this is my spydoctor log
Infection Name Location Risk
NewDotNet multiple High
WildTangent multiple Medium
NewDotNet lsass.exe (C:\Program Files\NewDotNet\newdotnet6_38.dll) High
NewDotNet svchost.exe (C:\Program Files\NewDotNet\newdotnet6_38.dll) High
NewDotNet Smc.exe (C:\Program Files\NewDotNet\newdotnet6_38.dll) High
NewDotNet spoolsv.exe (C:\Program Files\NewDotNet\newdotnet6_38.dll) High
NewDotNet explorer.exe (C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL) High
NewDotNet alg.exe (C:\Program Files\NewDotNet\newdotnet6_38.dll) High
NewDotNet hphmon05.exe (C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL) High
NewDotNet CCAPP.EXE (C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL) High
NewDotNet ViewMgr.exe (C:\Program Files\NewDotNet\newdotnet6_38.dll) High
NewDotNet gnotify.exe (C:\Program Files\NewDotNet\newdotnet6_38.dll) High
NewDotNet rundll32.exe (C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL) High
NewDotNet Weather.exe (C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL) High
NewDotNet dsidebar.exe (C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL) High
NewDotNet wmplayer.exe (C:\Program Files\NewDotNet\newdotnet6_38.dll) High
NewDotNet Netscp.exe (C:\Program Files\NewDotNet\newdotnet6_38.dll) High
NewDotNet C:\Program Files\NewDotNet\newdotnet6_38.dll High
IBIS Toolbar HKLM\software\microsoft\windows\currentversion\run##viewmgr Medium
IPInsight HKLM\software\classes\tldctl2.urllink High
IPInsight HKLM\software\classes\tldctl2.urllink\CLSID High
IPInsight HKLM\software\classes\tldctl2.urllink\CurVer High
IPInsight HKLM\software\classes\tldctl2.urllink.1 High
IPInsight HKLM\software\classes\tldctl2.urllink.1\CLSID High
NewDotNet HKCU\Software\New.net High
NewDotNet HKCR\Tldctl2.URLLink High
NewDotNet HKCR\Tldctl2.URLLink\CLSID High
NewDotNet HKCR\Tldctl2.URLLink\CurVer High
NewDotNet HKCR\Tldctl2.URLLink.1 High
NewDotNet HKCR\Tldctl2.URLLink.1\CLSID High
NewDotNet HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net High
NewDotNet HKLM\SOFTWARE\New.net High
NewDotNet HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run##New.net Startup High
Radlight HKLM\software\classes\tldctl2.urllink\clsid Medium
SaveNow HKLM\software\classes\tldctl2.urllink Medium
SaveNow HKLM\software\classes\tldctl2.urllink\CLSID Medium
SaveNow HKLM\software\classes\tldctl2.urllink\CurVer Medium
Trojan-Dloader-GR HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run##Parallel Tasking High
WildTangent HKCR\WildTangent.ActiveLauncher Medium
WildTangent HKCR\WildTangent.ActiveLauncher\CLSID Medium
WildTangent HKCR\WildTangent.ActiveLauncher\CurVer Medium
WildTangent HKCR\WildTangent.ActiveLauncher\Insertable Medium
WildTangent HKCR\WildTangent.ActiveLauncher.1 Medium
WildTangent HKCR\WildTangent.ActiveLauncher.1\CLSID Medium
WildTangent HKCR\WildTangent.ActiveLauncher.1\Insertable Medium
WildTangent HKCR\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{ECFBE6E0-1AC8-11D4-8501-00A0CC5D1F63} Medium
WildTangent HKCR\interface\{05ef74a5-e109-11d2-a566-444553540000} Medium
WildTangent HKCR\interface\{05ef74a5-e109-11d2-a566-444553540000}\ProxyStubClsid Medium
WildTangent HKCR\interface\{05ef74a5-e109-11d2-a566-444553540000}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{05ef74a5-e109-11d2-a566-444553540000}\TypeLib Medium
WildTangent HKCR\interface\{0e7ae465-ee8d-11d2-a566-444553540000} Medium
WildTangent HKCR\interface\{0e7ae465-ee8d-11d2-a566-444553540000}\ProxyStubClsid Medium
WildTangent HKCR\interface\{0e7ae465-ee8d-11d2-a566-444553540000}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{0e7ae465-ee8d-11d2-a566-444553540000}\TypeLib Medium
