

Next right-click on the Microsoft Anti-Spyware icon in the system tray again to open Microsoft Anti-Spyware.
  • Click on the Options menu and choose Settings.
  • In the left pane column click on "Real Time Protection".
  • Under Startup Options, uncheck "Enable (MSAS) Security Agents on startup (recommended)"
  • Under Real-time spyware threat protection, uncheck and "Enable real-time spyware threat protection" (recommended).
  • Click the Save button and close Microsoft AntiSpyware.
  • Finally, right-click on the MSAS icon in the system tray and select "Shutdown Microsoft Antispyware".

You can re-enable it after your log is clean.

Run and scan with HijackThis. With all broswers and windows closed, place checks beside the following and fix:

[b][color=#990000]O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O3 - Toolbar: (no name) - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - (no file)
O3 - Toolbar: Need2Find Bar - {4D1C4E89-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O4 - HKLM\..\Run: [SysUpd] C:\WINDOWS\sysupd.exe
O4 - HKLM\..\Run: [xmlvb] C:\WINDOWS\inf\xmlvb.exe
O4 - HKLM\..\Run: [*urls] C:\WINDOWS\inf\urls.exe
O4 - HKLM\..\Run: [Ã
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada

Unread postby batesy » June 5th, 2006, 5:24 pm

hi, i have a problem, i cant find the microsoft anti spyware icon, in the system tray. Any ideas how i would find it?
batesy
Regular Member
 
Posts: 17
Joined: June 5th, 2006, 6:29 am
Location: north east

Unread postby 'KotaGuy » June 5th, 2006, 5:35 pm

If you can't find it in the System tray... just open it through Start>All Programs and turn it off from within the program itself :)
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada

Unread postby batesy » June 5th, 2006, 5:38 pm

I tried that, but it says this version expired on 31 dec 05, then to click ok, or click on the link to download an updated version.
batesy
Regular Member
 
Posts: 17
Joined: June 5th, 2006, 6:29 am
Location: north east

Unread postby 'KotaGuy » June 5th, 2006, 5:49 pm

OK... you will need to uninstall that one then through Add/Remove programs and Download the new one(Windows Defender).

So click Start>Run type in appwiz.cpl and hit Enter. From the list uninstall:

Microsoft AntiSpyware

You can download the new version from here:

http://www.microsoft.com/athome/securit ... fault.mspx

Once you have it installed... diable the Real Time Protection by doing the following...
  • Open Windows Defender
  • Click Tools
  • Scroll down to Real Time Protection Options
  • Uncheck Turn on Real Time Protection (recommended)
  • Close Windows Defender

Once your log is clean you can re-enable Windows Defender Real Time Protection.

Then proceed with the rest of the instructions.
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada

Unread postby batesy » June 6th, 2006, 3:26 am

Hi, i did all that you asked.

I hope i did the right thing, but when i did the ewido scan, at the end of the scan a warning box appeared 'could not delete as ebedded, do you want to delete the archive', or words to that effect.


ok, here is the ewido scan-

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 07:39:35, 06/06/2006
+ Report-Checksum: A1D978E5

+ Scan result:

