hello,
so, as the topic says, i get this annoying windows error box that says my computer is infected by an unknown trojan, then it tells me to press ok to dl a program from their site
heres the HJT log

[Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:44:53 PM, on 1/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
D:\WINDOWS\system32\CTSvcCDA.exe
D:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\Program Files\Creative\ShareDLL\CtNotify.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Creative\ShareDLL\MediaDet.Exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\SpeedFan\speedfan.exe
D:\Program Files\Microsoft Office\Office10\WINWORD.EXE
D:\Program Files\Windows Live\Messenger\usnsvc.exe
D:\PROGRA~1\Mozilla Firefox\firefox.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F3 - REG:win.ini: run=
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: player addon - {E90BBB19-1B2E-42C0-8BFF-AFC6984247DD} - D:\WINDOWS\oggview32.dll
O4 - HKLM\..\Run: [AudioDeck] D:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Disc Detector] D:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "D:\Program Files\RivaTuner v2.06\RivaTuner.exe" /S
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1196211273410
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - D:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - D:\Program Files\WinPcap\rpcapd.exe

--
End of file - 5752 bytes

Hi there,

Welcome to GeeksToGo. My name is RatHat, and I will help you get through the process of cleaning the malware from your computer.


OK firstly, I need you to print out each post I make so that you can refer to it while we fix your computer. This is because there will be times when you are unable to be online to read my instructions, and I will want you to do everything very carefully. I also need you to follow my instructions in the order that they are given. If however, you cannot carry out one of them, please continue on with the next and let me know what you were unsuccessful with.

Next, I would like to make sure that you can view hidden files and folders;

• Click Start.
• Open My Computer.
• Select the Tools menu and click Folder Options.
• Select the View tab.
• Under the Hidden files and folders heading SELECT Show hidden files and folders.
• UNCHECK the Hide protected operating system files (recommended) option.
• UNCHECK the Hide extensions for known file types option.
• Click Yes to confirm.
• Click OK.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Download FixIEDef.zip by ShadowPuterDude to the Desktop.

Extract FixIEDef.zip to your Desktop, this will create a folder named FixIEDef on your Desktop.

Double-click of the FixIEDef folder.

Locate FixIEDef.bat and double-click on it.

IMPORTANT: FixIEDef will kill all copies of Internet Explorer and Explorer that are running. The icons and Start Menu on your Desktop will not be visible while FixIEDef is running. This is necessary to remove parts of the infection that would otherwise not be removed. FixIEDef will re-start Explorer at the end of the removal process

NOTE: You will need to temporarily disable any programs you have running that will block attempts to edit the registry. As FixIEDef calls REGEDIT to delete registry keys added by Zlob, Trojan.Downloader.Delf, AntiSpyPro and IE Defender.

FixIEDef will now run.

You can safely close the Command Console after Explorer has restarted.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Please run an online scan with Kaspersky WebScanner. Note: You must use Internet Explorer to run this scan.

Click the Accept button.

You will be promted to install an ActiveX component from Kaspersky, Click Yes.

• The program will launch and then begin downloading the latest definition files:
• Once the files have been downloaded click on NEXT
  
• Now click on Scan Settings
• In the scan settings make that the following are selected:
  • Scan using the following Anti-Virus database:
  Extended (if available otherwise Standard)
  • Scan Options:
  Scan Archives
  Scan Mail Bases
• Click OK
• Now under select a target to scan:
  Select My Computer
• This will program will start and scan your system.
• The scan will take a while so be patient and let it run.
• Once the scan is complete it will display the results if your system has been infected.
  
  • Now click on the Save as Text button:
• Save the file to your desktop as Kaspersky.txt.
• Copy and paste that information in your next post.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Please post me an Uninstall List from HijackThis:

• Re-Open HijackThis, click Config, click Misc Tools
• Click "Open Uninstall Manager"
• Click "Save List" (generates uninstall_list.txt)
• Click Save, copy and paste the results in your next post.