WildTangent HKCR\interface\{1113c0b6-5300-4d5d-b2d7-35c14b28341b} Medium
WildTangent HKCR\interface\{1113c0b6-5300-4d5d-b2d7-35c14b28341b}\ProxyStubClsid Medium
WildTangent HKCR\interface\{1113c0b6-5300-4d5d-b2d7-35c14b28341b}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{1113c0b6-5300-4d5d-b2d7-35c14b28341b}\TypeLib Medium
WildTangent HKCR\interface\{111d8b01-96c5-46dd-94d1-c6e8b1f69f44} Medium
WildTangent HKCR\interface\{111d8b01-96c5-46dd-94d1-c6e8b1f69f44}\ProxyStubClsid Medium
WildTangent HKCR\interface\{111d8b01-96c5-46dd-94d1-c6e8b1f69f44}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{111d8b01-96c5-46dd-94d1-c6e8b1f69f44}\TypeLib Medium
WildTangent HKCR\interface\{16410859-886f-4579-bc1f-330a139d0f0f} Medium
WildTangent HKCR\interface\{16410859-886f-4579-bc1f-330a139d0f0f}\ProxyStubClsid Medium
WildTangent HKCR\interface\{16410859-886f-4579-bc1f-330a139d0f0f}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{16410859-886f-4579-bc1f-330a139d0f0f}\TypeLib Medium
WildTangent HKCR\Interface\{1DE680D4-84B7-4239-A887-9482A29DBE14} Medium
WildTangent HKCR\Interface\{1DE680D4-84B7-4239-A887-9482A29DBE14}\ProxyStubClsid Medium
WildTangent HKCR\Interface\{1DE680D4-84B7-4239-A887-9482A29DBE14}\ProxyStubClsid32 Medium
WildTangent HKCR\Interface\{1DE680D4-84B7-4239-A887-9482A29DBE14}\TypeLib Medium
WildTangent HKCR\interface\{1fad572e-1a3d-44d9-9c23-a87f922da8c0} Medium
WildTangent HKCR\interface\{1fad572e-1a3d-44d9-9c23-a87f922da8c0}\ProxyStubClsid Medium
WildTangent HKCR\interface\{1fad572e-1a3d-44d9-9c23-a87f922da8c0}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{1fad572e-1a3d-44d9-9c23-a87f922da8c0}\TypeLib Medium
WildTangent HKCR\Interface\{25F53F41-0C37-40FA-AE9F-A260DB2D64CF} Medium
WildTangent HKCR\Interface\{25F53F41-0C37-40FA-AE9F-A260DB2D64CF}\ProxyStubClsid Medium
WildTangent HKCR\Interface\{25F53F41-0C37-40FA-AE9F-A260DB2D64CF}\ProxyStubClsid32 Medium
WildTangent HKCR\Interface\{25F53F41-0C37-40FA-AE9F-A260DB2D64CF}\TypeLib Medium
WildTangent HKCR\interface\{35ed7dfb-a8ed-4216-a4bb-bc08c326ef08} Medium
WildTangent HKCR\interface\{35ed7dfb-a8ed-4216-a4bb-bc08c326ef08}\ProxyStubClsid Medium
WildTangent HKCR\interface\{35ed7dfb-a8ed-4216-a4bb-bc08c326ef08}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{35ed7dfb-a8ed-4216-a4bb-bc08c326ef08}\TypeLib Medium
WildTangent HKCR\interface\{399a8818-2000-436c-9a55-0016e5e3d227} Medium
WildTangent HKCR\interface\{399a8818-2000-436c-9a55-0016e5e3d227}\ProxyStubClsid Medium
WildTangent HKCR\interface\{399a8818-2000-436c-9a55-0016e5e3d227}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{399a8818-2000-436c-9a55-0016e5e3d227}\TypeLib Medium
WildTangent HKCR\interface\{52889e01-cb46-11d2-96bc-00104b242e64} Medium
WildTangent HKCR\interface\{52889e01-cb46-11d2-96bc-00104b242e64}\ProxyStubClsid Medium
WildTangent HKCR\interface\{52889e01-cb46-11d2-96bc-00104b242e64}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{52889e01-cb46-11d2-96bc-00104b242e64}\TypeLib Medium
WildTangent HKCR\interface\{5c49cbd2-8ed7-439b-8668-32149f84a235} Medium
WildTangent HKCR\interface\{5c49cbd2-8ed7-439b-8668-32149f84a235}\ProxyStubClsid Medium
WildTangent HKCR\interface\{5c49cbd2-8ed7-439b-8668-32149f84a235}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{5c49cbd2-8ed7-439b-8668-32149f84a235}\TypeLib Medium
WildTangent HKCR\interface\{6e6cf8e5-d795-11d2-a566-444553540000} Medium
WildTangent HKCR\interface\{6e6cf8e5-d795-11d2-a566-444553540000}\ProxyStubClsid Medium
WildTangent HKCR\interface\{6e6cf8e5-d795-11d2-a566-444553540000}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{6e6cf8e5-d795-11d2-a566-444553540000}\TypeLib Medium
WildTangent HKCR\interface\{79884200-3ade-11d3-ac39-00105a2057fa} Medium
