Hi again!
Thanks SO MUCH!
No more Spyaxe. Unofrtunately, I still have adware and the right hand side of my browser is missing. Plus when I click on one of my favourites when
"The page you are looking for is blocked by the adware on your PC. Remove it with Spy Trooper software. CLICK HERE." scrolled along the top of a "The page cannot be displayed".
Oh well, the main problem is dealt with. Here are my 2 scan reports:
+ Created on: 16:42:32, 13/12/2005
+ Report-Checksum: 78A8CB52
+ Scan result:
HKLM\SOFTWARE\180solutions -> Spyware.180Solutions : Cleaned with backup
HKLM\SOFTWARE\ASDPLUGIN -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\ASDPLUGIN\restore -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\ASDPLUGIN\restore\DefaultInternet -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\ASDPLUGIN\restore\EnableAutodial -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\ASDPLUGIN\restore\InternetProfile -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\ASDPLUGIN\restore\Start Page -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\Apuc.UrlCatcher -> Spyware.TinyBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Apuc.UrlCatcher\CLSID -> Spyware.TinyBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Apuc.UrlCatcher.1 -> Spyware.TinyBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{83DE62E0-5805-11D8-9B25-00E04C60FAF2} -> Spyware.BlazeFind : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} -> Spyware.BargainBuddy : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{4534CD6B-59D6-43FD-864B-06A0D843444A} -> Spyware.VX2 : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{8EEE58D5-130E-4CBD-9C83-35A0564EA119} -> Spyware.CashBack : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{A42C0EF4-1C76-43CC-989F-EADC7E4B755D} -> Spyware.VX2 : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{C6906A23-4717-4E1F-B6FD-F06EBED14177} -> Spyware.BargainBuddy : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{4EB7BBE8-2E15-424B-9DDB-2CDB9516A2A3} -> Spyware.BargainBuddy : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{690BCCB4-6B83-4203-AE77-038C116594EC} -> Spyware.VX2 : Cleaned with backup
HKLM\SOFTWARE\Classes\VX2.VX2Obj -> Spyware.BetterInternet : Cleaned with backup
HKLM\SOFTWARE\Classes\VX2.VX2Obj\CLSID -> Spyware.BetterInternet : Cleaned with backup
HKLM\SOFTWARE\Classes\VX2.VX2Obj\CurVer -> Spyware.BetterInternet : Cleaned with backup
HKLM\SOFTWARE\Classes\WinadX.Installer -> Spyware.BlazeFind : Cleaned with backup
HKLM\SOFTWARE\Classes\WinadX.Installer\CLSID -> Spyware.BlazeFind : Cleaned with backup
HKLM\SOFTWARE\Classes\WUSN.1 -> Spyware.SaveNow : Cleaned with backup
HKLM\SOFTWARE\eXactUtil -> Spyware.BargainBuddy : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -> Spyware.PopularScreensavers : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates : Cleaned with backup
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\ZepMon -> Spyware.BetterInternet : Cleaned with backup
HKLM\SYSTEM\CurrentControlSet\Services\ISEXEng -> Spyware.BargainBuddy : Cleaned with backup
HKLM\SYSTEM\CurrentControlSet\Services\ISEXEng\Security -> Spyware.BargainBuddy : Cleaned with backup
HKLM\SYSTEM\CurrentControlSet\Services\ISEXEng\Enum -> Spyware.BargainBuddy : Cleaned with backup
HKLM\SYSTEM\CurrentControlSet\Services\ZESOFT -> Spyware.NaviSearch : Cleaned with backup
HKLM\SYSTEM\CurrentControlSet\Services\ZESOFT\Security -> Spyware.NaviSearch : Cleaned with backup
HKLM\SYSTEM\CurrentControlSet\Services\ZESOFT\Enum -> Spyware.NaviSearch : Cleaned with backup
HKU\S-1-5-21-1694720459-3292285946-2165517387-1006\Software\180solutions -> Spyware.180Solutions : Cleaned with backup
HKU\S-1-5-21-1694720459-3292285946-2165517387-1006\Software\LocalNRD -> Spyware.BetterInternet : Cleaned with backup
HKU\S-1-5-21-1694720459-3292285946-2165517387-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30CE93AE-4987-483C-9ABE-F2BD5301AB70} -> Spyware.KeenValue : Cleaned with backup
HKU\S-1-5-21-1694720459-3292285946-2165517387-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C559105-9ECF-42B8-B3F7-832E75EDD959} -> Spyware.ISTBar : Cleaned with backup
HKU\S-1-5-21-1694720459-3292285946-2165517387-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83DE62E0-5805-11D8-9B25-00E04C60FAF2} -> Spyware.BlazeFind : Cleaned with backup
HKU\S-1-5-21-1694720459-3292285946-2165517387-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B83FC273-3522-4CC6-92EC-75CC86678DA4} -> Spyware.CnsMin : Cleaned with backup
HKU\S-1-5-21-1694720459-3292285946-2165517387-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} -> Spyware.BargainBuddy : Cleaned with backup
HKU\S-1-5-21-1694720459-3292285946-2165517387-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F4E04583-354E-4076-BE7D-ED6A80FD66DA} -> Spyware.BargainBuddy : Cleaned with backup
HKU\S-1-5-21-1694720459-3292285946-2165517387-1006\Software\Pynix -> Spyware.MediaMotor : Cleaned with backup
