I would be rapt if someone could help me get rid of Adware.CDT.
Logfile of HijackThis v1.98.2
Scan saved at 9:55:04 PM, on 7/10/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\WINDOWS\LTMSG.exe
C:\WINDOWS\System32\golum\services.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-au\msnappau.exe
C:\Program Files\OptusNet DSL Internet\DSC.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\KEMailKb\KEMailKb.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\BHODemon 2\BHODemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\unzipped\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchmiracle.com/sp.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.coolsearch.biz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.coolsearch.biz/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.ebay.com.au/
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O1 - Hosts: 3466690378 view.atdmt.com
O1 - Hosts: 3466690378 click.atdmt.com
O1 - Hosts: 3466690378 leader.linkexchange.com
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [TrayX] C:\WINDOWS\winppr32.exe /sinc
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [Golum] C:\WINDOWS\System32\golum\services.exe
O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\System32\twink64.exe internat.dll,LoadKeyboardProfile
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-au\msnappau.exe"
O4 - HKLM\..\Run: [Windows SyncroAd] C:\Program Files\Windows SyncroAd\SyncroAd.exe
O4 - HKLM\..\Run: [NdkjOwEe] C:\documents and settings\roger2\local settings\temp\NdkjOwEe.exe
O4 - HKLM\..\Run: [3por8] C:\documents and settings\roger2\local settings\temp\3por8.exe
O4 - HKLM\..\Run: [Desktop Service Centre] C:\Program Files\OptusNet DSL Internet\DSC.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [KEMailKb] C:\PROGRA~1\KEMailKb\KEMailKb.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Shcs] C:\Documents and Settings\Roger2\Application Data\f?nd.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\spydoctor.exe" /Q
O4 - Startup: BHODemon 2.0.lnk = C:\Program Files\BHODemon 2\BHODemon.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: ChatSpace Full Java Client 4.0.0.300 - http://about.chatspa...va/cfs40300.cab
O16 - DPF: Yahoo! Pyramids - http://download.game...ts/y/pyt1_x.cab
O16 - DPF: {05A80B5C-1C5A-51DF-9DE3-187A4F3544DF} - http://69.50.188.54/1/gdnIN208.exe
O16 - DPF: {07614CF6-F83B-2A35-0CBF-56C832D66978} - http://69.50.188.54/1/gdnAU208.exe
O16 - DPF: {09385BFA-54FB-5156-9E3A-623D77018EDD} - http://69.50.188.54/1/gdnIN208.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www1.pcpitsto...p/PCPitStop.CAB
O16 - DPF: {0EBE77E8-0B66-54B8-A69E-5FE54C6F8EC0} - http://69.50.188.54/1/gdnIN208.exe
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windup...d7510b28ebf1261
O16 - DPF: {17492A7B-D656-39E7-71BF-4DA14A54E7E6} - http://69.50.188.54/1/gdnIN208.exe
O16 - DPF: {1DB8A98C-8E23-29F6-6713-10AD2E7CF568} - http://69.50.188.54/1/gdnIN208.exe
O16 - DPF: {2221BFC5-E613-56B8-F113-042C1C6103D0} - http://69.50.188.54/1/gdnIN208.exe
O16 - DPF: {28170FAF-DF95-7E7E-C215-7BDC4BBA840F} - http://69.50.188.54/1/gdnAU208.exe
O16 - DPF: {2A745F61-C6BD-2294-8C14-700A1C9CE5BB} - http://69.50.188.54/1/gdnAU208.exe
O16 - DPF: {2BA04D2A-D732-4694-C8E0-5DE844BB518B} - http://69.50.188.54/1/gdnAU208.exe
O16 - DPF: {2C28931E-F60D-2712-B42F-21602773BA04} - http://69.50.188.54/1/gdnAU208.exe
O16 - DPF: {2F2986D2-8746-2409-8205-16A20601D4B6} - http://69.50.188.54/1/gdnIN208.exe
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://69.44.122.156...r/axscanner.cab
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolba...006_regular.cab
O16 - DPF: {4A374FCB-258F-12CA-0879-3754072E0804} - http://69.50.188.54/1/gdnIN208.exe
O16 - DPF: {4AA502A7-80F3-0128-D9C2-4DF36AAD8E9D} - http://69.50.188.54/1/gdnIN208.exe
O16 - DPF: {4C7D41EC-70DC-4168-DA34-0EC36FF24DF3} - http://69.50.188.54/1/gdnIN208.exe
O16 - DPF: {4FD2CF62-5FD3-5BA3-A13B-4BCA294ACADE} - http://69.50.188.54/1/gdnAU208.exe
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/...h/v2/EARTPX.cab
O16 - DPF: {55BF7D94-A9A9-7A46-7BE7-2DF758DB8037} - http://69.50.188.54/1/gdnAU208.exe
O16 - DPF: {5B5AE2CC-CE20-0ABD-74D6-01FE7B0CC6A8} - http://69.50.188.54/1/gdnAU208.exe
O16 - DPF: {5CD8E3A8-C669-6D5A-E0BB-5C9200803772} - http://69.50.188.54/1/gdnAU208.exe
O16 - DPF: {62B61F87-F1B1-769B-6739-3F783A421F4D} - http://69.50.188.54/1/gdnIN208.exe
O16 - DPF: {636451B6-6767-4191-4D51-3A2911AE6520} - http://69.50.188.54/1/gdnIN208.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1093344930196
O16 - DPF: {68C79730-3924-674C-FF5A-6C7D27B4A1B1} - http://69.50.188.54/1/gdnIN208.exe
O16 - DPF: {6C0D52B1-0B88-72BA-6812-6FFA0F596F5B} - http://69.50.188.54/1/gdnAU208.exe
O16 - DPF: {6E76033B-57A1-6DEF-AAAA-579511C9E1CD} - http://69.50.188.54/1/rdgAU208.exe
O16 - DPF: {6F1B6D05-F750-1CA9-266E-3893331DB310} - http://69.50.188.54/1/gdnIN208.exe
O16 - DPF: {733A9976-5257-65C4-6B79-22AC64CE2C41} - http://69.50.188.54/1/gdnAU208.exe
O16 - DPF: {73472526-496F-7580-28CC-019924BC9A0D} - http://69.50.188.54/1/gdnIN208.exe
O16 - DPF: {734934A2-B8C8-59F1-35C4-659D079E53F1} - http://69.50.188.54/1/gdnAU208.exe
O16 - DPF: {749DAE54-E066-5262-41ED-795108CB5C63} - http://69.50.188.54/1/gdnIN208.exe
O16 - DPF: {75942526-BF6B-03BA-743C-52851703C42D} - http://69.50.188.54/1/gdnIN208.exe
O16 - DPF: {7F8D2990-5EF0-1716-2773-6D8F229C2FA4} - http://69.50.188.54/1/gdnIN208.exe
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensave.../sinstaller.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.c.../ymmapi_416.dll
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/p...t/msnchat45.cab
O16 - DPF: {FF65677A-8977-48CA-916A-DFF81B037DF3} - http://download.over...com/WildApp.cab