http://www.geekstogo...?showtopic=2852
before posting as instructed. Here are the log from those scans.
Logfile of HijackThis v1.99.1
Scan saved at 8:00:19 PM, on 4/4/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\David Douglas\My Documents\New Folder\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by SBC Yahoo! DSL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1806238990754
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symant...ex/symdlmgr.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/s...nfo/webscan.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 5:39:34 PM 4/3/2007
+ Scan result:
C:\Program Files\WinMsg\SB6I.EXE -> Adware.ErrorSafe : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E6CE4CD-161B-4847-B8BF-E2EF72299D69} -> Logger.Sters : Cleaned with backup (quarantined).
HKU\S-1-5-21-1123561945-1078145449-1957994488-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E6CE4CD-161B-4847-B8BF-E2EF72299D69} -> Logger.Sters : Cleaned with backup (quarantined).
:mozilla.252:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.301:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.56:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.60:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.61:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.62:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.63:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.70:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.31:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Abcsearch : Cleaned.
:mozilla.108:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.109:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.141:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.142:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.143:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.65:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.66:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.67:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.69:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.168:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.215:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.216:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.306:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned.
:mozilla.167:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.52:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.335:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.324:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Findwhat : Cleaned.
:mozilla.345:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Goclick : Cleaned.
:mozilla.346:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Goclick : Cleaned.
:mozilla.353:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.117:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.259:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.260:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.89:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.17:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.18:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.340:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.341:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.82:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned.
:mozilla.55:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.57:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.58:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.64:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.381:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.382:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.297:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.32:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.33:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.34:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.35:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.36:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.87:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.88:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.316:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.317:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.320:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.321:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.180:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.181:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.182:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.183:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.184:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.185:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.370:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.371:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.372:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.373:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.194:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.140:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.285:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.92:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.107:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.110:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.111:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.112:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.113:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.114:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.115:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.116:C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\WINDOWS\dsrss.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\preredir.exe -> Trojan.Small : Cleaned with backup (quarantined).