[1268] C:\WINDOWS\system32\DrPMon.dll -> Adware.BetterInternet : Cleaned with backup
[1408] C:\WINDOWS\system32\ioctrl.dll -> Adware.Spyaxe : Cleaned with backup
[1756] C:\WINDOWS\system32\srgyri.exe -> Trojan.Agent.cp : Cleaned with backup
C:\!KillBox\SpyAxe.exe -> Adware.Spyaxe : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\owner@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\owner@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\owner@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Default User\Cookies\owner@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Default User\Cookies\owner@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Default User\Cookies\owner@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Peter\Cookies\peter@adopt.euroclick[2].txt -> Spyware.Cookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Peter\Cookies\peter@adopt.specificclick[1].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Peter\Cookies\peter@adtech[2].txt -> Spyware.Cookie.Adtech : Cleaned with backup
C:\Documents and Settings\Peter\Cookies\peter@advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Peter\Cookies\peter@as-us.falkag[1].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\Peter\Cookies\peter@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Peter\Cookies\peter@casalemedia[1].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Peter\Cookies\peter@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\Peter\Cookies\peter@counter2.hitslink[2].txt -> Spyware.Cookie.Hitslink : Cleaned with backup
C:\Documents and Settings\Peter\Cookies\peter@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Peter\Cookies\peter@media.fastclick[2].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Peter\Cookies\peter@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Peter\Cookies\peter@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Peter\Cookies\peter@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\Peter\Cookies\peter@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Peter\Local Settings\Temporary Internet Files\Content.IE5\8ISTU4EF\WinFixer2005ScannerInstall[1].exe -> Not-A-Virus.Downloader.Agent.d : Cleaned with backup
C:\Documents and Settings\Peter\Local Settings\Temporary Internet Files\Content.IE5\OP8RSBCV\dbaccess[1].exe -> Dialer.Generic : Cleaned with backup
C:\Documents and Settings\Peter\My Documents\My Received Files\backups\backup-20051213-161724-359.dll -> Downloader.Zlob.co : Cleaned with backup
C:\Program Files\BTopenworld\btwebcontrol.dll -> Dialer.Generic : Cleaned with backup
C:\Program Files\BTopenworld ReInstall\btwebcontrol.dll -> Dialer.Generic : Cleaned with backup
C:\Program Files\BullsEye Network -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\BullsEye Network\bin -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\BullsEye Network\bin\bargains.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\BullsEye Network\ub.dat -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Montorgueil\beurette_ejac.avi\beurette_ejac.avi.exe -> Dialer.Generic : Cleaned with backup
C:\Program Files\SpyAxe\SpyAxe.exe -> Adware.Spyaxe : Cleaned with backup
C:\Program Files\Winad Client\ClientCom.dll -> Spyware.WinAD : Cleaned with backup
C:\WINDOWS\conscorr.exe -> Spyware.ConsCorr : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\dbaccess.exe -> Dialer.Generic : Cleaned with backup
C:\WINDOWS\Nail.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\preInsln.exe -> Spyware.BiSpy : Cleaned with backup
C:\WINDOWS\satmat.exe -> Downloader.Stubby.d : Cleaned with backup
C:\WINDOWS\system32\angelex.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\bbchk.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\config\systemprofile\Cookies\owner@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\WINDOWS\system32\config\systemprofile\Cookies\owner@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\WINDOWS\system32\config\systemprofile\Cookies\owner@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\WINDOWS\system32\dbaccess.exe -> Dialer.Generic : Cleaned with backup
C:\WINDOWS\system32\DrPMon.dll -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\system32\exdl.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\exdl0.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\exul.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\hpF4D.tmp -> Downloader.Zlob.co : Cleaned with backup
C:\WINDOWS\system32\instsrv.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\ioctrl.dll -> Adware.Spyaxe : Cleaned with backup
