Please let me know what I need to do next.
Thanks
Logfile of HijackThis v1.99.1
Scan saved at 6:57:00 PM, on 3/8/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Internet Content Filter\TheApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Plaxo\2.6.2.7\PlaxoHelper.exe
C:\WINNT\system32\basfipm.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
c:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\MOVIEL~1\MOVIEL~1\MOVIEL~1.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINNT\System32\WLTRYSVC.EXE
C:\WINNT\System32\bcmwltry.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Mark P. Carter\Local Settings\Temporary Internet Files\Content.IE5\QZA3ULMF\titan6shuk[1].exe
C:\DOCUME~1\MARKP~1.CAR\LOCALS~1\Temp\WZSE0.TMP\install.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\DOCUME~1\MARKP~1.CAR\LOCALS~1\Temp\WZSE0.TMP\SETUP.EXE
C:\DOCUME~1\MARKP~1.CAR\LOCALS~1\Temp\WZSE0.TMP\SETUP.EXE
C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\FIREWALL\PPFW.exe
C:\Documents and Settings\Mark P. Carter\Desktop\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....B_PVER}&ar=home
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [LoadMSvcmm] C:\WINNT\system32\msvcmm32.exe
O4 - HKLM\..\Run: [ICF] "C:\Program Files\Internet Content Filter\TheApp.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\APVXDWIN.EXE" /s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.6.2.7\PlaxoHelper.exe -a
O4 - HKCU\..\Run: [Free DVD Direct] C:\Program Files\Free DVD Direct\Free DVD Direct\FreeDVDDirect.exe /hide
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'icf.dll' missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = med-web.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = med-web.com
O20 - Winlogon Notify: avldr - C:\WINNT\SYSTEM32\avldr.dll
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.1 (BAsfIpM) - Broadcom Corp. - C:\WINNT\system32\basfipm.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Iap - Dell Computer Corporation - c:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Movielink Core Service - Movielink LLC - C:\PROGRA~1\MOVIEL~1\MOVIEL~1\MOVIEL~1.EXE
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavsrv51.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software - c:\program files\panda software\panda titanium 2006 antivirus + antispyware\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\psimsvc.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINNT\System32\WLTRYSVC.EXE
Incident Status Location
Adware:adware/cws Not disinfected C:\Documents and Settings\Mark P. Carter\Favorites\Technology
Adware:adware/spyfalcon Not disinfected Windows Registry
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. carter@belnk[2].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. carter@ccbill[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. carter@go[2].txt
Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. carter@rn11[2].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. carter@toplist[1].txt
Spyware:Cookie/Spyfalcon Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt
Spyware:Cookie/Buydomains Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt
Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p[13].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p[21].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. carter@belnk[2].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. carter@ccbill[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. carter@go[2].txt
Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. carter@rn11[2].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. carter@toplist[1].txt
Spyware:Cookie/Spyfalcon Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt
Spyware:Cookie/Buydomains Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt
Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p[13].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Mark P. Carter\Cookies\mark p[21].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Mark P. Carter\Desktop\smitRem\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Mark P. Carter\Desktop\smitRem.exe[Process.exe]
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 6:08:27 PM, 3/8/2006
+ Report-Checksum: DA203C4E
+ Scan result:
HKU\S-1-5-21-1520780970-885471098-231371515-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4DA4616D-7E6E-4FD9-A2D5-B6C535733E22} -> Adware.Generic : Cleaned with backup
[1264] C:\WINNT\system32\ginuerep.dll -> Not-A-Virus.Hoax.Win32.Renos.bs : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. carter@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt -> TrackingCookie.Realcastmedia : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. carter@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. carter@com[2].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][2].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt -> TrackingCookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. carter@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt -> TrackingCookie.Belstat : Cleaned with backup
C:\Documents and Settings\Mark P. Carter\Cookies\mark p. [email protected][1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
C:\WINNT\SYSTEM32\ginuerep.dll -> Not-A-Virus.Hoax.Win32.Renos.bs : Cleaned with backup
::Report End