WildTangent HKCR\interface\{79884200-3ade-11d3-ac39-00105a2057fa}\ProxyStubClsid Medium
WildTangent HKCR\interface\{79884200-3ade-11d3-ac39-00105a2057fa}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{79884200-3ade-11d3-ac39-00105a2057fa}\TypeLib Medium
WildTangent HKCR\interface\{810e95c2-f908-4e02-9b28-b92c3a778d0d} Medium
WildTangent HKCR\interface\{810e95c2-f908-4e02-9b28-b92c3a778d0d}\ProxyStubClsid Medium
WildTangent HKCR\interface\{810e95c2-f908-4e02-9b28-b92c3a778d0d}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{810e95c2-f908-4e02-9b28-b92c3a778d0d}\TypeLib Medium
WildTangent HKCR\interface\{aa0c96f9-a994-42d7-9543-842cf85e1ba7} Medium
WildTangent HKCR\interface\{aa0c96f9-a994-42d7-9543-842cf85e1ba7}\ProxyStubClsid Medium
WildTangent HKCR\interface\{aa0c96f9-a994-42d7-9543-842cf85e1ba7}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{aa0c96f9-a994-42d7-9543-842cf85e1ba7}\TypeLib Medium
WildTangent HKCR\interface\{b57613b6-ef02-4d96-99c6-70c9a2014a14} Medium
WildTangent HKCR\interface\{b57613b6-ef02-4d96-99c6-70c9a2014a14}\ProxyStubClsid Medium
WildTangent HKCR\interface\{b57613b6-ef02-4d96-99c6-70c9a2014a14}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{b57613b6-ef02-4d96-99c6-70c9a2014a14}\TypeLib Medium
WildTangent HKCR\interface\{bdb9b021-caff-11d2-9780-00104b242ea3} Medium
WildTangent HKCR\interface\{bdb9b021-caff-11d2-9780-00104b242ea3}\ProxyStubClsid Medium
WildTangent HKCR\interface\{bdb9b021-caff-11d2-9780-00104b242ea3}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{bdb9b021-caff-11d2-9780-00104b242ea3}\TypeLib Medium
WildTangent HKCR\interface\{bdb9b022-caff-11d2-9780-00104b242ea3} Medium
WildTangent HKCR\interface\{bdb9b022-caff-11d2-9780-00104b242ea3}\ProxyStubClsid Medium
WildTangent HKCR\interface\{bdb9b022-caff-11d2-9780-00104b242ea3}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{bdb9b022-caff-11d2-9780-00104b242ea3}\TypeLib Medium
WildTangent HKCR\interface\{c1da7ab8-54fc-4971-9afb-1bcb9afc3aa2} Medium
WildTangent HKCR\interface\{c1da7ab8-54fc-4971-9afb-1bcb9afc3aa2}\ProxyStubClsid Medium
WildTangent HKCR\interface\{c1da7ab8-54fc-4971-9afb-1bcb9afc3aa2}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{c1da7ab8-54fc-4971-9afb-1bcb9afc3aa2}\TypeLib Medium
WildTangent HKCR\interface\{c3a156d4-503f-4779-a673-657308d94faf} Medium
WildTangent HKCR\interface\{c3a156d4-503f-4779-a673-657308d94faf}\ProxyStubClsid Medium
WildTangent HKCR\interface\{c3a156d4-503f-4779-a673-657308d94faf}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{c3a156d4-503f-4779-a673-657308d94faf}\TypeLib Medium
WildTangent HKCR\interface\{d72ac8e7-f41d-11d2-a566-444553540000} Medium
WildTangent HKCR\interface\{d72ac8e7-f41d-11d2-a566-444553540000}\ProxyStubClsid Medium
WildTangent HKCR\interface\{d72ac8e7-f41d-11d2-a566-444553540000}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{d72ac8e7-f41d-11d2-a566-444553540000}\TypeLib Medium
WildTangent HKCR\interface\{de3e540a-f0f2-4761-99be-afc6dc427e30} Medium
WildTangent HKCR\interface\{de3e540a-f0f2-4761-99be-afc6dc427e30}\ProxyStubClsid Medium
WildTangent HKCR\interface\{de3e540a-f0f2-4761-99be-afc6dc427e30}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{de3e540a-f0f2-4761-99be-afc6dc427e30}\TypeLib Medium
WildTangent HKCR\interface\{ea6f254d-1a8c-4518-8fe0-e9b94fd134ed} Medium
WildTangent HKCR\interface\{ea6f254d-1a8c-4518-8fe0-e9b94fd134ed}\ProxyStubClsid Medium
WildTangent HKCR\interface\{ea6f254d-1a8c-4518-8fe0-e9b94fd134ed}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{ea6f254d-1a8c-4518-8fe0-e9b94fd134ed}\TypeLib Medium
WildTangent HKCR\interface\{ec914a5c-7c4b-4ac8-8c86-c10ff5c0d23d} Medium