C:\WINDOWS\system32\javexulm.vxd -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\mqexdlm.srg -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\msexreg.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\netut80ex.vxd/C:/WINDOWS/system32/exdl.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\netut80ex.vxd/C:/WINDOWS/system32/mqexdlm.srg -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\netut80ex.vxd/C:/WINDOWS/system32/exul.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\netut80ex.vxd/C:/WINDOWS/system32/javexulm.vxd -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\netut80ex.vxd/C:/WINDOWS/system32/bbchk.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\netut80ex.vxd/C:/WINDOWS/system32/msexreg.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\netut80ex.vxd/C:/WINDOWS/system32/instsrv.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\nvctrl.exe -> Downloader.Zlob.cs : Cleaned with backup
C:\WINDOWS\system32\polall1l.exe -> Downloader.Agent.ae : Cleaned with backup
C:\WINDOWS\system32\srgyri.exe -> Trojan.Pakes : Cleaned with backup
C:\WINDOWS\system32\trkgif.exe -> Spyware.Winpup32 : Cleaned with backup
C:\WINDOWS\UnstSA2.exe -> Dropper.Delf.z : Cleaned with backup
C:\WINDOWS\zeta.exe -> Spyware.BargainBuddy : Cleaned with backup
::Report End
2nd report:
+ Created on: 17:15:37, 13/12/2005
+ Report-Checksum: 8A14F610
+ Scan result:
[1268] C:\WINDOWS\system32\DrPMon.dll -> Adware.BetterInternet : Error during cleaning
[1408] C:\WINDOWS\system32\ioctrl.dll -> Adware.Spyaxe : Error during cleaning
[3696] C:\WINDOWS\system32\iuaalgp.exe -> Trojan.Agent.cp : Cleaned with backup
C:\!KillBox\nvctrl.exe -> Downloader.Zlob.cs : Cleaned with backup
C:\Documents and Settings\Peter\Cookies\peter@adopt.euroclick[1].txt -> Spyware.Cookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Peter\Cookies\peter@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Peter\Cookies\peter@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Peter\Cookies\peter@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\WINDOWS\Nail.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\system32\hp1702.tmp -> Downloader.Zlob.co : Cleaned with backup
C:\WINDOWS\system32\hp1BCA.tmp -> Downloader.Zlob.co : Cleaned with backup
C:\WINDOWS\system32\hp1F3F.tmp -> Downloader.Zlob.co : Cleaned with backup
C:\WINDOWS\system32\hp2385.tmp -> Downloader.Zlob.co : Cleaned with backup
C:\WINDOWS\system32\hp6114.tmp -> Downloader.Zlob.co : Cleaned with backup
C:\WINDOWS\system32\hp6952.tmp -> Downloader.Zlob.co : Cleaned with backup
C:\WINDOWS\system32\hp697.tmp -> Downloader.Zlob.co : Cleaned with backup
C:\WINDOWS\system32\hp717F.tmp -> Downloader.Zlob.co : Cleaned with backup
C:\WINDOWS\system32\hp79CC.tmp -> Downloader.Zlob.co : Cleaned with backup
C:\WINDOWS\system32\hp820A.tmp -> Downloader.Zlob.co : Cleaned with backup
C:\WINDOWS\system32\hpED4.tmp -> Downloader.Zlob.co : Cleaned with backup
C:\WINDOWS\system32\hpF4D.tmp -> Downloader.Zlob.co : Cleaned with backup
C:\WINDOWS\system32\iuaalgp.exe -> Trojan.Pakes : Cleaned with backup
C:\WINDOWS\system32\nvctrl.exe -> Downloader.Zlob.cs : Cleaned with backup
C:\WINDOWS\system32\__delete_on_reboot__DrPMon.dll -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\system32\__delete_on_reboot__ioctrl.dll -> Adware.Spyaxe : Cleaned with backup
::Report End
And my log:
Logfile of HijackThis v1.99.1
Scan saved at 18:00:58, on 13/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\fiwoqgh.exe
C:\Program Files\BT Broadband Basic Help\bin\mpbtn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\System Security Suite 1.04\sss.exe
C:\Documents and Settings\Peter\Desktop\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://g.msn.co.uk/0SEENGB/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://news.bbc.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://home.rapidial.co.uk
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: HomepageBHO - {1ca480cd-c0e5-4548-874e-b85b17905b3a} - C:\WINDOWS\system32\hpFD.tmp
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\en-gb\msntb.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [eltbrzl] C:\WINDOWS\system32\fiwoqgh.exe r
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: BT Broadband Help.lnk = C:\Program Files\BT Broadband Basic Help\bin\matcli.exe
O8 - Extra context menu item: &Google Search -
res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links -
res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page -
res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages -
res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English -
res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Web Rebates. -
file://C:\Program Files\WebRebates4\websrebates\webtrebates\toprC0.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.rapidial.co.uk
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/msnme ... loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://messenger.zone.msn.com/binary/ZI ... b32846.cab
O16 - DPF: {EC5A4E7B-02EB-451D-B310-D5F2E0A4D8C3} (webhelper Class) -
http://register.btinternet.com/template ... rol023.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Again, thanks a lot!
P.S. What (free) software should I dowload and install to prevent this from happening again?
Cheers!