HKLM\SOFTWARE\180solutions -> Adware.180Solutions : Cleaned with backup
HKLM\SOFTWARE\AutoLoader -> Adware.Apropos : Cleaned with backup
HKLM\SOFTWARE\Brilliant Digital Entertainment -> Adware.BrilliantDigital : Cleaned with backup
HKLM\SOFTWARE\Brilliant Digital Entertainment\BDEInstaller -> Adware.BrilliantDigital : Cleaned with backup
HKLM\SOFTWARE\Classes\ACTIVEXDOWNLOAD.ActiveXDownloadCtrl.1 -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\installman.EXE -> Adware.BrilliantDigital : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{59879FA4-4790-461c-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\SearchRelevancy -> Adware.SearchRelevancy : Cleaned with backup
HKLM\SOFTWARE\Classes\SearchRelevancy\CLSID -> Adware.SearchRelevancy : Cleaned with backup
HKLM\SOFTWARE\IntexusDial -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\nCASE -> Adware.180Solutions : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\AMeOpt -> Adware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Policies\Avenue Media -> Adware.InternetOptimizer : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\INSTAFINK -> Adware.InstaFinder : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\INSTAFINK\Reports -> Adware.InstaFinder : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\INSTAFINK\Reports\38653 -> Adware.InstaFinder : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\INSTAFINK\Reports\38653\Objects -> Adware.InstaFinder : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\INSTAFINK\Reports\38653\Objects\5 -> Adware.InstaFinder : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\INSTAFINK\Reports\38654 -> Adware.InstaFinder : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\INSTAFINK\Reports\38654\Objects -> Adware.InstaFinder : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\INSTAFINK\Reports\38654\Objects\5 -> Adware.InstaFinder : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\INSTAFINK\Reports\38655 -> Adware.InstaFinder : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\INSTAFINK\Stat -> Adware.InstaFinder : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\Microsoft\Windows\CurrentVersion\Policies\AMeOpt -> Adware.InternetOptimizer : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\Policies\Avenue Media -> Adware.InternetOptimizer : Cleaned with backup
C:\Documents and Settings\micky\Application Data\Adverts\uninst.exe -> Adware.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@66.220.17[2].txt -> TrackingCookie.66.220.17.154 : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ads.realcastmedia[1].txt -> TrackingCookie.Realcastmedia : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@adtech[1].txt -> TrackingCookie.Adtech : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@adviva[2].txt -> TrackingCookie.Adviva : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@bfast[2].txt -> TrackingCookie.Bfast : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@c10018.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@c29313.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@c29912.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@casinodelrio[1].txt -> TrackingCookie.Casinodelrio : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@centrport[2].txt -> TrackingCookie.Centrport : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@com[2].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@counter13.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@counter2.hitslink[2].txt -> TrackingCookie.Hitslink : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@counter7.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@d12273.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@d3327.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wfkicidjolo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wfkioodjwfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wfkockcpohp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wfkooic5ckp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wfkowkd5ilq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wfliuiajgbp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wflougcjeco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wfmikmazsfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wfmismdzefp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wfmycpdjokq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wfmyojcjoko.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wgkyamdpihq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wgkyghdzofo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wjk4wlazekp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wjkokhajskp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wjkoqhajabp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wjlosidpico.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wjlyukczmao.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wjmyoodzilo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e31812.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-autotrader.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-bbc.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-bskyb.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-classified.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-communityconnect.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-dig.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-fifa.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-hasbro.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-hitent.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-littlewoods.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-logantod.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-reebok.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-warnerbrothers.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@estat[1].txt -> TrackingCookie.Estat : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@f10856.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@fhm.valueclick[2].txt -> TrackingCookie.Valueclick : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@g14350.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@g15693.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@h.starware[1].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@i22136.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@i4942.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@j25981.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@k14582.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@k9439.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@linksynergy[1].txt -> TrackingCookie.Linksynergy : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@lop[2].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@m1895.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@media.fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@n11423.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@n7288.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@overture[2].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@phg.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@qksrv[2].txt -> TrackingCookie.Qksrv : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@r24079.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@r8313.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@reduxads.valuead[2].txt -> TrackingCookie.Valuead : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@revenue[3].txt -> TrackingCookie.Revenue : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@sel.as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@sel.as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@spylog[1].txt -> TrackingCookie.Spylog : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@stat.onestat[1].txt -> TrackingCookie.Onestat : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@stats.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@t32167.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@trafic[1].txt -> TrackingCookie.Trafic : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@try.starware[1].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@u17869.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@valueclick[3].txt -> TrackingCookie.Valueclick : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@web4.realtracker[2].txt -> TrackingCookie.Realtracker : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@weborama[1].txt -> TrackingCookie.Weborama : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@wrigley.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@www.casinodelrio[2].txt -> TrackingCookie.Casinodelrio : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Downloads\FridayDartsSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\783A8D59-2AFA-4096-A6D9-789C88\399041C1-BF72-408D-AD55-BB4B36 -> Adware.RXBar : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\783A8D59-2AFA-4096-A6D9-789C88\A69A5587-73AE-434D-9E29-6C3F75 -> Adware.RXBar : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\01FC8518-3062-40AA-83BB-3F4F67 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\249E8364-71A3-4177-AB5D-E22A35/Points Manager.exe -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\2647220C-EA12-48BE-89ED-EEED9A -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\29AF6966-8EFD-4E0A-AE6B-5032D4 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\474203F6-99F3-4215-B1D2-9179A7/sysdetect.dll -> Adware.BrilliantDigital : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\7F959830-ED37-4498-B87A-965874 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\816EF74C-3C6E-4007-B09B-86D0A5 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\912B7B6B-B920-4BD4-8795-9D2490 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\A566C031-1B05-449D-9953-F1FFB4/AltnetUninstall.exe -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\AF9418BF-4DC0-46F8-B18E-12871F -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\B3141615-C690-40D1-8C04-CF3B10 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\C54A5CF2-40C8-4A9C-B0D4-010B24 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\D36E8889-3BDF-4ED3-B0ED-1C6795 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\E172A294-0DEC-4C81-AD88-7F02DE -> Adware.BrilliantDigital : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\E31960FF-AD46-4046-8E0E-AD9F46 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\E6B79C44-D2F5-4BD5-AD84-63C32B -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\E75AEE25-4430-4E4C-830D-257A54 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\EF948ED4-A71D-4D0F-9B3E-698DE5 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\F34427FE-35D5-40AB-89C8-BB722D -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\F7CBC6D2-67A9-49A4-900D-8E7066 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\FAA620D6-0583-40C6-A90F-6C89E7 -> Adware.Altnet : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\imloader.exe -> Not-A-Virus.Downloader.Win32.ImLoader.b : Cleaned with backup