Regards,
RatHat

thank you for the response
i shall have results up shortly

ok, for some odd reason, kapersky web scanner does not run, my browser will just close after i press accept.
i could run the fixide program just fine though.

other than that, here is the uninstall list with a new hijack this log.

2Moons
Adobe Flash Player ActiveX
Adobe Reader 8.1.1
Adobe Shockwave Player
AGEIA PhysX v7.09.13
All Recorder 1.4.2
Apple Software Update
ATI - Software Uninstall Utility
ATI Display Driver
Audio MP3 Sound Recorder
Audio Record Wizard v3.9b
Belkin 54g USB Network Adapter
Call of Duty® 4 - Modern Warfare™
Call of Duty® 4 - Modern Warfare™ 1.3 Patch
Call of Duty® 4 - Modern Warfare™ 1.4 Patch
Call of Duty® 4 - Modern Warfare™ Demo
Compatibility Pack for the 2007 Office system
Creative PCI Audio Drivers
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
Driver Detective
DScaler 5 Mpeg Decoders
EVEREST Home Edition v2.20
Fraps
HijackThis 2.0.2
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Java™ 6 Update 3
Kaspersky Online Scanner
Microsoft .NET Framework 2.0
Microsoft DirectX Transform optional components
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage
Microsoft Windows Journal Viewer
Mozilla Firefox (2.0.0.11)
MultiRes (remove only)
NCH Toolbox Uninstall
NVIDIA Drivers
NVIDIA nTune
Perfect Sound Recorder 6.6
Photo Resizer Pro v3.9
QuickTime
RivaTuner v2.06
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Sound Blaster AudioPCI Drivers Online Help
Sound Blaster PCI
SpeedFan (remove only)
Super Sound Recorder Pro 4.0.1
System Requirements Lab
Unreal Tournament 3 Demo
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Ventrilo Client
VIA Platform Device Manager
VIA Rhine-Family Fast Ethernet Adapter
WC3Banlist
WindowBlinds
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live installer
Windows Live Messenger
Windows Live Sign-in Assistant
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinPcap 3.1
WinRAR archiver
Xvid 1.1.3 final uninstall











Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:10:52 PM, on 1/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
D:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
D:\WINDOWS\system32\CTSvcCDA.exe
D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\Program Files\Creative\ShareDLL\CtNotify.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
D:\Program Files\Messenger\msmsgs.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Creative\ShareDLL\MediaDet.Exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Windows Live\Messenger\usnsvc.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
D:\WINDOWS\system32\notepad.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F3 - REG:win.ini: run=
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [AudioDeck] D:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Disc Detector] D:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "D:\Program Files\RivaTuner v2.06\RivaTuner.exe" /S
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1196211273410
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - D:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - D:\Program Files\WinPcap\rpcapd.exe

--
End of file - 5803 bytes






thanks

Could you run a different online scanner for me and post the results:

Please go HERE to run Panda's TotalScan

• Select the radio button for Full scan
• It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
• Then the scan will begin
• When the scan completes, click the Save button on the right of Scan details
• Save it to a convenient location. Post the contents of the TotalScan report in your next reply

