here is my Bitdefinder report:BitDefender Online Scanner
Scan report generated at: Mon, Jun 27, 2005 - 20:06:05
Scan path: A:\;C:\;D:\;
Statistics
Time
00:37:19
Files
106557
Folders
1094
Boot Sectors
3
Archives
391
Packed Files
21550
Results
Identified Viruses
2
Infected Files
2
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
2
Engines Info
Virus Definitions
185777
Engine build
AVCORE v1.0 (build 2292) (i386) (Mar 3 2005 11:57:29)
Scan plugins
13
Archive plugins
38
Unpack plugins
4
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\WINDOWS\Downloaded Program Files\webdlg32.dll
Detected with: Application.Adware.Sbsoft
C:\WINDOWS\Downloaded Program Files\webdlg32.dll
Disinfection failed
C:\WINDOWS\Downloaded Program Files\webdlg32.dll
Deleted
C:\Program Files\NewDotNet\newdotnet6_38.dll
Detected with: Application.Adware.NewDotNet.B
C:\Program Files\NewDotNet\newdotnet6_38.dll
Disinfection failed
C:\Program Files\NewDotNet\newdotnet6_38.dll
Deleted
And my HJT Log:Logfile of HijackThis v1.99.1
Scan saved at 8:07:46 PM, on 6/27/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
c:\windows\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\YAHOO!\BROWSER\YBRWICON.EXE
C:\PROGRAM FILES\WUSB11 WLAN MONITOR\WUSB11B.EXE
C:\PROGRAM FILES\SBC YAHOO!\CONNECTION MANAGER\IP INSIGHT\IPMON32.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\PRINTRAY.EXE
C:\WINDOWS\SYSTEM\LXSUPMON.EXE
C:\PROGRAM FILES\YAHOO!\BROWSER\YCOMMON.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\HIJACK THIS\HIJACKTHIS.EXE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://yahoo.sbc.com/dslO2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [WUSB11B.exe] C:\Program Files\WUSB11 WLAN Monitor\WUSB11B.exe
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\PROGRAM FILES\SBC YAHOO!\CONNECTION MANAGER\IP INSIGHT\IPMon32.exe"
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [LexStart] Lexstart.exe
O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\SYSTEM\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinPatrol] "C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE
O4 - HKCU\..\Run: [warez] "C:\PROGRAM FILES\WAREZ P2P CLIENT\WAREZ.EXE" -h
O4 - Startup: Microsoft Office.lnk = c:\WINDOWS\Application Data\Microsoft\Installer\{00000409-78E1-11D2-B60F-006097C998E7}\misc.exe
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES.DLL
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\PROGRAM FILES\YAHOO!\COMMON\YLOGIN.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\PROGRAM FILES\YAHOO!\COMMON\YLOGIN.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (WficaCtl Object) -
http://163.181.142.17/wfica.cabO16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) -
http://www.installfr...ll/iftwclix.cabO16 - DPF: {2FF18E20-DE11-11D1-8161-00A0C90DD90C} (MSNBC News Menu Control 3.01) -
http://www.msnbc.com...load/nm1228.cabO16 - DPF: {5EADE0BC-B99F-4031-B60A-31ECA800E8CF} (TradecSwitcher.Switcher) -
http://sas.tradec.co...decSwitcher.CABO16 - DPF: {5869FB02-63E4-11D4-A5D3-0050DA5F5B70} (TradecGetRegistryInfo.GetRegistryInfo) -
https://sas.tradec.c...egistryInfo.ocxO16 - DPF: {4492B1D2-6CBD-11D4-958F-00B0D02CEE1C} (TradecDataManager.DataManager) -
https://www.01t.net/...DataManager.CABO16 - DPF: {4B4A2381-30C9-11D4-80A2-00B0D02CECB2} (TradecAutoCreate.AutoCreate) -
https://www.01t.net/...cAutoCreate.CABO16 - DPF: {5FB836E6-30E8-11D4-80A2-00B0D02CECB2} (TradecPasteWiz.PasteWiz) -
https://www.01t.net/...decPasteWiz.CABO16 - DPF: {9EB6A817-B74F-11D4-8168-005004630EB3} (TradecBWAutoCreate.BWAutoCreate) -
https://sas.tradec.c...WAutoCreate.CABO16 - DPF: {CB13317E-30C9-11D4-80A2-00B0D02CECB2} (TradecValidateEdit.ValidateEdit) -
https://sas.tradec.c...alidateEdit.CABO16 - DPF: {EBECDD4F-A5D2-407C-9B2E-E455E4E97FBD} (TradecCurrencyCnvrt.Currency) -
https://sas.tradec.c...rrencyCnvrt.CABO16 - DPF: {5E511804-EC1E-11D4-8180-005004630EB3} (TradecMfgNameMgr.MfgNameMgr) -
https://sas.tradec.c...cMfgNameMgr.CABO16 - DPF: {7C812FE0-BA23-11D3-8029-00105AA9E599} (TradecSQLControl.SQLQuery) -
https://www.01t.net/...cSQLControl.CABO16 - DPF: {94356756-0DD4-11D5-95A0-00B0D02CEE1C} (TradecAddCol.AddEditCol) -
https://www.01t.net/...radecAddCol.CABO16 - DPF: {E140215F-B436-11D4-8933-0050046313EB} (TradecAssignRecipients.AssignRecipients) -
https://www.01t.net/...nRecipients.CABO16 - DPF: {55F2A52A-327E-11D4-8141-005004630EB3} (TradecSimpleGrid.Grid) -
https://www.01t.net/...cSimpleGrid.cabO16 - DPF: {A1B59EBD-63E7-11D4-A5D3-0050DA5F5B70} (TradecXMLUpload.XMLUpload) -
https://www.01t.net/...ecXMLUpload.CABO16 - DPF: {E6F29F50-0E1E-44E7-AD07-CD466307ED16} (TradecSwitcher Control) -
http://sas.tradec.co...decSwitcher.OCXO16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai...all/xscan53.cabO16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) -
http://photos.yahoo....plorer1_9us.cabO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn...pDownloader.cabO16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.r...ip/RdxIE601.cabO16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -
http://us.dl1.yimg.c...nst_current.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://www.pandasoft.../as5/asinst.cabO16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://www.bitdefend...can8/oscan8.cab