and here is my HJT log-

Logfile of HijackThis v1.99.1
Scan saved at 08:24:03, on 06/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Browser MOUSE\mouse32a.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIE.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Samsung\Digimax Viewer 1.0\DigimaxViewer.exe
C:\Program Files\eBay\eBay Toolbar\4.4.0.2\ebaytbar.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\blueyonder IST\bin\mpbtn.exe
C:\WINDOWS\System32\PackethSvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe
C:\Documents and Settings\stephanie bate\My Documents\My Albums\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bounty.com/Community/Discuss ... btySubID=1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer Provided by blueyonder
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: eBay Helper Object - {001F2570-5DF5-11d3-B991-00A0C9BB0874} - C:\Program Files\eBay\eBay Toolbar\4.4.0.2\eBayBand.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.0002.1001\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.2001.0001\en-gb\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.2001.0001\en-gb\msntb.dll
O3 - Toolbar: eBay Toolbar - {46AE04C0-BCFA-4728-90E7-00EB4A8B3863} - C:\Program Files\eBay\eBay Toolbar\4.4.0.2\eBayBand.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [EPSON Stylus C44 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C44 Series" /O6 "USB001" /M "Stylus C44"
O4 - HKLM\..\Run: [madeSafe Shield] C:\Program Files\solarSoft\madeSafe\smsh1.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.0002.1001\en-gb\msnappau.exe"
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser MOUSE\mouse32a.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [EPSON Stylus Photo R220 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIE.EXE /P30 "EPSON Stylus Photo R220 Series" /O6 "USB003" /M "Stylus Photo R220"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [EPSON Stylus C44 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C44 Series" /M "Stylus C44"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: blueyonder Instant Support Tool.lnk = C:\Program Files\blueyonder IST\bin\matcli.exe
O4 - Global Startup: Digimax Viewer 1.0.lnk = ?
O4 - Global Startup: eBay Toolbar.LNK = C:\Program Files\eBay\eBay Toolbar\4.4.0.2\ebaytbar.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Ulead Photo Express 3.0 SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar3.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: eBay Toolbar - {92D7F210-7F20-11d3-8157-0090278B20DE} - C:\Program Files\eBay\eBay Toolbar\4.4.0.2\eBayBand.dll
O9 - Extra 'Tools' menuitem: eBay Toolbar - {92D7F210-7F20-11d3-8157-0090278B20DE} - C:\Program Files\eBay\eBay Toolbar\4.4.0.2\eBayBand.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Money Viewer - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.virgin.net/
O16 - DPF: ChatSpace Java Client 2.1.0.95L - http://217.158.162.60:8001/Java/cs4msl095.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsup ... SupCtl.cab
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/UK/install.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5303909406
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.co.uk/downloads ... ofupld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... Client.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Ba ... b31267.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - https://ukplay.toontown.com/download/sv ... ttinst.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {C9147000-17E4-41E8-9089-A2A67DBCA22D} (IEUpdateOSR2 Control with Key) - https://client.virgin.net/assets/update.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsup ... mAData.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://static.photobox.co.uk/sg/common/uploader2.ocx
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EP ... -0-3-0.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar) - http://us.dl1.yimg.com/download.compani ... _1_6_0.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/se ... loader.cab
O16 - DPF: {F04F4F32-6457-401A-8169-D2773DDFF930} - http://us.dl1.yimg.com/download.yahoo.c ... r1_1uk.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... owdown.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\System32\PackethSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe


Hopefully ive done everything i was asked.
batesy
Regular Member
 
Posts: 17
Joined: June 5th, 2006, 6:29 am
Location: north east

Unread postby batesy » June 6th, 2006, 3:27 am

Hi, i did all that you asked.