WildTangent HKCR\interface\{ec914a5c-7c4b-4ac8-8c86-c10ff5c0d23d}\ProxyStubClsid Medium
WildTangent HKCR\interface\{ec914a5c-7c4b-4ac8-8c86-c10ff5c0d23d}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{ec914a5c-7c4b-4ac8-8c86-c10ff5c0d23d}\TypeLib Medium
WildTangent HKCR\interface\{f10493c1-d0b6-11d2-a566-444553540000} Medium
WildTangent HKCR\interface\{f10493c1-d0b6-11d2-a566-444553540000}\ProxyStubClsid Medium
WildTangent HKCR\interface\{f10493c1-d0b6-11d2-a566-444553540000}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{f10493c1-d0b6-11d2-a566-444553540000}\TypeLib Medium
WildTangent HKCR\interface\{fa13aa3a-ca9b-11d2-9780-00104b242ea3} Medium
WildTangent HKCR\interface\{fa13aa3a-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid Medium
WildTangent HKCR\interface\{fa13aa3a-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{fa13aa3a-ca9b-11d2-9780-00104b242ea3}\TypeLib Medium
WildTangent HKCR\interface\{fa13aa3e-ca9b-11d2-9780-00104b242ea3} Medium
WildTangent HKCR\interface\{fa13aa3e-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid Medium
WildTangent HKCR\interface\{fa13aa3e-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{fa13aa3e-ca9b-11d2-9780-00104b242ea3}\TypeLib Medium
WildTangent HKCR\interface\{fa13aa40-ca9b-11d2-9780-00104b242ea3} Medium
WildTangent HKCR\interface\{fa13aa40-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid Medium
WildTangent HKCR\interface\{fa13aa40-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{fa13aa40-ca9b-11d2-9780-00104b242ea3}\TypeLib Medium
WildTangent HKCR\interface\{fa13aa44-ca9b-11d2-9780-00104b242ea3} Medium
WildTangent HKCR\interface\{fa13aa44-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid Medium
WildTangent HKCR\interface\{fa13aa44-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{fa13aa44-ca9b-11d2-9780-00104b242ea3}\TypeLib Medium
WildTangent HKCR\interface\{fa13aa46-ca9b-11d2-9780-00104b242ea3} Medium
WildTangent HKCR\interface\{fa13aa46-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid Medium
WildTangent HKCR\interface\{fa13aa46-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{fa13aa46-ca9b-11d2-9780-00104b242ea3}\TypeLib Medium
WildTangent HKCR\interface\{fa13aa50-ca9b-11d2-9780-00104b242ea3} Medium
WildTangent HKCR\interface\{fa13aa50-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid Medium
WildTangent HKCR\interface\{fa13aa50-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{fa13aa50-ca9b-11d2-9780-00104b242ea3}\TypeLib Medium
WildTangent HKCR\interface\{fa13aafa-ca9b-11d2-9780-00104b242ea3} Medium
WildTangent HKCR\interface\{fa13aafa-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid Medium
WildTangent HKCR\interface\{fa13aafa-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{fa13aafa-ca9b-11d2-9780-00104b242ea3}\TypeLib Medium
WildTangent HKCR\interface\{feca7cfa-1083-4073-a98a-cf3389fcaf6a} Medium
WildTangent HKCR\interface\{feca7cfa-1083-4073-a98a-cf3389fcaf6a}\ProxyStubClsid Medium
WildTangent HKCR\interface\{feca7cfa-1083-4073-a98a-cf3389fcaf6a}\ProxyStubClsid32 Medium
WildTangent HKCR\interface\{feca7cfa-1083-4073-a98a-cf3389fcaf6a}\TypeLib Medium
WildTangent HKCR\TypeLib\{4A165BD0-165F-474F-AF66-40CD5AC4613E} Medium
WildTangent HKCR\TypeLib\{4A165BD0-165F-474F-AF66-40CD5AC4613E}\1.0 Medium
WildTangent HKCR\TypeLib\{4A165BD0-165F-474F-AF66-40CD5AC4613E}\1.0\0 Medium
WildTangent HKCR\TypeLib\{4A165BD0-165F-474F-AF66-40CD5AC4613E}\1.0\0\win32 Medium
WildTangent HKCR\TypeLib\{4A165BD0-165F-474F-AF66-40CD5AC4613E}\1.0\FLAGS Medium
WildTangent HKCR\TypeLib\{4A165BD0-165F-474F-AF66-40CD5AC4613E}\1.0\HELPDIR Medium
WildTangent HKCR\typelib\{7946205b-fef7-494f-a64b-3e992a780866} Medium