::Report end
SUPERAntiSpyware Scan Log
Generated 04/03/2007 at 07:36 PM
Application Version : 3.6.1000
Core Rules Database Version : 3212
Trace Rules Database Version: 1222
Scan type : Complete Scan
Total Scan Time : 00:54:00
Memory items scanned : 366
Memory threats detected : 1
Registry items scanned : 4001
Registry threats detected : 9
File items scanned : 26272
File threats detected : 62
Trojan.Downloader-StrangeBru
C:\PROGRAM FILES\WINMSG\UINST.EXE
C:\PROGRAM FILES\WINMSG\UINST.EXE
[StUnInst] C:\PROGRAM FILES\WINMSG\UINST.EXE
C:\PROGRAM FILES\WINMSG\SYSMONMS.EXE
Trojan.Downloader-Heltrans
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{890C7964-9320-4055-BE11-7D7B562A6417}
Trojan.BankSteal-Gen
HKCR\TypeLib\{14A5F3E7-B235-4D98-9264-5C67D2657BC4}
HKCR\TypeLib\{14A5F3E7-B235-4D98-9264-5C67D2657BC4}\3.0
HKCR\TypeLib\{14A5F3E7-B235-4D98-9264-5C67D2657BC4}\3.0
HKCR\TypeLib\{14A5F3E7-B235-4D98-9264-5C67D2657BC4}\3.0\win32
HKCR\TypeLib\{14A5F3E7-B235-4D98-9264-5C67D2657BC4}\3.0\FLAGS
HKCR\TypeLib\{14A5F3E7-B235-4D98-9264-5C67D2657BC4}\3.0\HELPDIR
HKLM\Software\Microsoft\Windows\CurrentVersion\Run#Microsoft Windows Logon Process [ C:\WINDOWS\winlogon.exe ]
C:\WINDOWS\system32\drv32dta\pstore_021008_004045.txt
C:\WINDOWS\system32\drv32dta\klg.tmp
C:\WINDOWS\system32\drv32dta\pstore_070326_234812.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_004250.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_013234.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_013828.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_035009.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_042617.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_042932.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_055458.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_061736.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_063612.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_081047.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_092526.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_123320.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_125948.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_131853.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_133049.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_134456.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_150117.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_152139.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_153748.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_174004.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_180135.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_184942.txt
C:\WINDOWS\system32\drv32dta\pstore_070327_192948.txt
C:\WINDOWS\system32\drv32dta\pstore_070329_215912.txt
C:\WINDOWS\system32\drv32dta\pstore_070329_221241.txt
C:\WINDOWS\system32\drv32dta\pstore_070329_223042.txt
C:\WINDOWS\system32\drv32dta\pstore_070329_225645.txt
C:\WINDOWS\system32\drv32dta\pstore_070329_231347.txt
C:\WINDOWS\system32\drv32dta\pstore_070329_232520.txt
C:\WINDOWS\system32\drv32dta\pstore_070329_233143.txt
C:\WINDOWS\system32\drv32dta\pstore_070330_000231.txt
C:\WINDOWS\system32\drv32dta\pstore_070330_005942.txt
C:\WINDOWS\system32\drv32dta\pstore_070330_013951.txt
C:\WINDOWS\system32\drv32dta\pstore_070330_020458.txt
C:\WINDOWS\system32\drv32dta\pstore_070330_020844.txt
C:\WINDOWS\system32\drv32dta\pstore_070330_033740.txt
C:\WINDOWS\system32\drv32dta\pstore_070330_045445.txt
C:\WINDOWS\system32\drv32dta\pstore_070330_050625.txt
C:\WINDOWS\system32\drv32dta\pstore_070330_072653.txt
C:\WINDOWS\system32\drv32dta\pstore_070330_073138.txt
C:\WINDOWS\system32\drv32dta\pstore_070330_074041.txt
C:\WINDOWS\system32\drv32dta\pstore_070330_203559.txt
C:\WINDOWS\system32\drv32dta\pstore_070330_220140.txt
C:\WINDOWS\system32\drv32dta\pstore_070331_005432.txt
C:\WINDOWS\system32\drv32dta\pstore_070331_012623.txt
C:\WINDOWS\system32\drv32dta\pstore_070331_020246.txt
C:\WINDOWS\system32\drv32dta\pstore_070331_031202.txt
C:\WINDOWS\system32\drv32dta\pstore_070403_144122.txt
C:\WINDOWS\system32\drv32dta\pstore_070403_150326.txt
C:\WINDOWS\system32\drv32dta\pstore_070403_151225.txt
C:\WINDOWS\system32\drv32dta\pstore_070403_152640.txt
C:\WINDOWS\system32\drv32dta\pstore_070403_154518.txt
C:\WINDOWS\system32\drv32dta\pstore_070403_155030.txt
C:\WINDOWS\system32\drv32dta\pstore_070403_161623.txt
C:\WINDOWS\system32\drv32dta
Trojan.IE Service
C:\DOCUMENTS AND SETTINGS\DAVID DOUGLAS\~WIN3232.EXE
Trojan.MS PreRedirector
C:\SYSTEM VOLUME INFORMATION\_RESTORE{C4EE5890-B045-46B6-9F15-7E65596CE41D}\RP23\A0008411.EXE
Incident Status Location
Adware:Adware/BraveSentry Not disinfected C:\WINDOWS\SYSTEM32\ADVVPI32.DLL
Potentially unwanted tool:Application/Processor Not disinfected C:\WINDOWS\SYSTEM32\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\David Douglas\Desktop\SmitfraudFix\Process.exe
Virus:Trj/Shutdown.Z Disinfected C:\Documents and Settings\David Douglas\Desktop\SmitfraudFix\RESTART.EXE
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\COOKIES.TXT[.trafficmp.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\COOKIES.TXT[.adrevolver.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\COOKIES.TXT[.advertising.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\COOKIES.TXT[.atdmt.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\COOKIES.TXT[ad.yieldmanager.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\COOKIES.TXT[.atwola.com/]
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\David Douglas\Application Data\Mozilla\Firefox\Profiles\nnqawix7.default\COOKIES.TXT[.drivecleaner.com/]
Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\fixwareout\FindT\NIRCMD.EXE