I hope i did the right thing, but when i did the ewido scan, at the end of the scan a warning box appeared 'could not delete as ebedded, do you want to delete the archive', or words to that effect.


ok, here is the ewido scan-

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 07:39:35, 06/06/2006
+ Report-Checksum: A1D978E5

+ Scan result:

HKLM\SOFTWARE\180solutions -> Adware.180Solutions : Cleaned with backup
HKLM\SOFTWARE\AutoLoader -> Adware.Apropos : Cleaned with backup
HKLM\SOFTWARE\Brilliant Digital Entertainment -> Adware.BrilliantDigital : Cleaned with backup
HKLM\SOFTWARE\Brilliant Digital Entertainment\BDEInstaller -> Adware.BrilliantDigital : Cleaned with backup
HKLM\SOFTWARE\Classes\ACTIVEXDOWNLOAD.ActiveXDownloadCtrl.1 -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\installman.EXE -> Adware.BrilliantDigital : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{59879FA4-4790-461c-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\SearchRelevancy -> Adware.SearchRelevancy : Cleaned with backup
HKLM\SOFTWARE\Classes\SearchRelevancy\CLSID -> Adware.SearchRelevancy : Cleaned with backup
HKLM\SOFTWARE\IntexusDial -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\nCASE -> Adware.180Solutions : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\AMeOpt -> Adware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Policies\Avenue Media -> Adware.InternetOptimizer : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\INSTAFINK -> Adware.InstaFinder : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\INSTAFINK\Reports -> Adware.InstaFinder : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\INSTAFINK\Reports\38653 -> Adware.InstaFinder : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\INSTAFINK\Reports\38653\Objects -> Adware.InstaFinder : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\INSTAFINK\Reports\38653\Objects\5 -> Adware.InstaFinder : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\INSTAFINK\Reports\38654 -> Adware.InstaFinder : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\INSTAFINK\Reports\38654\Objects -> Adware.InstaFinder : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\INSTAFINK\Reports\38654\Objects\5 -> Adware.InstaFinder : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\INSTAFINK\Reports\38655 -> Adware.InstaFinder : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\INSTAFINK\Stat -> Adware.InstaFinder : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\Microsoft\Windows\CurrentVersion\Policies\AMeOpt -> Adware.InternetOptimizer : Cleaned with backup
HKU\S-1-5-21-4174961340-2700246674-3993742346-1005\Software\Policies\Avenue Media -> Adware.InternetOptimizer : Cleaned with backup
C:\Documents and Settings\micky\Application Data\Adverts\uninst.exe -> Adware.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@66.220.17[2].txt -> TrackingCookie.66.220.17.154 : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ads.realcastmedia[1].txt -> TrackingCookie.Realcastmedia : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@adtech[1].txt -> TrackingCookie.Adtech : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@adviva[2].txt -> TrackingCookie.Adviva : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@bfast[2].txt -> TrackingCookie.Bfast : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@c10018.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@c29313.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@c29912.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@casinodelrio[1].txt -> TrackingCookie.Casinodelrio : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@centrport[2].txt -> TrackingCookie.Centrport : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@com[2].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@counter13.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@counter2.hitslink[2].txt -> TrackingCookie.Hitslink : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@counter7.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@d12273.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@d3327.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wfkicidjolo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wfkioodjwfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wfkockcpohp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wfkooic5ckp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wfkowkd5ilq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wfliuiajgbp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wflougcjeco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wfmikmazsfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wfmismdzefp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wfmycpdjokq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wfmyojcjoko.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wgkyamdpihq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wgkyghdzofo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wjk4wlazekp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wjkokhajskp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wjkoqhajabp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wjlosidpico.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wjlyukczmao.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e-2dj6wjmyoodzilo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@e31812.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-autotrader.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-bbc.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-bskyb.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-classified.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-communityconnect.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-dig.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-fifa.