WildTangent HKCR\typelib\{7946205b-fef7-494f-a64b-3e992a780866}\1.0 Medium
WildTangent HKCR\typelib\{7946205b-fef7-494f-a64b-3e992a780866}\1.0\0 Medium
WildTangent HKCR\typelib\{7946205b-fef7-494f-a64b-3e992a780866}\1.0\0\win32 Medium
WildTangent HKCR\typelib\{7946205b-fef7-494f-a64b-3e992a780866}\1.0\FLAGS Medium
WildTangent HKCR\typelib\{7946205b-fef7-494f-a64b-3e992a780866}\1.0\HELPDIR Medium
WildTangent HKCR\typelib\{fa13aa2e-ca9b-11d2-9780-00104b242ea3} Medium
WildTangent HKCR\typelib\{fa13aa2e-ca9b-11d2-9780-00104b242ea3}\1.0 Medium
WildTangent HKCR\typelib\{fa13aa2e-ca9b-11d2-9780-00104b242ea3}\1.0\0 Medium
WildTangent HKCR\typelib\{fa13aa2e-ca9b-11d2-9780-00104b242ea3}\1.0\0\win32 Medium
WildTangent HKCR\typelib\{fa13aa2e-ca9b-11d2-9780-00104b242ea3}\1.0\FLAGS Medium
WildTangent HKCR\typelib\{fa13aa2e-ca9b-11d2-9780-00104b242ea3}\1.0\HELPDIR Medium
WildTangent HKCR\wt3d.wt Medium
WildTangent HKCR\wt3d.wt\CLSID Medium
WildTangent HKCR\wt3d.wt\CurVer Medium
WildTangent HKCR\wt3d.wt\Insertable Medium
WildTangent HKCR\wt3d.wt.1 Medium
WildTangent HKCR\wt3d.wt.1\CLSID Medium
WildTangent HKCR\wtvis.wtvisreceiver Medium
WildTangent HKCR\wtvis.wtvisreceiver\CLSID Medium
WildTangent HKCR\wtvis.wtvisreceiver\CurVer Medium
WildTangent HKCR\wtvis.wtvisreceiver.1 Medium
WildTangent HKCR\wtvis.wtvisreceiver.1\CLSID Medium
WildTangent HKCR\wtvis.wtvissender Medium
WildTangent HKCR\wtvis.wtvissender\CLSID Medium
WildTangent HKCR\wtvis.wtvissender\CurVer Medium
WildTangent HKCR\wtvis.wtvissender.1 Medium
WildTangent HKCR\wtvis.wtvissender.1\CLSID Medium
WildTangent HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cpls##wtControlPanel Medium
Tracking Cookie(s) milena
[email protected][1].txt Medium
Tracking Cookie(s) milena stopic@ezboard[1].txt Medium
Tracking Cookie(s) milena stopic@webfile[2].txt Medium
Tracking Cookie(s) milena stopic@insightfirst[2].txt Medium
Tracking Cookie(s) milena stopic@13372777[2].txt Medium
Tracking Cookie(s) milena stopic@indextools[1].txt Medium
Tracking Cookie(s) milena stopic@network[1].txt Medium
2nd-thought.com milena stopic@offeroptimizer[2].txt Medium
Tracking Cookie(s) milena
[email protected][1].txt Medium
Tracking Cookie(s) milena stopic@30724777[2].txt Medium
Tracking Cookie(s) milena
[email protected][1].txt Medium
Tracking Cookie(s) milena
[email protected][1].txt Medium
Specific911 Hijack milena stopic@mygeek[1].txt High
Tracking Cookie(s) milena
[email protected][2].txt Medium
Tracking Cookie(s) milena stopic@74613876[2].txt Medium
Tracking Cookie(s) milena
[email protected][1].txt Medium
Tracking Cookie(s) milena
[email protected][2].txt Medium
Tracking Cookie(s) milena stopic@yadro[2].txt Medium
Tracking Cookie(s) milena stopic@adriver[1].txt Medium
Tracking Cookie(s) milena stopic@theuseful[1].txt Medium
NewDotNet HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} High
NewDotNet HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\InprocServer32 High
NewDotNet HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\ProgID High
NewDotNet HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\Programmable High
NewDotNet HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\TypeLib High
NewDotNet HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\VersionIndependentProgID High
NewDotNet HKLM\Software\Classes\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} High
NewDotNet HKLM\Software\Classes\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\InprocServer32 High
NewDotNet HKLM\Software\Classes\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\ProgID High
NewDotNet HKLM\Software\Classes\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\Programmable High
NewDotNet HKLM\Software\Classes\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\TypeLib High
NewDotNet HKLM\Software\Classes\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\VersionIndependentProgID High
NewDotNet HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} High
NewDotNet HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\iexplore High
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D} Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Control Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\InprocServer32 Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Insertable Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\MiscStatus Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\MiscStatus\1 Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\ProgID Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Programmable Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\ToolboxBitmap32 Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\TypeLib Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Version Medium
WildTangent HKCR\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\VersionIndependentProgID Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D} Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Control Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\InprocServer32 Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Insertable Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\MiscStatus Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\MiscStatus\1 Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\ProgID Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Programmable Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\ToolboxBitmap32 Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\TypeLib Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\Version Medium
WildTangent HKLM\Software\Classes\CLSID\{3A7FE611-1994-4EF1-A09F-99456752289D}\VersionIndependentProgID Medium
WildTangent HKCR\CLSID\{7F23E6E5-0E79-4AEE-B723-B1463805D5A9} Medium
WildTangent HKCR\CLSID\{7F23E6E5-0E79-4AEE-B723-B1463805D5A9}\InprocServer32 Medium
WildTangent HKCR\CLSID\{7F23E6E5-0E79-4AEE-B723-B1463805D5A9}\ProgID Medium
WildTangent HKCR\CLSID\{7F23E6E5-0E79-4AEE-B723-B1463805D5A9}\TypeLib Medium
WildTangent HKCR\CLSID\{7F23E6E5-0E79-4AEE-B723-B1463805D5A9}\VersionIndependentProgID Medium
WildTangent HKLM\Software\Classes\CLSID\{7F23E6E5-0E79-4AEE-B723-B1463805D5A9} Medium
WildTangent HKLM\Software\Classes\CLSID\{7F23E6E5-0E79-4AEE-B723-B1463805D5A9}\InprocServer32 Medium
WildTangent HKLM\Software\Classes\CLSID\{7F23E6E5-0E79-4AEE-B723-B1463805D5A9}\ProgID Medium
WildTangent HKLM\Software\Classes\CLSID\{7F23E6E5-0E79-4AEE-B723-B1463805D5A9}\TypeLib Medium
WildTangent HKLM\Software\Classes\CLSID\{7F23E6E5-0E79-4AEE-B723-B1463805D5A9}\VersionIndependentProgID Medium
WildTangent HKCR\CLSID\{8ECF83A0-1AC9-11D4-8501-00A0CC5D1F63} Medium
WildTangent HKCR\CLSID\{8ECF83A0-1AC9-11D4-8501-00A0CC5D1F63}\InprocServer32 Medium
WildTangent HKLM\Software\Classes\CLSID\{8ECF83A0-1AC9-11D4-8501-00A0CC5D1F63} Medium
WildTangent HKLM\Software\Classes\CLSID\{8ECF83A0-1AC9-11D4-8501-00A0CC5D1F63}\InprocServer32 Medium
WildTangent HKCR\CLSID\{B9BA256A-075B-49EA-B9E2-7DBC2EF021D5} Medium
WildTangent HKCR\CLSID\{B9BA256A-075B-49EA-B9E2-7DBC2EF021D5}\InprocServer32 Medium
WildTangent HKCR\CLSID\{B9BA256A-075B-49EA-B9E2-7DBC2EF021D5}\ProgID Medium
WildTangent HKCR\CLSID\{B9BA256A-075B-49EA-B9E2-7DBC2EF021D5}\TypeLib Medium
WildTangent HKCR\CLSID\{B9BA256A-075B-49EA-B9E2-7DBC2EF021D5}\VersionIndependentProgID Medium
WildTangent HKLM\Software\Classes\CLSID\{B9BA256A-075B-49EA-B9E2-7DBC2EF021D5} Medium
WildTangent HKLM\Software\Classes\CLSID\{B9BA256A-075B-49EA-B9E2-7DBC2EF021D5}\InprocServer32 Medium
WildTangent HKLM\Software\Classes\CLSID\{B9BA256A-075B-49EA-B9E2-7DBC2EF021D5}\ProgID Medium
WildTangent HKLM\Software\Classes\CLSID\{B9BA256A-075B-49EA-B9E2-7DBC2EF021D5}\TypeLib Medium
WildTangent HKLM\Software\Classes\CLSID\{B9BA256A-075B-49EA-B9E2-7DBC2EF021D5}\VersionIndependentProgID Medium
WildTangent HKCR\CLSID\{ECFBE6E0-1AC8-11D4-8501-00A0CC5D1F63} Medium
WildTangent HKCR\CLSID\{ECFBE6E0-1AC8-11D4-8501-00A0CC5D1F63}\InprocServer32 Medium
WildTangent HKLM\Software\Classes\CLSID\{ECFBE6E0-1AC8-11D4-8501-00A0CC5D1F63} Medium
WildTangent HKLM\Software\Classes\CLSID\{ECFBE6E0-1AC8-11D4-8501-00A0CC5D1F63}\InprocServer32 Medium
WildTangent HKCR\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3} Medium
WildTangent HKCR\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\Control Medium
WildTangent HKCR\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\InprocServer32 Medium
WildTangent HKCR\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\Insertable Medium
WildTangent HKCR\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\MiscStatus Medium
WildTangent HKCR\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\MiscStatus\1 Medium
WildTangent HKCR\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\ProgID Medium
WildTangent HKCR\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\Programmable Medium
WildTangent HKCR\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\ToolboxBitmap32 Medium
WildTangent HKCR\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\TypeLib Medium
WildTangent HKCR\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\Version Medium
WildTangent HKCR\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\VersionIndependentProgID Medium
WildTangent HKLM\Software\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3} Medium
WildTangent HKLM\Software\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\Control Medium
WildTangent HKLM\Software\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\InprocServer32 Medium
WildTangent HKLM\Software\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\Insertable Medium
WildTangent HKLM\Software\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\MiscStatus Medium
WildTangent HKLM\Software\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\MiscStatus\1 Medium
WildTangent HKLM\Software\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\ProgID Medium
WildTangent HKLM\Software\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\Programmable Medium
WildTangent HKLM\Software\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\ToolboxBitmap32 Medium
WildTangent HKLM\Software\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\TypeLib Medium
WildTangent HKLM\Software\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\Version Medium
WildTangent HKLM\Software\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\VersionIndependentProgID Medium
NewDotNet C:\Program Files\NewDotNet\readme.html High
NewDotNet C:\Program Files\NewDotNet\uninstall6_38.exe High
NewDotNet C:\WINDOWS\NDNuninstall6_38.exe High
WildTangent C:\WINDOWS\wt\data.wts Medium
WildTangent C:\WINDOWS\wt\WDInUsePlugin.dll Medium
WildTangent C:\WINDOWS\wt\wt3d.dll Medium
WildTangent C:\WINDOWS\wt\wt3d.ini Medium
WildTangent C:\WINDOWS\wt\wtvh.dll Medium
WildTangent C:\Program Files\Java\j2re1.4.1_02\bin\jDRM0302.dll Medium
WildTangent C:\Program Files\Java\j2re1.4.1_02\bin\wtdmmp.dll Medium
WildTangent C:\Program Files\Java\j2re1.4.1_02\bin\wtdmmpv.dll Medium
WildTangent C:\Program Files\Java\j2re1.4.1_02\lib\ext\wildtangent.jar Medium
WildTangent C:\Program Files\Java\j2re1.4.1_02\lib\ext\wtdmmpi.jar Medium
Password Detector C:\Program Files\Micro DVD Player\uninstall.exe High
nCASE C:\temp\kyf.dat Medium
and this is my hijack this log
Logfile of HijackThis v1.97.7
Scan saved at 9:49:57 PM, on 3/18/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Google\Gmail Notifier\G001-1.0.24.0\gnotify.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\Desktop Sidebar\dsidebar.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\PROGRA~1\Netscape\Netscape\Netscp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\adware programs\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://students.iit.edu/R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.gmail.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapp...rch/search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://us8l.hpwis.comR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://search.qsrch.com/R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
N3 - Netscape 7: user_pref("browser.startup.homepage", "www.gmail.com"); (C:\Documents and Settings\Milena Stopic\Application Data\Mozilla\Profiles\default\tvlyuztk.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Milena Stopic\Application Data\Mozilla\Profiles\default\tvlyuztk.slt\prefs.js)
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\G001-1.0.24.0\gnotify.exe
O4 - HKLM\..\Run: [Parallel Tasking] C:\Program Files\Parallel Tasking\ptask.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [BackupNotify] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [SIDEBAR] "C:\Program Files\Desktop Sidebar\dsidebar.exe"
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Subscribe in Desktop Sidebar - res://C:\Program Files\Desktop Sidebar\sbhelp.dll/menuhandler.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Subscribe in Desktop Sidebar (HKLM)
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar (HKLM)
O9 - Extra button: Spyware Doctor (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: MoneySide (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O9 - Extra button: WeatherBug (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://us8l.hpwis.com
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -
http://download.yaho...nst_current.cabO16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akama...meInstaller.exeO16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) -
http://download.mcaf...84/mcinsctl.cabO16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.r...ip/RdxIE601.cabO16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://C:\Program Files\Autodesk Architectural Desktop 3\AcDcToday.ocx
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) -
http://dm.screensave.../sinstaller.cabO16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Program Files\Autodesk Architectural Desktop 3\InstBanr.ocx
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} -
http://us.dl1.yimg.c...utocomplete.cabO16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
http://download.mcaf...,21/mcgdmgr.cabO16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - file://C:\Program Files\Autodesk Architectural Desktop 3\InstFred.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macr...ash/swflash.cabO16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} -
http://ax.phobos.app.../ITDetector.cabO16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Program Files\Autodesk Architectural Desktop 3\AcPreview.ocx
can someone tell me just how bad this is ? how do I get rid of the Trojan Downloader??? The Symantec description didn't work, because I did what they told me to do and I still have the virus...
Pls help!