Regards,
RatHat

here are the results

;*******************************************************************************
*********************************************************************************
*******************
ANALYSIS: 2008-01-13 19:40:35
PROTECTIONS: 0
MALWARE: 37
SUSPECTS: 0
;*******************************************************************************
*********************************************************************************
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
=================================================================================
===================
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Cookies\anuj@casalemedia[2].txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.casalemedia.com/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Cookies\anuj@doubleclick[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Cookies\anuj@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.atdmt.com/]
00139535 Application/Processor HackTools No 0 Yes No D:\RECYCLER\S-1-5-21-790525478-813497703-1060284298-1003\Dd68.zip[FixIEDef/Process.exe]
00139535 Application/Processor HackTools No 0 Yes No D:\RECYCLER\S-1-5-21-790525478-813497703-1060284298-1003\Dd62\Process.exe
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.247realmedia.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.bfast.com/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.fastclick.net/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.tribalfusion.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.tribalfusion.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.tribalfusion.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.tribalfusion.com/]
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Cookies\anuj@mediaplex[1].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.mediaplex.com/]
00156964 Cookie/2o7 TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.112.2o7.net/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.com.com/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.xiti.com/]
00167724 Cookie/HotLog TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.hotlog.ru/]
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.azjmp.com/]
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.azjmp.com/]
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.azjmp.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.statcounter.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[ad.yieldmanager.com/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.apmebf.com/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.apmebf.com/]
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.burstnet.com/]
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.burstnet.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.bs.serving-sys.com/]
00168095 Cookie/888 TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.888.com/]
00168095 Cookie/888 TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.888.com/]
00168095 Cookie/888 TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.888.com/]
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[www.burstbeacon.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.advertising.com/]
00169286 Cookie/Sextracker TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.sextracker.com/]
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[statse.webtrendslive.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.ads.pointroll.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.realmedia.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.questionmarket.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.questionmarket.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.zedo.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.adrevolver.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.adultfriendfinder.com/]
00194066 Application/Pskill.E HackTools No 0 Yes No D:\WINDOWS\system32\pskill.exe
00207862 Cookie/did-it TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.did-it.com/]
00207862 Cookie/did-it TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.did-it.com/]
00207862 Cookie/did-it TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.did-it.com/]
00262020 Cookie/Atwola TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.atwola.com/]
01606636 Cookie/Adserver TrackingCookie No 0 Yes No D:\Documents and Settings\anuj\Application Data\Mozilla\Firefox\Profiles\mq3t9o75.default\cookies.txt[.adserver.easyad.info/]
02889379 Adware/VideoDecoder Adware No 0 Yes No D:\RECYCLER\S-1-5-21-790525478-813497703-1060284298-1003\Dd41.exe
02889379 Adware/VideoDecoder Adware No 0 Yes No D:\RECYCLER\S-1-5-21-790525478-813497703-1060284298-1003\Dd40.exe
02889381 Adware/VideoDecoder Adware No 0 Yes No D:\Documents and Settings\anuj\Local Settings\Temp\G8-tmp.exe
;===============================================================================
=================================================================================
===================
SUSPECTS
Location
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================



thanks

Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 only

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

If you use Firefox browser

Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Lets run an F-Secure online scan for Viruses, Spyware and RootKits:

• Go to http://support.f-secure.com/enu/home/ols.shtml
• Scroll to the bottom of the page and click the Start scanning button. A window will pop up.
• Allow the Active X control to be installed on your computer, then click the Accept button
• Click Full System Scan and allow the components to download and the scan to complete.
• If malware is found, check Submit samples to F-Secure then select Automatic cleaning
• When cleaning has finitished, click Show report (this will open an Internet Explorer window containing the report)
• Highlight and Copy (CTRL + C) the complete report, and Paste (CTRL + V) in a new reply to this post

If Automatic cleaning with Submit samples hangs, click Cancel, then New Scan

• When the cleaning option is presented, Uncheck Submit samples to F-Secure
• Click Automatic cleaning
• When cleaning has finitished, click Show report (this will open an Internet Explorer window containing the report)
• Highlight and Copy (CTRL + C) the complete report, and Paste (CTRL + V) in a new reply to this post

Notes:

• This scan will only work with Internet Explorer
• You must have administrator rights to run this scan
• This scan can take a while, so please be patient

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

In your next post, please include the results of the F-Secure scan, and let me know how your computer is behaving.

Regards,
RatHat

hello again

here are the results


Scanning Report
Monday, January 14, 2008 19:44:50 - 21:14:51

Computer name: ANUJ-F69E9D9938
Scanning type: Scan system for viruses, rootkits, spyware
Target: C:\ D:\ E:\
Result: 1 malware found
W32/Malware.BFQC (virus)

* C:\PROGRAM FILES\C-MEDIA\WIN_ME\SETUP.EXE (Submitted)

Statistics
Scanned:

* Files: 45645
* System: 4480
* Not scanned: 2

Actions:

* Disinfected: 0
* Renamed: 0
* Deleted: 0
* None: 1
* Submitted: 1

Files not scanned:

* D:\HIBERFIL.SYS