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-hasbro.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-hitent.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-littlewoods.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-logantod.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-reebok.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg-warnerbrothers.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ehg.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@estat[1].txt -> TrackingCookie.Estat : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@f10856.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@fhm.valueclick[2].txt -> TrackingCookie.Valueclick : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@g14350.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@g15693.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@h.starware[1].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@i22136.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@i4942.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@j25981.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@k14582.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@k9439.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@linksynergy[1].txt -> TrackingCookie.Linksynergy : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@lop[2].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@m1895.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@media.fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@n11423.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@n7288.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@overture[2].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@phg.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@qksrv[2].txt -> TrackingCookie.Qksrv : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@r24079.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@r8313.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@reduxads.valuead[2].txt -> TrackingCookie.Valuead : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@revenue[3].txt -> TrackingCookie.Revenue : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@sel.as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@sel.as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@spylog[1].txt -> TrackingCookie.Spylog : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@stat.onestat[1].txt -> TrackingCookie.Onestat : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@stats.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@t32167.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@trafic[1].txt -> TrackingCookie.Trafic : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@try.starware[1].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@u17869.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@valueclick[3].txt -> TrackingCookie.Valueclick : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@web4.realtracker[2].txt -> TrackingCookie.Realtracker : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@weborama[1].txt -> TrackingCookie.Weborama : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@wrigley.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@www.casinodelrio[2].txt -> TrackingCookie.Casinodelrio : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned with backup
C:\Documents and Settings\micky\Cookies\micky@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Downloads\FridayDartsSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\783A8D59-2AFA-4096-A6D9-789C88\399041C1-BF72-408D-AD55-BB4B36 -> Adware.RXBar : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\783A8D59-2AFA-4096-A6D9-789C88\A69A5587-73AE-434D-9E29-6C3F75 -> Adware.RXBar : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\01FC8518-3062-40AA-83BB-3F4F67 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\249E8364-71A3-4177-AB5D-E22A35/Points Manager.exe -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\2647220C-EA12-48BE-89ED-EEED9A -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\29AF6966-8EFD-4E0A-AE6B-5032D4 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\474203F6-99F3-4215-B1D2-9179A7/sysdetect.dll -> Adware.BrilliantDigital : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\7F959830-ED37-4498-B87A-965874 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\816EF74C-3C6E-4007-B09B-86D0A5 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\912B7B6B-B920-4BD4-8795-9D2490 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\A566C031-1B05-449D-9953-F1FFB4/AltnetUninstall.exe -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\AF9418BF-4DC0-46F8-B18E-12871F -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\B3141615-C690-40D1-8C04-CF3B10 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\C54A5CF2-40C8-4A9C-B0D4-010B24 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\D36E8889-3BDF-4ED3-B0ED-1C6795 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\E172A294-0DEC-4C81-AD88-7F02DE -> Adware.BrilliantDigital : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\E31960FF-AD46-4046-8E0E-AD9F46 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\E6B79C44-D2F5-4BD5-AD84-63C32B -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\E75AEE25-4430-4E4C-830D-257A54 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\EF948ED4-A71D-4D0F-9B3E-698DE5 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\F34427FE-35D5-40AB-89C8-BB722D -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\F7CBC6D2-67A9-49A4-900D-8E7066 -> Adware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DA768ADF-21FB-4BC4-9D63-1FF134\FAA620D6-0583-40C6-A90F-6C89E7 -> Adware.Altnet : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\imloader.exe -> Not-A-Virus.Downloader.Win32.ImLoader.b : Cleaned with backup


