Just finished with the Ewido scanning, here is the log.
I have also included a new HijackThis log as well.
By the way, when I rebooted the computer, I got the following notice:
Error loading
C:/windows/cfgmgrs2.dll
The specified module could not be found.
Again, thank you for all your help, I really appreciate it.
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 1:30:10 PM, 8/9/2005
+ Report-Checksum: C68D5886
+ Scan result:
HKLM\SOFTWARE\Classes\AppID\AtlBrowser.EXE -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\BookedSpace.DLL -> Spyware.BookedSpace : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\eZulaBootExe.EXE -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\{0818D423-6247-11D1-ABEE-00D049C10000} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\{0DC5CD7C-F653-4417-AA43-D457BE3A9622} -> Spyware.BookedSpace : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\{C0335198-6755-11D4-8A73-0050DA2EE1BE} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\AtlBrCon.AtlBrCon -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\AtlBrCon.AtlBrCon\CurVer -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\BookedSpace.Extension -> Spyware.BookedSpace : Cleaned with backup
HKLM\SOFTWARE\Classes\BookedSpace.Extension\CLSID -> Spyware.BookedSpace : Cleaned with backup
HKLM\SOFTWARE\Classes\BookedSpace.Extension\CurVer -> Spyware.BookedSpace : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0019C3E2-DD48-4A6D-ABCD-8D32436323D9} -> Spyware.BookedSpace : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{25630B47-53C6-4E66-A945-9D7B6B2171FF} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{370F6354-41C4-4FA6-A2DF-1BA57EE0FBB9} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{50B4D2B3-723F-41B3-AEC4-0BD66F0F45FF} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{6DF5E318-6994-4A41-85BD-45CCADA616F8} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{788C6F6F-C2EA-4A63-9C38-CE7D8F43BCE4} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{78BCF937-45B0-40A7-9391-DCC03420DB35} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9CFA26C0-81DA-4C9D-A501-F144A4A000FA} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A166C1B0-5CDB-447A-894A-4B9FD7149D51} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C03351A4-6755-11D4-8A73-0050DA2EE1BE} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E7A05400-4CFA-4DF3-A643-E40F86E8E3D7} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F75521B8-76F1-4A4D-84B1-9E642E9C51D0} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\EZulaBootExe.InstallCtrl -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\EZulaBootExe.InstallCtrl\CLSID -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\EZulaBootExe.InstallCtrl\CurVer -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\EZulaMain.eZulaPopSearchPipe -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\EZulaMain.eZulaPopSearchPipe\CLSID -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\EZulaMain.eZulaPopSearchPipe\CurVer -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{05080E6B-A88A-4CFD-8C3D-9B2557670B6E} -> Spyware.BookedSpace : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{241667A3-EC83-4885-84DD-C2DAAFC1C5EA} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{25630B50-53C6-4E66-A945-9D7B6B2171FF} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{370F6327-41C4-4FA6-A2DF-1BA57EE0FBB9} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{370F6353-41C4-4FA6-A2DF-1BA57EE0FBB9} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{788C6F6E-C2EA-4A63-9C38-CE7D8F43BCE4} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{78BCF936-45B0-40A7-9391-DCC03420DB35} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{955CBF48-4313-4B1F-872B-254B7822CCF2} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{9CFA26C2-81DA-4C9D-A501-F144A4A000FA} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{C03351A3-6755-11D4-8A73-0050DA2EE1BE} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{EFA52460-8822-4191-BA38-FACDD2007910} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{0DC5CD7C-F653-4417-AA43-D457BE3A9622} -> Spyware.BookedSpace : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{370F6327-41C4-4FA6-A2DF-1BA57EE0FBB9} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{9CFA26C0-81DA-4C9D-A501-F144A4A000FA} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{9CFA26C1-81DA-4C9D-A501-F144A4A000FA} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{BAF13496-8F72-47A1-9CEE-09238EFC75F0} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{C0335197-6755-11D4-8A73-0050DA2EE1BE} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{50B4D2B3-723F-41B3-AEC4-0BD66F0F45FF} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{A166C1B0-5CDB-447A-894A-4B9FD7149D51} -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Web Offer -> Spyware.eZula : Cleaned with backup
HKLM\SOFTWARE\SecureWin -> Spyware.Adlogix : Cleaned with backup
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0019C3E2-DD48-4A6D-ABCD-8D32436323D9} -> Spyware.BookedSpace : Cleaned with backup
HKU\S-1-5-21-79857088-1445276385-955046455-1006\Software\dsktb -> Spyware.IEPlugin : Cleaned with backup
HKU\S-1-5-21-79857088-1445276385-955046455-1006\Software\dsktb\DesktopToolbar -> Spyware.IEPlugin : Cleaned with backup
HKU\S-1-5-21-79857088-1445276385-955046455-1006\Software\eZula -> Spyware.eZula : Cleaned with backup
HKU\S-1-5-21-79857088-1445276385-955046455-1006\Software\eZula\Setup -> Spyware.eZula : Cleaned with backup
HKU\S-1-5-21-79857088-1445276385-955046455-1006\Software\eZula\Setup\ID -> Spyware.eZula : Cleaned with backup
HKU\S-1-5-21-79857088-1445276385-955046455-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0019C3E2-DD48-4A6D-ABCD-8D32436323D9} -> Spyware.BookedSpace : Cleaned with backup
HKU\S-1-5-21-79857088-1445276385-955046455-1006\Software\Web Offer -> Spyware.eZula : Cleaned with backup
HKU\S-1-5-21-79857088-1445276385-955046455-1006\Software\Web Offer\Setup -> Spyware.eZula : Cleaned with backup
HKU\S-1-5-21-79857088-1445276385-955046455-1006\Software\Web Offer\Setup\ID -> Spyware.eZula : Cleaned with backup
HKU\S-1-5-21-79857088-1445276385-955046455-1006\Software\Web Offer\Setup\Path -> Spyware.eZula : Cleaned with backup
HKU\S-1-5-21-79857088-1445276385-955046455-1006\Software\{12EE7A5E-0674-42f9-A76B-000000004D00} -> Spyware.BrowserAid : Cleaned with backup
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0019C3E2-DD48-4A6D-ABCD-8D32436323D9} -> Spyware.BookedSpace : Cleaned with backup
C:\Documents and Settings\Janine Heft\Cookies\janine
[email protected][2].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Janine Heft\Cookies\janine
[email protected][1].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\Janine Heft\Cookies\janine heft@bluestreak[1].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\Janine Heft\Cookies\janine
[email protected][2].txt -> Spyware.Cookie.Ru4 : Cleaned with backup
C:\Documents and Settings\Janine Heft\Cookies\janine
[email protected][2].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\Janine Heft\Cookies\janine heft@trafficmp[1].txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Janine Heft\Desktop\l2mfix\backup.zip/iqclass.dll -> Spyware.Look2Me : Cleaned with backup
C:\Documents and Settings\Janine Heft\Desktop\l2mfix\backup.zip/kddbu.dll -> Spyware.Look2Me : Cleaned with backup
C:\Documents and Settings\Janine Heft\Desktop\l2mfix\backup.zip/kkymgr.dll -> Spyware.Look2Me : Cleaned with backup
C:\Documents and Settings\Janine Heft\Desktop\l2mfix\backup.zip/kzdlv1.dll -> Spyware.Look2Me : Cleaned with backup
C:\Documents and Settings\Janine Heft\Desktop\l2mfix\backup.zip/putorec.dll -> Spyware.Look2Me : Cleaned with backup
C:\Documents and Settings\Janine Heft\Desktop\l2mfix\backup.zip/guard.tmp -> Spyware.Look2Me : Cleaned with backup
C:\Documents and Settings\Janine Heft\Local Settings\Temp\Cookies\janine
[email protected][2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Janine Heft\Local Settings\Temp\Cookies\janine heft@overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Janine Heft\Local Settings\Temp\Cookies\janine
[email protected][1].txt -> Spyware.Cookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Janine Heft\Local Settings\Temp\Cookies\janine heft@statcounter[2].txt -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Janine Heft\Local Settings\Temp\Cookies\janine heft@trafficmp[1].txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Janine Heft\Local Settings\Temp\Cookies\janine heft@tribalfusion[2].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Janine Heft\Local Settings\Temp\Cookies\janine
[email protected][1].txt -> Spyware.Cookie.Adserver : Cleaned with backup
C:\Documents and Settings\Karl Heft\My Documents\AON Files\Bush's immigration dilemma.htm -> Trojan.WindowBomb.a : Cleaned with backup
C:\Documents and Settings\Karl Heft\My Documents\Asia Times - Asia's most trusted news source for the Middle East.htm -> Spyware.BookedSpace : Cleaned with backup
C:\Documents and Settings\Karl Heft\My Documents\Karl\Asia Times Online - Neo-Cons vs Bush on China.htm -> Spyware.BookedSpace : Cleaned with backup
C:\Documents and Settings\Karl Heft\My Documents\Turkey back with the US.htm -> Spyware.BookedSpace : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@casalemedia[1].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\
[email protected][1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\
[email protected][1].txt -> Spyware.Cookie.Liveperson : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\
[email protected][1].txt -> Spyware.Cookie.Epilot : Cleaned with backup
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\C1AJK9GD\!update-2254[1].0000 -> TrojanDownloader.PurityScan.y : Cleaned with backup
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\R8XDI809\!update-2214[1].0000 -> TrojanDownloader.PurityScan.y : Cleaned with backup
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\R8XDI809\!update-2214[2].0000 -> TrojanDownloader.PurityScan.y : Cleaned with backup
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\ZROTU9EF\!update-2234[1].0000 -> TrojanDownloader.PurityScan.y : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\ezStub.exe.bak -> Adware.eZula : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@247realmedia[1].txt.bak -> Spyware.Cookie.247realmedia : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine
[email protected][1].txt.bak -> Spyware.Cookie.Specificpop : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@advertising[1].txt.bak -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@atdmt[1].txt.bak -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@atdmt[2].txt.bak -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@bfast[2].txt.bak -> Spyware.Cookie.Bfast : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@bluestreak[1].txt.bak -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@casalemedia[1].txt.bak -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@casalemedia[2].txt.bak -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@centrport[1].txt.bak -> Spyware.Cookie.Centrport : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@centrport[2].txt.bak -> Spyware.Cookie.Centrport : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine
[email protected][1].txt.bak -> Spyware.Cookie.Coremetrics : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@doubleclick[1].txt.bak -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine
[email protected][1].txt.bak -> Spyware.Cookie.Ru4 : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine
[email protected][2].txt.bak -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@fastclick[1].txt.bak -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@fastclick[2].txt.bak -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@hitbox[2].txt.bak -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@linksynergy[1].txt.bak -> Spyware.Cookie.Linksynergy : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@mediaplex[1].txt.bak -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine
[email protected][1].txt.bak -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@pro-market[2].txt.bak -> Spyware.Cookie.Pro-market : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@qksrv[1].txt.bak -> Spyware.Cookie.Qksrv : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@questionmarket[1].txt.bak -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine
[email protected][2].txt.bak -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@trafficmp[1].txt.bak -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@trafficmp[2].txt.bak -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine heft@valueclick[1].txt.bak -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine
[email protected][1].txt.bak -> Spyware.Cookie.Adserver : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\janine
[email protected][2].txt.bak -> Spyware.Cookie.Adserver : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl
[email protected][1].txt.bak -> Spyware.Cookie.Addynamix : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl
[email protected][1].txt.bak -> Spyware.Cookie.Specificpop : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl
[email protected][2].txt.bak -> Spyware.Cookie.Specificpop : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@advertising[1].txt.bak -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@advertising[2].txt.bak -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@atdmt[1].txt.bak -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@atdmt[2].txt.bak -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@bfast[2].txt.bak -> Spyware.Cookie.Bfast : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@bluestreak[1].txt.bak -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@bluestreak[2].txt.bak -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@casalemedia[2].txt.bak -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@centrport[1].txt.bak -> Spyware.Cookie.Centrport : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@centrport[2].txt.bak -> Spyware.Cookie.Centrport : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@clickagents[1].txt.bak -> Spyware.Cookie.Clickagents : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl
[email protected][2].txt.bak -> Spyware.Cookie.Hitslink : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl
[email protected][1].txt.bak -> Spyware.Cookie.Coremetrics : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl
[email protected][2].txt.bak -> Spyware.Cookie.Coremetrics : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@doubleclick[1].txt.bak -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@doubleclick[2].txt.bak -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl
[email protected][1].txt.bak -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl
[email protected][1].txt.bak -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl
[email protected][2].txt.bak -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@fastclick[1].txt.bak -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@fastclick[2].txt.bak -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@gator[1].txt.bak -> Spyware.Cookie.Gator : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl
[email protected][1].txt.bak -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@hitbox[2].txt.bak -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@linksynergy[2].txt.bak -> Spyware.Cookie.Linksynergy : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@mediaplex[1].txt.bak -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@qksrv[1].txt.bak -> Spyware.Cookie.Qksrv : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@questionmarket[1].txt.bak -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl
[email protected][1].txt.bak -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl
[email protected][2].txt.bak -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@specificpop[1].txt.bak -> Spyware.Cookie.Specificpop : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@targetnet[2].txt.bak -> Spyware.Cookie.Targetnet : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@trafficmp[1].txt.bak -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@trafficmp[2].txt.bak -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl heft@valueclick[2].txt.bak -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl
[email protected][1].txt.bak -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl
[email protected][1].txt.bak -> Spyware.Cookie.Adserver : Cleaned with backup
C:\Program Files\Enigma Software Group\SpyHunter\Backup\karl
[email protected][2].txt.bak -> Spyware.Cookie.Adserver : Cleaned with backup
C:\Program Files\eteaxx\blabla2.exe -> TrojanDownloader.PurityScan.y : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\janine
[email protected][1].txt.bak -> Spyware.Cookie.Addynamix : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\janine
[email protected][1].txt.bak -> Spyware.Cookie.Specificpop : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\janine heft@advertising[1].txt.bak -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\janine heft@atdmt[2].txt.bak -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\janine heft@bluestreak[1].txt.bak -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\janine heft@centrport[2].txt.bak -> Spyware.Cookie.Centrport : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\janine heft@clickagents[1].txt.bak -> Spyware.Cookie.Clickagents : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\janine
[email protected][2].txt.bak -> Spyware.Cookie.Coremetrics : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\janine heft@doubleclick[1].txt.bak -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\janine
[email protected][1].txt.bak -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\janine
[email protected][2].txt.bak -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\janine heft@hitbox[2].txt.bak -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\janine heft@mediaplex[1].txt.bak -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\janine
[email protected][1].txt.bak -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\janine heft@trafficmp[1].txt.bak -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\janine heft@valueclick[1].txt.bak -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@247realmedia[1].txt.bak -> Spyware.Cookie.247realmedia : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl
[email protected][1].txt.bak -> Spyware.Cookie.Addynamix : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl
[email protected][1].txt.bak -> Spyware.Cookie.Specificpop : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl
[email protected][2].txt.bak -> Spyware.Cookie.Specificpop : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@advertising[1].txt.bak -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@atdmt[1].txt.bak -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@atdmt[2].txt.bak -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@bfast[1].txt.bak -> Spyware.Cookie.Bfast : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@bluestreak[1].txt.bak -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@bluestreak[2].txt.bak -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@casalemedia[1].txt.bak -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@centrport[1].txt.bak -> Spyware.Cookie.Centrport : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@centrport[2].txt.bak -> Spyware.Cookie.Centrport : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@commission-junction[1].txt.bak -> Spyware.Cookie.Commission-junction : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl
[email protected][1].txt.bak -> Spyware.Cookie.Coremetrics : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@doubleclick[1].txt.bak -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl
[email protected][2].txt.bak -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl
[email protected][2].txt.bak -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl
[email protected][2].txt.bak -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@fastclick[1].txt.bak -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@fastclick[2].txt.bak -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@gator[1].txt.bak -> Spyware.Cookie.Gator : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl
[email protected][1].txt.bak -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@hitbox[1].txt.bak -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@hitbox[2].txt.bak -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@mediaplex[1].txt.bak -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@mediaplex[2].txt.bak -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl
[email protected][1].txt.bak -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@qksrv[1].txt.bak -> Spyware.Cookie.Qksrv : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@revenue[1].txt.bak -> Spyware.Cookie.Revenue : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl
[email protected][1].txt.bak -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl
[email protected][2].txt.bak -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@specificpop[1].txt.bak -> Spyware.Cookie.Specificpop : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@spylog[1].txt.bak -> Spyware.Cookie.Spylog : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@targetnet[1].txt.bak -> Spyware.Cookie.Targetnet : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@trafficmp[1].txt.bak -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@trafficmp[2].txt.bak -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl heft@valueclick[1].txt.bak -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Program Files\SpyHunter (new)\Backup\karl
[email protected][1].txt.bak -> Spyware.Cookie.Adserver : Cleaned with backup
C:\Program Files\Web Offer -> Adware.eZula : Cleaned with backup
C:\Program Files\Web Offer\apev.exe -> Adware.eZula : Cleaned with backup
C:\Program Files\Web Offer\basisp.dst -> Adware.eZula : Cleaned with backup
C:\Program Files\Web Offer\basisp.kwd -> Adware.eZula : Cleaned with backup
C:\Program Files\Web Offer\basisp.pu -> Adware.eZula : Cleaned with backup
C:\Program Files\Web Offer\basisp.rst -> Adware.eZula : Cleaned with backup
C:\Program Files\Web Offer\CHPON.dll -> Adware.eZula : Cleaned with backup
C:\Program Files\Web Offer\eapbh.dll -> Adware.eZula : Cleaned with backup
C:\Program Files\Web Offer\f3ez.htm -> Adware.eZula : Cleaned with backup
C:\Program Files\Web Offer\gendis.ez -> Adware.eZula : Cleaned with backup
C:\Program Files\Web Offer\INSTALL.LOG -> Adware.eZula : Cleaned with backup
C:\Program Files\Web Offer\paramp.ez -> Adware.eZula : Cleaned with backup
C:\Program Files\Web Offer\rwdsp.rst -> Adware.eZula : Cleaned with backup
C:\Program Files\Web Offer\UNWISE.EXE -> Adware.eZula : Cleaned with backup
C:\Program Files\Web Offer\upgradep.vrn -> Adware.eZula : Cleaned with backup
C:\Program Files\Web Offer\versionp.vrn -> Adware.eZula : Cleaned with backup
C:\Program Files\Web Offer\wndbannnp.src -> Adware.eZula : Cleaned with backup
C:\Program Files\Web Offer\wo.exe -> Adware.eZula : Cleaned with backup
C:\WINDOWS\cfgmgr52\EECH1.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\cfgmgr52\SPZ3.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\cfgmgr52.dll -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\ActiveX.ocx -> Spyware.Look2Me : Cleaned with backup
C:\WINDOWS\etb\nt_hide62.dll -> Spyware.EliteBar : Cleaned with backup
C:\WINDOWS\etb\pokapoka62.exe -> Spyware.EliteBar : Cleaned with backup
C:\WINDOWS\etb\xud_62.dll -> Spyware.EliteBar : Cleaned with backup
C:\WINDOWS\khsrhgyo.exe -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\NDNuninstall5_20.exe -> Spyware.NewDotNet : Cleaned with backup
C:\WINDOWS\NDNuninstall6_22.exe -> Spyware.NewDotNet : Cleaned with backup
C:\WINDOWS\ru.exe -> Spyware.PurityScan : Cleaned with backup
C:\WINDOWS\system\UpdInst.exe -> Spyware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\dpcpxieo.dll -> Spyware.SafeSurfing : Cleaned with backup
C:\WINDOWS\system32\ezPopStub.exe -> Adware.eZula : Cleaned with backup
C:\WINDOWS\system32\ftqnjf.exe -> Spyware.Adstart : Cleaned with backup
C:\WINDOWS\system32\nsq17CB.dll -> Spyware.HotSearchBar : Cleaned with backup
C:\WINDOWS\system32\thin-94-1-x-x.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\Temp\Cookies\janine
[email protected][1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\WINDOWS\Temp\Cookies\janine
[email protected][2].txt -> Spyware.Cookie.Addynamix : Cleaned with backup
C:\WINDOWS\Temp\Cookies\janine heft@revenue[1].txt -> Spyware.Cookie.Revenue : Cleaned with backup
::Report End
Here is the new HijackThis log:
Logfile of HijackThis v1.99.1
Scan saved at 1:41:23 PM, on 8/9/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\System32\PackethSvc.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\SmFuaW5lIEhlZnQA\command.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\PROGRA~1\Iomega\System32\ActivityDisk.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\Navnt\navapsvc.exe
C:\PROGRA~1\Navnt\npssvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\Enigma Software Group\SpyHunter\PopupBlocker\EnigmaPopupStop.exe
C:\PROGRAM FILES\DELL\DELL LASER MFP 1600N\PSU\ScanToPc.exe
C:\Program Files\Qurb\QSP-2.1.213.3\QOELoader.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Plaxo\2.1.0.80\InstallStub.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Navnt\alertsvc.exe
C:\Program Files\eFax Messenger 3.5\J2GDllCmd.exe
C:\Program Files\eFax Messenger 3.5\J2GTray.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Navnt\navapw32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINPOINT\Winpoint.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.cox.netR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Cox High Speed Internet
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [EnigmaPopupStop] C:\Program Files\Enigma Software Group\SpyHunter\PopupBlocker\EnigmaPopupStop.exe
O4 - HKLM\..\Run: [P3000x_S2P] C:\PROGRAM FILES\DELL\DELL LASER MFP 1600N\PSU\ScanToPc.exe
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\Qurb\QSP-2.1.213.3\QOELoader.exe"
O4 - HKLM\..\Run: [Norton Program Scheduler Event Checker] C:\PROGRA~1\Navnt\npscheck.exe
O4 - HKLM\..\Run: [Olympic] C:\Documents and Settings\Janine Heft\Application Data\sgrunt\IE4321.exe
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinFixer 2005] C:\Program Files\WinFixer 2005\wfx5.exe
O4 - HKLM\..\Run: [ttupt] C:\WINDOWS\ttupt.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.1.0.80\InstallStub.exe -a
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [eZWO] C:\PROGRA~1\Web Offer\wo.exe
O4 - Global Startup: CorrectConnect.lnk = C:\Program Files\CConnect\CConnect.exe
O4 - Global Startup: eFax DllCmd 3.5.lnk = C:\Program Files\eFax Messenger 3.5\J2GDllCmd.exe
O4 - Global Startup: eFax Tray Menu 3.5.lnk = C:\Program Files\eFax Messenger 3.5\J2GTray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton AntiVirus AutoProtect.lnk = C:\Program Files\Navnt\navapw32.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.cox.net
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall60.t...all/xscan60.cabO16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) -
http://www.alternati.../00/alttiff.cabO16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) -
http://www.ipix.com/viewers/ipixx.cabO16 - DPF: {4208FB4D-4E53-4F5A-BF7A-3E047DDB5281} (ActiveX Control) -
http://www.icannnews.../ST/ActiveX.ocxO16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -
http://207.188.7.150...tzip/RdxIE2.cabO16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai...all/xscan53.cabO16 - DPF: {886DDE35-E585-11D0-A707-000000521958} -
http://69.56.176.76/webplugin.cabO16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} -
http://www.napster.c...ient/isetup.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://www.pandasoft.../as5/asinst.cabO16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) -
O16 - DPF: {DF05D910-DC8E-403A-93B0-5C866F3200D1} (PtClickLoan Control) -
https://www.clickloa...PtClickLoan.cabO16 - DPF: {FD5A684E-B2FE-4039-9068-48CF8B740E14} (LOSInterface.LOSIface) -
https://www.novastar...OSInterface.CABO16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) -
http://pdl.stream.ao.../ampx_en_dl.cabO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\SmFuaW5lIEhlZnQA\command.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Iomega Activity Disk2 - Iomega Corporation - C:\PROGRA~1\Iomega\System32\ActivityDisk.exe
O23 - Service: NAV Alert - Symantec Corporation - C:\PROGRA~1\Navnt\alertsvc.exe
O23 - Service: NAV Auto-Protect - Symantec Corporation - C:\PROGRA~1\Navnt\navapsvc.exe
O23 - Service: Norton Program Scheduler - Symantec Corporation - C:\PROGRA~1\Navnt\npssvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\System32\PackethSvc.exe