and here is my HJT log-

Logfile of HijackThis v1.99.1
Scan saved at 08:24:03, on 06/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Browser MOUSE\mouse32a.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIE.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Samsung\Digimax Viewer 1.0\DigimaxViewer.exe
C:\Program Files\eBay\eBay Toolbar\4.4.0.2\ebaytbar.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\blueyonder IST\bin\mpbtn.exe
C:\WINDOWS\System32\PackethSvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe
C:\Documents and Settings\stephanie bate\My Documents\My Albums\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bounty.com/Community/Discuss ... btySubID=1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer Provided by blueyonder
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: eBay Helper Object - {001F2570-5DF5-11d3-B991-00A0C9BB0874} - C:\Program Files\eBay\eBay Toolbar\4.4.0.2\eBayBand.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.0002.1001\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.2001.0001\en-gb\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.2001.0001\en-gb\msntb.dll
O3 - Toolbar: eBay Toolbar - {46AE04C0-BCFA-4728-90E7-00EB4A8B3863} - C:\Program Files\eBay\eBay Toolbar\4.4.0.2\eBayBand.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [EPSON Stylus C44 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C44 Series" /O6 "USB001" /M "Stylus C44"
O4 - HKLM\..\Run: [madeSafe Shield] C:\Program Files\solarSoft\madeSafe\smsh1.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.0002.1001\en-gb\msnappau.exe"
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser MOUSE\mouse32a.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [EPSON Stylus Photo R220 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIE.EXE /P30 "EPSON Stylus Photo R220 Series" /O6 "USB003" /M "Stylus Photo R220"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [EPSON Stylus C44 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C44 Series" /M "Stylus C44"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: blueyonder Instant Support Tool.lnk = C:\Program Files\blueyonder IST\bin\matcli.exe
O4 - Global Startup: Digimax Viewer 1.0.lnk = ?
O4 - Global Startup: eBay Toolbar.LNK = C:\Program Files\eBay\eBay Toolbar\4.4.0.2\ebaytbar.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Ulead Photo Express 3.0 SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar3.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: eBay Toolbar - {92D7F210-7F20-11d3-8157-0090278B20DE} - C:\Program Files\eBay\eBay Toolbar\4.4.0.2\eBayBand.dll
O9 - Extra 'Tools' menuitem: eBay Toolbar - {92D7F210-7F20-11d3-8157-0090278B20DE} - C:\Program Files\eBay\eBay Toolbar\4.4.0.2\eBayBand.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Money Viewer - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.virgin.net/
O16 - DPF: ChatSpace Java Client 2.1.0.95L - http://217.158.162.60:8001/Java/cs4msl095.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsup ... SupCtl.cab
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/UK/install.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5303909406
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.co.uk/downloads ... ofupld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... Client.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Ba ... b31267.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - https://ukplay.toontown.com/download/sv ... ttinst.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {C9147000-17E4-41E8-9089-A2A67DBCA22D} (IEUpdateOSR2 Control with Key) - https://client.virgin.net/assets/update.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsup ... mAData.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://static.photobox.co.uk/sg/common/uploader2.ocx
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EP ... -0-3-0.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar) - http://us.dl1.yimg.com/download.compani ... _1_6_0.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/se ... loader.cab
O16 - DPF: {F04F4F32-6457-401A-8169-D2773DDFF930} - http://us.dl1.yimg.com/download.yahoo.c ... r1_1uk.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... owdown.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\System32\PackethSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe


Hopefully ive done everything i was asked.
batesy
Regular Member
 
Posts: 17
Joined: June 5th, 2006, 6:29 am
Location: north east

Unread postby 'KotaGuy » June 6th, 2006, 11:48 am

Looks good... your log is clean!

I hope i did the right thing, but when i did the ewido scan, at the end of the scan a warning box appeared 'could not delete as ebedded, do you want to delete the archive', or words to that effect.


I don't see any errors in the Ewido log... did you delete that archive?
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada

Unread postby batesy » June 6th, 2006, 12:00 pm

Yes i clicked on delete, there was 3 altogether. Thought it best to delete, id rather lose some info than have anything infectious.


So will i have to uninstall Norton antivirus, now that i have AVG?

Also, i dont want to get any more trojans, what will i need to bear in mind. My son downloads a lot of music off Limewire, can that have anything to do with it?
batesy
Regular Member
 
Posts: 17
Joined: June 5th, 2006, 6:29 am
Location: north east

Unread postby 'KotaGuy » June 6th, 2006, 12:17 pm

Could very easily be your son's downloading from Limewire that is causing the infections. The Limewire network has recently been inundated with malware. Gotta be extremely careful with what is downloaded from any P2P network... lots of nasties floating around in them.

In regards to Norton... personally... I don't like thier products and don't use them myself. I find Norton's products to be bloated, badly coded, and huge resource hogs... but as you've probably paid for it... I don't want to tell you to uninstall it. That choice is up to you.

I use AVG along with Ewido on my machines.
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 34 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware